Creduent is an open application-layer protocol for cryptographic identity and trust verification of autonomous AI agents. It lets any AI agent publish a signed identity document (agent.json) and get that identity independently verified and attested by a registry. It is originated and stewarded by IDevSec.

What problem does Creduent solve?

When an AI agent contacts another agent or service, there is no standard way to answer: Who is this agent, who controls it, and can I trust its declared capabilities? Creduent provides that answer using cryptographic signatures (Ed25519) and DNS-based domain binding, without requiring a central authority.

Is Creduent open source?

Yes. Creduent is an open protocol. The specification documents (CREDUENT-001 through CREDUENT-005) are free to implement under Apache 2.0. Anyone can run a Creduent-compatible registry. The reference registry at creduent.idevsec.com is one implementation, not the only one.

What cryptographic algorithm does Creduent use?

Creduent uses Ed25519 for signing. Documents are canonicalized before signing using RFC 8785 (JSON Canonicalization Scheme, JCS). Ed25519 was chosen for its short keys (32 bytes), short signatures (64 bytes), speed, and elimination of parameter-choice vulnerabilities present in RSA and ECDSA.

Does Creduent replace TLS or OAuth?

No. Creduent operates above the existing web stack. It uses HTTPS for transport and focuses specifically on agent-level identity and capability attestation, not session authentication or authorization. Think of it as the equivalent of robots.txt for agent identity, with cryptographic verification added.

What is the agent:// URI scheme?

The agent:// URI scheme provides globally unique identifiers for AI agents in the format agent://namespace/agent-name. For example: agent://example/mybot. The namespace corresponds to the organization or domain. The Creduent resolver at creduent.idevsec.com/resolver translates these URIs to their metadata payloads.

How do I install the Creduent SDK?

For Python: pip install creduent (requires Python 3.9+). For JavaScript/TypeScript: npm install @idevsec/creduent (requires Node.js 18+). For the CLI tool: npm install -g @idevsec/creduent-cli.

Does Creduent integrate with agent frameworks?

Yes. Creduent offers native integrations and helper modules for major agentic frameworks out-of-the-box: CrewAI, LangGraph, and AutoGen in Python; and Vercel AI SDK and LangGraph JS in JavaScript/TypeScript.

What happens if the Creduent registry is offline?

The system degrades gracefully. If the registry is unreachable, the MCP verify_agent tool returns self_verified: true (if the agent's own Ed25519 signature is valid), creduent_attested: false, and attestation_level: 'registry_offline'. Self-signed cryptographic verification continues without central registry connectivity.

Can I run my own Creduent registry?

Yes. The registry API specification is defined in CREDUENT-003. Any server implementing those endpoints is a Creduent-compatible registry. The reference implementation source code is open-source at github.com/idevsec/creduent.

OPEN PROTOCOL // AGENT IDENTITY STANDARD

Creduent.

An open standard for AI agent identity and trust. Originated and stewarded by IDevSec. Anyone can implement it. creduent.idevsec.com is the official reference registry.

PROTOCOL SPECIFICATION INSTALL IDENTABAR VIEW DOCUMENTATION VIEW FAQ EXPLORE REGISTRY

TRUST

THE IDENTITY PROBLEM

Why AI Agents Need an
Open Trust Layer.

As autonomous AI agents scale and execute code, make API calls, and transfer assets on behalf of organizations, they operate in a trust vacuum.

There is no standard way to answer: *Who is running this agent? Is it verified? And does it have the permissions it claims to hold?*

Creduent solves this by defining a protocol-level, cryptographic agent identity standard that is vendor-neutral, fully decentralized, and easy to deploy.

Cryptographic Identity

Every agent holds a verified keypair. Identities are signed and verified cryptographically using standard Ed25519 signatures, preventing impersonation.

Domain Ownership Binding

Agents are bound to internet domains via DNS TXT records. This links digital agents directly to accountable real-world companies and developers.

Signed Attestation Registry

Agents query and submit capabilities through signed assertions. The reference registry resolves and audits these capabilities in real-time.

SPECIFICATION // STACK

Protocol Architecture

CREDUENT-001

agent.json Schema

A standardized structure defining the agent's identity, public key, declared capabilities, and signatures.

SPECS:

Ed25519 key signing

JCS canonicalization

Metadata payload spec

Cryptographic proof block

CREDUENT-004

DNS TXT Verification

Delegation and validation of agent identity using existing DNS records to bind public keys to domains.

SPECS:

creduent-verify record

RFC-compliant query

Domain correlation

Anti-spoofing mechanism

CREDUENT-002

Attestation Registrynorth_east

A globally queryable database of signed statements verifying what an agent is allowed to execute.

SPECS:

Signed attestations

Public auditing logs

Crl/Revocation checks

REST / GraphQL APIs

CREDUENT-004

agent:// Resolutionnorth_east

A custom scheme allowing agents to reference and resolve identities dynamically without hardcoded hostnames.

SPECS:

Protocol URI scheme

Decentralized resolution

Zero host coupling

Fast path caching

CREDUENT-003

Registry Explorernorth_east

An interactive global explorer to inspect, verify, search, and audit registered agent attestation states publicly.

SPECS:

Active search index

Agent verification audits

Attestation log stream

Security advisory tags

IMPLEMENTATION

SDK & Tooling
Quickstart.

Creduent is built to be integrated in minutes. We maintain reference SDKs for Python and JavaScript, alongside a highly capable command-line utility.

example.py

from creduent import generate_keys, sign, verify, register, attest

# 1. Generate a secure Ed25519 keypair for your agent
private_key_pem, public_key_str = generate_keys()

# 2. Sign your agent.json metadata document
draft_metadata = {
    "version": "1.0",
    "agent_id": "agent://yourorg/youragent",
    "owner": "Your Organization",
    "public_key": public_key_str,
    "endpoint": "https://yourdomain.com/agent",
    "capabilities": ["task_execution", "file_read"]
}
signed_metadata = sign(draft_metadata, private_key_pem)

# 3. Verify the signed document locally
result = verify(signed_metadata)
if result.valid:
    print("Local cryptographic signature is valid.")

# 4. Register with the global registry (requires DNS TXT record set)
reg_result = register(
    agent_id="agent://yourorg/youragent",
    domain="yourdomain.com",
    agent_json_url="https://yourdomain.com/.well-known/agent.json"
)
if reg_result.success:
    print(f"Registered on network. Level: {reg_result.attestation['level']}")

Licensed under the open-source Apache License, Version 2.0. Permitted for both non-commercial and commercial application development. See Licensing.

INTERACTIVE CONSOLE

Attestation Sandbox

Configuration Settings

[ protocol version ]

[ agent_id ]

[ owner / organization ]

[ domain ]

[ capabilities (comma separated) ]

[ verification level ]

Verification State:secured

{
  "version": "1.0",
  "issued_at": "2026-06-13T08:00:00Z",
  "agent_id": "agent://yourorg/youragent",
  "owner": "Your Organization",
  "public_key": "ed25519:hArTvbITJ2jirL170IOSjcVvEvstC4s+RjYLu4chCwg=",
  "endpoint": "https://yourdomain.com/agent",
  "capabilities": [
    "task_execution",
    "file_read"
  ],
  "signature": "8mjdFZgUGjKURBNR0hV3pa6ky+7HS8ewbdvxOT2eK+jS2b7equFdu8mfNcHS0T7BWGuJA7RQ234IrZoB5OtB="
}

VERIFIABLE OPERATIONS

Ecosystem & Tooling Integrations

[ INTEGRATION_01 ]

MCP Server Integration

verify_agent Tool

Allows Claude, ChatGPT, or custom desktop agents to dynamically query creduent.idevsec.com and resolve keypairs and domains before executing tool calls.

[ INTEGRATION_02 ]

GitHub Actions

creduent-attest Action

Automates agent certificate/attestation issuing at CI/CD runtime, sealing deployments with cryptographic audit trails from origin commits.

[ INTEGRATION_03 ]

Auto-Renewal Daemon

creduentd Background agent

A lightweight service that runs locally in deployment clusters, updating and re-attesting DNS records and key rotations 7 days prior to expiry.

[ INTEGRATION_04 ]

Webhook Attestations

Real-time verification notifications

Enables host networks to receive push events whenever a registered agent starts communication or triggers high-value operations.

[ INTEGRATION_05 ]

SSRF Protection Shield

Safe HTTP Client

The resolver implements active SSRF protections: dynamically checking and blocking requests to RFC 1918 private IP ranges, loopback addresses, and link-local ranges.

[ INTEGRATION_06 ]

Graceful Offline Degradation

Local Self-Verification

If creduent.idevsec.com is offline, clients degrade gracefully. Self-signed cryptographic validation continues locally without requiring central network connectivity.

[ INTEGRATION_07 ]

IdentaBar Integration

Browser & VS Code Extensions

Perform live attestation checks on web domains via the Manifest V3 browser extension, or audit and verify agent.json files directly in your IDE with the VS Code extension.

THE DEVELOPMENT LOG

Protocol Roadmap

PHASE 01

FOUNDATION

COMPLETED

Core agent:// specification, Ed25519 key signing standard, and basic JCS serialization specification.

PHASE 02

ECOSYSTEM

COMPLETED

Reference Python & Node.js SDKs, official CLI, GitHub Actions, and reference creduent.idevsec.com launch.

PHASE 03

SCALE

COMPLETED

Direct integration with major frameworks (CrewAI, LangGraph, AutoGen in Python; Vercel AI SDK, LangGraph in JS), CLI v2 with renew, webhook, and discovery commands, native Ed25519 JS SDK, and multi-key support.

PHASE 04

EXPANSION & HARDENING

CURRENT

More framework integrations (LlamaIndex, LangChain, Semantic Kernel), Creduent Playground sandbox, Key Revocation & Cache Tuning, Short-Lived Attestation Windows, DNS-Based Emergency Recovery Flow, Multisig Admin Quorum, HMAC Webhook Signatures, Schema Decoupling (v2.0), DID Interoperability, and Formal Security Audit.Read Draft Specificationarrow_forward

PHASE 05

DELEGATION & GATEWAYS

UPCOMING

Creduent Delegation Token (CDT) specification (CREDUENT-006), SDK cryptographic delegation verification, zero-trust gateway integration, federated attestation, cross-registry trust, formal RFC, enterprise private registry, and IANA registration.

PHASE 06

INFRASTRUCTURE

UPCOMING

Cyber Insurance Compliance Standard validation, community stewardship, enterprise AI procurement checklist integration, LLM provider documentation reference, and cross-chain attestation bridges.

CURRENT STANDARDS

Trust Signals & Specifications

PROTOCOL SPEC

v1.1.0

Active RFC draft

PYTHON SDK

v0.5.1

Tested on Py 3.10+

JS/TS SDK

v0.1.4

Node 18 & Bun support

CREDUENT CLI

v0.1.4

npm global package

IDENTABAR CLIENT

v1.0.0

Browser Extension

REFERENCE REGISTRY

ACTIVE

creduent.idevsec.com

OPEN COOPERATION

How does Creduent
Verify Trust?

Open standard stewarded by IDevSec.
Licensed under the open-source Apache License, Version 2.0. See Licensing for details.

VIEW DOCUMENTATION

ACCESS REGISTRY

> Read Protocol Specification|> View Licensing specifications|> View Frequently Asked Questions

CREDUENT

Creduent.

Why AI Agents Need an Open Trust Layer.

Cryptographic Identity

Domain Ownership Binding

Signed Attestation Registry

Protocol Architecture

agent.json Schema

DNS TXT Verification

Attestation Registrynorth_east

agent:// Resolutionnorth_east

Registry Explorernorth_east

SDK & Tooling Quickstart.

Attestation Sandbox

Ecosystem & Tooling Integrations

MCP Server Integration

GitHub Actions

Auto-Renewal Daemon

Webhook Attestations

SSRF Protection Shield

Graceful Offline Degradation

IdentaBar Integration

Protocol Roadmap

FOUNDATION

ECOSYSTEM

SCALE

EXPANSION & HARDENING

DELEGATION & GATEWAYS

INFRASTRUCTURE

Trust Signals & Specifications

How does Creduent Verify Trust?

Why AI Agents Need an
Open Trust Layer.

SDK & Tooling
Quickstart.

How does Creduent
Verify Trust?