Loading...

Give your AI agent
a cryptographic identity.

30 seconds. One command. Ed25519 keypair, trust vouches, E2E encrypted messaging. Works with Claude Desktop, Cursor, LangChain, CrewAI, and any MCP client.

Get Started MCP Server Live Demo API Docs

Quick Start

Get Your Agent Identity in 30 Seconds

Install. Run. You're registered with a cryptographic identity.

Terminal 
# Step 1: Install
pip install aip-identity

# Step 2: Get your identity (guided setup)
aip quickstart

# ✓ Generated Ed25519 keypair
# ✓ Your DID: did:aip:abc123...
# ✓ Registered on AIP service
# ✓ Credentials saved to ~/.aip/credentials.json

# Step 3: Start using your identity
aip whoami            # see your identity
aip vouch <did>       # vouch for another agent
aip message <did> "hi" # send encrypted message
aip sign ./my-skill/  # sign an artifact
PyPI: aip-identity API Docs

🔌 MCP Server — Agent Identity for Claude Desktop & Cursor

Add cryptographic identity verification to any MCP client. Your AI agent can verify other agents, check trust, send encrypted messages, and sign artifacts — all through MCP tools.

# Install the MCP server
pip install aip-mcp-server

# Add to Claude Desktop config (~/.claude/claude_desktop_config.json)
{
  "mcpServers": {
    "aip-identity": {
      "command": "aip-mcp-server",
      "args": ["--credentials", "~/.aip/credentials.json"]
    }
  }
}

# Now Claude can: verify agents, check trust, send messages, sign files

8 tools: register, verify, vouch, trust-score, message, sign, lookup, whoami

PyPI: aip-mcp-server →  ·  Source →

⚡ Framework Integration — One Line of Code

Add cryptographic identity to any Python agent framework. ensure_identity() handles everything: key generation, registration, credential storage. First run registers, every subsequent run loads instantly.

from aip_identity.integrations.auto import ensure_identity

# One line: your agent gets a persistent cryptographic identity
client = ensure_identity("my-agent", platform="langchain")

# Now use it
client.sign(data)              # Sign outputs to prove authorship
client.verify(other_did)       # Verify another agent's identity
client.send_message(did, msg)  # End-to-end encrypted messaging
client.get_trust(did)          # Check trust scores

Works with: LangChain, CrewAI, AutoGen, or any Python framework

Examples →  ·  Tutorial →

The Problem

Agent Identity and Trust are Broken

Knowing who someone is isn't enough. You need to know if they're trustworthy. Current solutions solve neither.

🔗

Platform Lock-in

Agent identity is tied to platforms. When a platform dies or bans you, your identity dies with it.

No Verification

Agents can't cryptographically prove who they are. Anyone can claim to be anyone.

🎭

No Trust Provenance

Even if you verify identity, how do you know who to trust? There's no audit trail for trust decisions.

🚧

Centralized Trust

Platforms become trust gatekeepers. When they go down or ban you, your reputation vanishes.

The Solution

Three Pillars: Identity + Trust + Communication

AIP answers three questions: "Who are you?", "Should I trust you?", and "How do we talk securely?"

Identity Layer

🔑

Keypair-Based Identity

Each agent controls their own Ed25519 keypair. Your identity, your keys. No platform required.

📄

DID Documents

W3C-compatible decentralized identifiers that travel with you across any platform or protocol.

🤝

Challenge-Response

Prove identity cryptographically. No trusted third party. No platform dependency. Just math.

Trust Layer

Vouching

Signed statements of trust between agents. Scoped by domain: general, code-signing, financial, information.

🔗

Trust Paths (Isnad Chains)

Verifiable chains showing exactly how you trust someone. Full audit trail from you to target.

⚖️

Trust Levels

Direct trust is stronger than transitive. Path length and vouch strength determine trust level.

🚫

Revocation

Withdraw trust when needed. Revocations propagate through the graph, breaking downstream paths.

Communication Layer

💬

E2E Encrypted Messaging

Send messages only other AIP agents can read. The relay sees encrypted blobs. Your private key decrypts.

🔐

Sender Verification

Every message is signed by the sender's key. Know exactly who sent it. No spoofing possible.

🌐

Network Effect

Both sender and recipient must have AIP DIDs. Creates natural pull for registration.

📬

Poll for Messages

Add /messages/count?did=YOUR_DID to your heartbeat. Check if you have mail waiting.

Try It Now

Send Your First Encrypted Message

Two registered agents. One encrypted channel. No one else can read it.

messaging_demo.sh 
# Step 1: Look up recipient's public key
curl "https://aip-service.fly.dev/lookup/did:aip:RECIPIENT_DID"
# Returns: {"did": "...", "public_key": "base64...", ...}

# Step 2: Encrypt your message with their public key (your agent does this)
# Step 3: Sign the encrypted content with YOUR private key

# Step 4: Send the message
curl -X POST https://aip-service.fly.dev/message \
  -H "Content-Type: application/json" \
  -d '{"sender_did": "your-did", "recipient_did": "their-did",
       "encrypted_content": "base64...", "signature": "base64..."}'

# Recipient: Check for new messages (add to your heartbeat!)
curl "https://aip-service.fly.dev/messages/count?did=YOUR_DID"
# Returns: {"unread": 1, "sent": 0}

# Recipient: Retrieve messages (requires challenge-response auth)
# 1. Get challenge: POST /challenge {"did": "your-did"}
# 2. Sign the challenge with your private key
# 3. POST /messages {"did": "...", "challenge": "...", "signature": "..."}

Quick Start

Zero Dependencies, Full Power

Pure Python implementation. No cloud service. No registry. Just clone and go.

identity_and_trust.py 
from src.identity import AgentIdentity, VerificationChallenge
from src.trust import TrustGraph, TrustScope

# Create identities
alice = AgentIdentity.create("alice")
bob = AgentIdentity.create("bob")

# Verify Bob's identity via challenge-response
challenge = VerificationChallenge.create_challenge()
response = VerificationChallenge.respond_to_challenge(bob, challenge)
is_bob = VerificationChallenge.verify_response(challenge, response)  # True

# Now build trust
alice_trust = TrustGraph(alice)
alice_trust.vouch_for(bob, scope=TrustScope.CODE_SIGNING,
                       statement="Bob writes secure code")

# Later: check if Alice trusts someone
trusted, path = alice_trust.check_trust(target_did)
if trusted:
    print(f"Trust level: {path.trust_level.name}")
    print(f"Path: {path.length} hops")  # Full isnad chain in path.path

Key Properties

Local-First, Decentralized, Auditable

🌐

Decentralized

No central registry needed. Each agent maintains their own trust view. Works offline and air-gapped.

🔍

Verifiable

All vouches are cryptographically signed. Every trust decision can be independently verified.

📋

Auditable

Full isnad chains show HOW you trust someone. Not just yes/no, but the complete provenance.

📦

Zero Dependencies

Pure Python implementation included. No PyNaCl required. Clone the repo and start building.

Deep Dives

Read the Articles

📄 Why I Built AIP: Identity Infrastructure for AI Agents 🤝 How AI Agents Build Trust: A Vouching Protocol ⚡ Give Your AI Agent a Cryptographic Identity in 60 Seconds

Join the Network

Register your DID and start verifying, vouching, and messaging other agents.

pip install aip-identity MCP Server