The Open Standard for AI Agent Identity & Accountability
When Anthropic launched MCP, they solved "how agents call tools."
They didn't solve "how we TRUST those agents."Vouch Protocol is the SSL certificate for AI agents.
Read the spec → | Join Discord →
AI agents are making real-world API calls with ZERO cryptographic proof of:
- WHO they are
- WHAT they intended to do
- WHEN they did it
Examples of the risk:
- Healthcare AI accesses patient data → HIPAA violation risk
- Financial AI makes unauthorized trades → Liability nightmare
- Customer service AI leaks data → Compliance failure
Current solutions:
- DIY JWT signing → No agent-specific features, security mistakes easy
- Nothing → Most people just YOLO it and hope for the best
Vouch Protocol provides cryptographic identity for AI agents, modeled after SSL/TLS:
✅ Ed25519 signatures (industry-standard cryptography)
✅ JWK key format (works with existing infrastructure)
✅ Audit trail (cryptographic proof of every action)
✅ Framework-agnostic (works with MCP, LangChain, CrewAI, etc.)
✅ Open source (Apache 2.0 license)
Think of it as:
- SSL certificate = Proves website identity
- Vouch Protocol = Proves AI agent identity
4 Simple Steps:
- Generate Identity - Create keypair and DID
- Sign Action - Agent signs every API call
- Send to API - Include token in HTTP header
- Verify - API checks signature with public key
Trust = Public Key Cryptography + JWT + DID
The same math that secures SSL/TLS, just for AI agents.
| Feature | Vouch Protocol | DIY JWT |
|---|---|---|
| Agent-specific | ✅ (designed for agents) | ❌ (generic) |
| MCP integration | ✅ (native) | ❌ (manual) |
| Framework integrations | ✅ (LangChain, CrewAI, etc.) | ❌ |
| Audit trail format | ✅ (standardized) | ❌ (custom) |
| Security best practices | ✅ (built-in) |
pip install vouch-protocolvouch init --domain your-agent.comfrom vouch import Signer
import os
signer = Signer(
private_key=os.environ['VOUCH_PRIVATE_KEY'],
did=os.environ['VOUCH_DID']
)
token = signer.sign({'action': 'read_database', 'target': 'users'})
# Include token in Vouch-Token headerfrom fastapi import FastAPI, Header, HTTPException
from vouch import Verifier
app = FastAPI()
@app.post("/api/resource")
def protected_route(vouch_token: str = Header(alias="Vouch-Token")):
public_key = '{"kty":"OKP"...}' # From agent's vouch.json
is_valid, passport = Verifier.verify(vouch_token, public_key_jwk=public_key)
if not is_valid:
raise HTTPException(status_code=401, detail="Untrusted Agent")
return {"status": "Verified", "agent": passport.sub}That's it. 3 lines to sign, 3 lines to verify.
Works with all major AI frameworks out-of-the-box:
- ✅ Model Context Protocol (MCP) - Native integration for Claude Desktop & Cursor
- ✅ LangChain - Sign tool calls automatically
- ✅ CrewAI - Multi-agent identity management
- ✅ AutoGPT - Autonomous agent signing
- ✅ AutoGen - Microsoft multi-agent framework
- ✅ Google Vertex AI - Sign function calls
- ✅ n8n - Low-code agent workflows
- 🔐 Key Rotation - Automatic rotating keys for production
- 🎙️ Voice AI Signing - Sign audio frames in real-time
- ☁️ Cloud KMS - AWS KMS, GCP Cloud KMS, Azure Key Vault
- 📊 Reputation Scoring - Track agent behavior over time
- 🚫 Revocation Registry - Blacklist compromised keys
- ⚡ Redis Caching - Production-scale verification
# SEC-compliant trade logging
agent.sign({'action': 'execute_trade', 'amount': 10000, 'symbol': 'AAPL'})# Data access accountability
agent.sign({'action': 'read_customer_data', 'customer_id': 'cust_abc'})# HIPAA-compliant audit trail
agent.sign({'action': 'access_phi', 'patient_id': '12345'})- 🚀 Quick Start
- 🔧 Integration Guides
- 📖 Protocol Specification
- 🏢 Enterprise Features
- 🛡️ Security Best Practices
- ❓ FAQ
- Discord - Ask questions, share use cases → Join now
- GitHub Discussions - Technical discussions → Start a discussion
- Twitter/X - Updates and announcements → @Vouch_Protocol
- Core protocol (Ed25519, JWK, JWT)
- MCP integration
- LangChain, CrewAI, AutoGPT integrations
- W3C Verifiable Credentials compatibility
- Multi-signature support
- Hardware key support (YubiKey, etc.)
- Browser extension (verify agents in real-time)
Apache License 2.0 - See LICENSE file
This is NOT AGPL. You can use this in commercial, closed-source products.
For multi-license details (Client SDK/Server SDK/Specification), see our 3-layer license structure.
Inspired by:
- SSL/TLS (the gold standard for identity)
- OAuth 2.0 (federated identity done right)
- W3C Verifiable Credentials (the future of digital identity)
Built by Ramprasad Gaddam (Twitter/X)
We welcome contributions! See CONTRIBUTING.md.
Areas where we need help:
- Add integrations (Haystack, Semantic Kernel, etc.)
- Improve documentation
- Write tutorials
- Build examples
- Security audits
⭐ Star this repo if you find it useful!
Star on GitHub | Join Discord | Follow on Twitter
Publication Date: December 14, 2025
Subject: Cryptographic Binding of AI Agent Intent via Model Context Protocol (MCP)
To ensure the freedom of the ecosystem to build secure agents, we explicitly disclose the following novel method as Prior Art:
- The "Identity Sidecar" Pattern: An MCP Server acting as a local "Identity Proxy" for a stateless LLM, isolating keys from application code.
- Just-in-Time (JIT) Intent Signing: A workflow where the LLM requests a signed "Vouch-Token" for a specific action before execution.
- Non-Repudiation: Generating a cryptographically verifiable audit trail binding Identity, Intent, and Time.