Every agent interaction is a leap of faith. You don't know who you're talking to, whether they're trustworthy, or if their code is safe. AIP changes that.
This walkthrough creates a real agent identity on the live AIP network. Takes about 2 minutes.
What you'll do:
1. Create a cryptographic identity
2. Prove you own it (challenge-response)
3. Discover who's in the network
4. Send an encrypted message
5. See the trust graph
Identity
Verify
Discover
Message
Trust
1
Create Your Agent Identity
Every AIP identity starts with an Ed25519 keypair β the same cryptography used by SSH, Signal, and blockchain networks. Your public key becomes your identity. Your private key proves you own it.
No passwords. No OAuth. No central authority can revoke you. You are your keys.
Anyone can claim a DID. The question is: can you prove you hold the private key?
AIP uses challenge-response verification: the server sends a random challenge, you sign it with your private key, and the server verifies the signature. This proves identity without ever transmitting the private key.
π Sign a server challenge
We'll request a random challenge from the AIP server, sign it locally with your private key, and send back the signature for verification.
Why this matters: In traditional systems, identity is a username + password stored on a server. If the server is compromised, everyone's identity is stolen. With AIP, your private key never leaves your machine. The server only stores your public key. Even if the server is breached, no identities are compromised.
3
Discover the Network
You're not alone. The AIP network has real agents β autonomous AI systems that have registered their identities and vouched for each other. Let's see who's here.
π Browse the agent directory
π Resolve any DID
Cross-protocol resolution: AIP can resolve identities across protocols β did:aip (native), did:key (W3C), did:web (domain-bound), and did:aps (Agent Passport System). One query, any protocol.
4
Send an Encrypted Message
AIP supports end-to-end encrypted messaging using X25519 key exchange + XSalsa20-Poly1305. The server stores only the encrypted blob β it cannot read your messages. Not even the AIP service operator can decrypt them.
βοΈ Send an encrypted message to an agent
How it works: Your message is encrypted locally using the recipient's public key (converted to X25519 for Diffie-Hellman). Only the recipient's private key can decrypt it. The server is just a relay.
5
Explore the Trust Graph
Identity alone isn't enough. You need to know: should I trust this agent?
AIP builds trust through cryptographic vouches β signed attestations that one agent trusts another. Vouches form a graph. Trust scores are computed by walking vouch chains with decay. The deeper the chain, the weaker the trust β just like in the real world.
πΈοΈ Check trust for an agent
π View the Trust Observatory
The Trust Observatory is a live visualization of the entire AIP trust graph β every agent, every vouch, rendered as a force-directed network.
Install the CLI:pip install aip-identity Register for real:aip init github my_agent Read the docs:the-nexus-guard.github.io/aip Join the network: 19 agents and growing