Agentic Trust

Foundation for agentic trust packages - Core SDK and applications

A modern, extensible monorepo for building trustworthy autonomous agent systems.This project provides the infrastructure and primitives needed to create, manage, and trust AI agents.

A2A agent descriptor endpoint: /.well-known/agent.json (replaces agent-card.json).

Agent Trust Graph Principles

• On-chain, verifiable reputation: Agents, validators, and reviewers are connected through the ERC-8004 Validation Registry; every validation and feedback event is a signed, on-chain artifact.
• Trust Graph = Validator ↔ Agent ↔ Reviewer: Reputation propagates along these edges; no opaque scores—everything is queryable and composable.
• Economic enforcement: Stake-secured validations, slashing, and leaderboards keep signals honest; vertical pools align incentives for specialized validators (DeFi, healthcare, legal, security, supply-chain).
• Relational verifiable credentials: Capabilities and attestations travel with agents; selective disclosure and delegation flows support enterprise-grade handshakes.
• Delegation + smart accounts: MetaMask/AA-compatible delegation lets organizations grant and revoke authority with auditability.
• Data network effects: The richest validation graph becomes the moat—more validated interactions create higher-fidelity trust scores that are hard to replicate.

Why now: Agent Trust Graphs live on ERC-8004

The first public “Agent Trust Graphs” for ERC-8004 agents are live, letting anyone visualize validator ↔ agent ↔ reviewer relationships with real on-chain reputation scores, as reported by AI News (Dec 7, 2025) [article]. We extend that model with:

• Gamified validator pools: vertical-specific staking, slashing, and leaderboards that reward high-signal validators and surface trust quickly.
• Relational VCs + delegation: validators and reviewers issue verifiable credentials that flow with the agent; enterprises can delegate authority via smart accounts with revocation and audit trails.
• Explorer-first UX: every edge in the graph is inspectable—request/response URIs, tags, validators, blocks, and timestamps are visible to builders and reviewers.

Agentic Trust Capabilities

Agentic Trust Identity

Agentic Trust Library

agentic-trust/
├── packages/
│   ├── core/              # Core SDK - AgenticTrustClient, singletons, A2A protocol
│   ├── erc8004-agentic-trust-sdk/  # ERC-8004 SDK integration
│   └── erc8004-sdk/       # ERC-8004 SDK adapters
├── apps/
│   ├── web/               # Next.js web client application
│   └── provider/          # Next.js agent provider application
├── turbo.json            # Turborepo configuration
└── package.json          # Workspace configuration

Core Architecture Components

Singleton Pattern

The architecture uses a singleton pattern for managing client and provider state:

• ClientApp - Singleton for client-side operations

  • Provides typical client account, wallet client, and address
  • Used for client operations like leveraging agent A2A and MCP endpoings, and giving feedback

• ProviderApp - Singleton for provider-side operations

  • Provides agent provider account, delegation setup, and wallet client
  • Used for agent activities like reputation management

• AdminApp - Singleton for agent admin operations

  • Provides agent admin account and setup
  • Used for agent administration like setting up agent

AgenticTrustClient

The main client class provides:

• agents - Agent discovery and engagement via GraphQL API
• ... - Agent-to-Agent protocol support

📦 Packages

@agentic-trust/core

Core SDK providing:

• AgenticTrustClient: Main client for interacting with agents
• Agent Discovery: Query and list agents via GraphQL API
• A2A Protocol: Agent-to-Agent communication protocol support
• Veramo Integration: DID management and authentication
• Reputation System: ERC-8004 feedback and reputation management
• Session Packages: Smart account delegation via session packages

Key Components:

• AgenticTrustClient - Main client class
• ClientApp - Singleton for client operations (private key based)
• ProviderApp - Singleton for provider operations (session package based)
• ReputationClient - Singleton for reputation operations
• Agent - Agent instance with messaging and verification capabilities

See full documentation →

🚀 Getting Started

Prerequisites

• Node.js >= 20.0.0
• pnpm >= 8.0.0

Installation

# Clone the repository
cd agentic-trust

# Install dependencies
pnpm install

# Build all packages
pnpm build

Development

# Run development mode with watch
pnpm dev

# Run tests
pnpm test

# Type check
pnpm type-check

# Lint
pnpm lint

# Format code
pnpm format

🔧 Using the Core SDK

# Install in your project
pnpm add @agentic-trust/core

Basic Usage

import { AgenticTrustClient } from '@agentic-trust/core';

// Create client
const client = await AgenticTrustClient.create({
  graphQLUrl: 'https://api.example.com',
  apiKey: 'your-api-key',
  privateKey: '0x...', // Optional: for Veramo agent
  rpcUrl: 'https://eth-sepolia.g.alchemy.com/v2/...', // Optional: for DID resolution
});

// Search agents with optional filters
const { agents, total } = await client.agents.searchAgents({
  query: 'orbit',
  page: 1,
  pageSize: 20,
  params: {
    supportedTrust: ['identity'],
    a2aSkills: ['trust-webhook'],
  },
});

// Get a specific agent
const agent = await client.getAgent('943');

// Send a message to an agent
const response = await agent.sendMessage({
  message: 'Hello agent',
  skillId: 'oasf:trust.feedback.authorization',
});

// Verify an agent
const isValid = await agent.verify();

Server-Side API Pattern (Next.js)

// apps/web/src/lib/server-client.ts
import { AgenticTrustClient } from '@agentic-trust/core';

let serverClient: AgenticTrustClient | null = null;

export async function getServerClient(): Promise<AgenticTrustClient> {
  if (!serverClient) {
    serverClient = await AgenticTrustClient.create({
      graphQLUrl: process.env.AGENTIC_TRUST_DISCOVERY_URL!,
      apiKey: process.env.AGENTIC_TRUST_DISCOVERY_API_KEY,
      privateKey: process.env.AGENTIC_TRUST_ADMIN_PRIVATE_KEY,
      rpcUrl: process.env.AGENTIC_TRUST_RPC_URL_SEPOLIA,
    });
  }
  return serverClient;
}

Environment Variables

Client App (web):

AGENTIC_TRUST_APP_ROLES=client
AGENTIC_TRUST_ADMIN_PRIVATE_KEY=0x...
# Chain-specific RPC URLs (required)
AGENTIC_TRUST_RPC_URL_SEPOLIA=https://eth-sepolia.g.alchemy.com/v2/YOUR_KEY
AGENTIC_TRUST_RPC_URL_BASE_SEPOLIA=https://sepolia.base.org
AGENTIC_TRUST_RPC_URL_OPTIMISM_SEPOLIA=https://sepolia.optimism.io
AGENTIC_TRUST_DISCOVERY_URL=https://...
AGENTIC_TRUST_DISCOVERY_API_KEY=...
AGENTIC_TRUST_IDENTITY_REGISTRY_SEPOLIA=0x...
AGENTIC_TRUST_REPUTATION_REGISTRY_SEPOLIA=0x...

Provider App:

AGENTIC_TRUST_APP_ROLES=provider
AGENTIC_TRUST_SESSION_PACKAGE_PATH=./sessionPackage.json.secret
# Chain-specific contract addresses and RPC URLs (required)
AGENTIC_TRUST_IDENTITY_REGISTRY_SEPOLIA=0x...
AGENTIC_TRUST_REPUTATION_REGISTRY_SEPOLIA=0x...
AGENTIC_TRUST_ENS_REGISTRY_SEPOLIA=0x...
AGENTIC_TRUST_RPC_URL_SEPOLIA=https://eth-sepolia.g.alchemy.com/v2/YOUR_KEY
AGENTIC_TRUST_RPC_URL_BASE_SEPOLIA=https://sepolia.base.org
AGENTIC_TRUST_RPC_URL_OPTIMISM_SEPOLIA=https://sepolia.optimism.io

🏛️ Project Structure

Packages

The packages/ directory contains reusable libraries and SDKs:

• core/: Core SDK with AgenticTrustClient, singletons, and A2A protocol
• erc8004-agentic-trust-sdk/: ERC-8004 SDK integration for reputation system
• erc8004-sdk/: ERC-8004 SDK adapters (Viem, Ethers)

Apps

The apps/ directory contains applications built on top of the core packages:

• web/ - Next.js web client application

  • Client-side UI for discovering and interacting with agents
  • Server-side API routes for all blockchain operations
  • Uses ClientApp singleton for client operations

• provider/ - Next.js agent provider application

  • A2A protocol endpoint (/api/a2a)
  • Agent descriptor endpoint (/.well-known/agent.json)
  • Uses ProviderApp singleton for agent operations
  • Handles feedback authentication requests

Both apps follow the server-side architecture pattern where all sensitive operations happen in Next.js API routes.

🎯 Roadmap

• Core SDK with AgenticTrustClient
• Agent discovery via GraphQL API
• A2A (Agent-to-Agent) protocol support
• Veramo integration for DID management
• ERC-8004 reputation system integration
• Session package support for smart account delegation
• Client and Provider application architectures
• Singleton pattern for state management
• Advanced trust scoring algorithms
• Multi-agent orchestration
• Agent marketplace
• CLI tool for agent management

🔌 Extending the Platform

Adding a New Package

# Create package directory
mkdir -p packages/my-package/src

# Create package.json
cat > packages/my-package/package.json << 'EOF'
{
  "name": "@agentic-trust/my-package",
  "version": "0.1.0",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
  "scripts": {
    "build": "tsc -b",
    "dev": "tsc -b --watch"
  },
  "dependencies": {
    "@agentic-trust/core": "workspace:*"
  }
}
EOF

# Create tsconfig.json
cat > packages/my-package/tsconfig.json << 'EOF'
{
  "extends": "../../tsconfig.json",
  "compilerOptions": {
    "outDir": "./dist",
    "rootDir": "./src"
  }
}
EOF

Adding an App

# Create app directory
mkdir -p apps/my-app/src

# Follow similar structure as packages

🧪 Testing

# Run all tests
pnpm test

# Run tests in watch mode
pnpm test:watch

# Run tests for specific package
cd packages/core && pnpm test

📚 Documentation

• Core SDK Documentation
• API Reference (coming soon)
• Architecture Guide (coming soon)
• Plugin Development (coming soon)

🤝 Contributing

Contributions are welcome! Please read our contributing guidelines (coming soon).

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Add tests
5. Submit a pull request

📄 License

MIT License - see LICENSE file for details

🔗 Related Projects

• ENS - Ethereum Name Service
• ERC-8004 - Non-Fungible Token Ownership Designation Standard

📧 Contact

For questions and support, please open an issue on GitHub.