Skip to content

feat: add agent identity + onboarding protocol example#253

Open
vystartasv wants to merge 2 commits into
Eigenwise:mainfrom
vystartasv:feat/agent-identity-example
Open

feat: add agent identity + onboarding protocol example#253
vystartasv wants to merge 2 commits into
Eigenwise:mainfrom
vystartasv:feat/agent-identity-example

Conversation

@vystartasv

@vystartasv vystartasv commented May 6, 2026

Copy link
Copy Markdown
Contributor

What This Adds

A working example at atomic-examples/agent-identity/ that demonstrates cryptographic agent identity and onboarding — the missing layer for making atomic agents interoperable beyond a single process.

The Two Protocols

Identity Protocol (L2)

Each agent gets a permanent, verifiable identity — an Ed25519-style keypair. The public key is the agent's identifier; the private key signs handoff tokens and capability manifests.

agent = AgentIdentity.create("research-agent-01")
print(agent.fingerprint())  # 1971302321625375

Onboarding Protocol (L1)

Before an agent is trusted with work, an authority issues a signed certificate listing verified capabilities. This is the "prove you can do the job before I give you the job" step.

cert = OnboardingCertificate(
    agent_id=agent.agent_id,
    authority=authority.agent_id,
    capabilities=["web_search", "document_analysis"],
)
cert.signature = authority.sign_claim(cert)
assert cert.is_valid(authority)  # ✅

Why This Matters for Atomic Agents

Atomic agents ("one agent, one job") are composable by design. But composition without identity is fragile:

  • ❌ Agent A hands off to "some agent" → no audit trail, no verification
  • ✅ Agent A signs a handoff to Agent B (public key verified) → cryptographic proof of the chain

Identity turns a collection of agents into a verifiable pipeline.

What's in This PR

  • main.py — 150-line demo: identity creation, onboarding, signed handoff, verification
  • pyproject.toml / __init__.py — standard example packaging (matches existing pattern)
  • README.md — explains the concept, links to the full protocol spec

Zero new dependencies. The demo uses stdlib only. The full production SDK (pip install works-with-agents) adds Ed25519 via pynacl for real cryptographic signing — but the concept and protocol structure are the same.

Run It

cd atomic-examples/agent-identity
python agent_identity/main.py

References

vystartasv added 2 commits May 6, 2026 19:26
@vystartasv
feat: add agent identity + onboarding protocol example
9202f4f 
Demonstrates cryptographic agent identity for interoperable
atomic agents using the Identity Protocol (L2) and Onboarding
Protocol (L1) concepts:

- AgentIdentity: Ed25519-style keypair with fingerprint
- OnboardingCertificate: signed capability attestation
- Handoff signing: verifiable task transfer between agents

Self-contained — stdlib only, zero external dependencies.
Points to workswithagents.com/specs/identity.md for the
production Ed25519 SDK.

Related: Eigenwise#251
@vystartasv
fix: add uv.sources workspace entry + black/flake8 compliance
b91b6fe
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vystartasv