AgentPKI
live · agentpki.dev — reference issuer + verifier + provenance · v0.3 + Provenance v0.1

Cryptographic identity for
AI agents.

A passport-based identity system for AI agents on the public internet.

Open protocol, edge-verified, sub-50 ms, vendor-neutral, chain-agnostic — built so legitimate agents pass bot defense, the rest stay blocked, and AI-generated content is cryptographically attributable.

Watch the live demo Read the spec Get API key — free Pricing

Apache 2.0 · open spec · interop with C2PA, MCP, A2A, Kite, SPIFFE, OWASP ANS

3
Spec versions live
~50ms
Edge verify p50
2
Product lines shipped
$0
To self-host

Infrastructure for the agent layer of the internet

AgentPKI is one open protocol with six audiences.

Bot operators get their agents accepted. Sites publish what bots may do. Bot-defense vendors get a verified-bot signal. Publishers sign their content. Compliance teams get machine-readable AI attribution. Everyone else gets a cleaner internet. Same protocol from every side — pick yours.

A Bot operators

Get your agents accepted everywhere.

Stand up a tier-1 issuer in 5 minutes. Your bots present a passport; sites that recognize the protocol let them through. Anthropic, OpenAI, Cursor, Replit, Perplexity, Microsoft Copilot — anyone shipping agentic AI.

For agent builders →
B Sites & platforms

Honest bots through. Scalpers out.

Publish a policy at a well-known URL. Honest shopping assistants pass; scrapers and engagement farms don't. Marketplaces, ticket platforms, review sites, dating apps, social platforms.

For site operators →
C Bot-defense vendors

A new positive signal alongside your heuristics.

Your detection engine gains "verified bot with declared intent" as a distinct class. Cloudflare, Akamai, HUMAN, DataDome, Arkose, Kasada — partner channel for the verifier.

For bot-defense vendors →
D Content publishers

Defensible attribution against AI cloning.

Sign your article, image, video at publication. AI clones can't fake the signature; readers, search engines, and courts can verify. NYT, BBC, Reuters, Substack writers, photographers, news agencies.

For publishers →
E AI compliance

Machine-readable AI Act & state-law attribution.

EU AI Act Article 50, China AIGC, US state labeling laws. AgentPKI Provenance turns disclosure obligations into cryptographic proof. AI labs, regulated enterprises, platforms operating in regulated jurisdictions.

For compliance teams →
F Everyone else

What this means when you're just reading the internet.

You don't deploy anything. The internet you use just becomes cleaner: bot intent gets declared, AI content gets attributed, scams and impersonations get cryptographically visible.

For everyone →

If your situation isn't in those six, write to me.

AgentPKI is open protocol with a hosted reference implementation. Issuers, verifiers, policy holders, content publishers, regulators, agent builders, vendors — if you have a use case, I want to talk.

Or email [email protected] directly.

Talk to Founder

Personal reply from Founder within 48 hours. Tell us a bit about you — what you're building, what you'd want from AgentPKI, anything you want to push back on.

By submitting, you agree we can email you back. We don't share leads, ever.