deepsecure 0.1.11

DeepSecure: Secure your AI agent and agentic AI application ecosystem with DeepSecure.

DeepSecure: Effortless Identity & Auth for AI Agents

Give every AI agent a cryptographic identity and authenticated ephemeral credentials. Handle auth, delegation, policy enforcement, and secure proxying automatically. Effortlessly add identity and auth to any AI agent -- regardless of any platform, any framework, and any model.

📖 Documentation 🎯 Examples 💬 Community

🎯 Why DeepSecure?

The Problem: AI Agents Are Security Nightmares

# ❌ Current state: Security chaos
# 🔑 API keys scattered everywhere
os.environ["OPENAI_API_KEY"] = "sk-..." # Same key shared across all agents

# 🤖 No agent identity - who did what? which actions?
agent1 = YourFavoriteFramework()  # Anonymous agent
agent2 = AnotherFramework()  # Another anonymous agent

# 🚫 All-or-nothing permissions
agent.call_internal_api()  # Full admin access to everything
agent.call_external_api()  # Full admin access to everything

# No delegation, no policy enforcement, no audit trail
# Result: One breach = Complete system compromise

The Solution: Comprehensive Zero-Trust for AI Agents

# ✅ With DeepSecure: Complete security transformation
# 🔐 Cryptographic identity per agent  
client = deepsecure.Client()
agent = client.agent("financial-analyst", auto_create=True)  # Ed25519 identity

# 📋 Fine-grained policy enforcement happens automatically
# When agent fetches secrets, gateway validates JWT claims and enforces policy
secret = client.get_secret(
    agent_id=agent.id, 
    secret_name="openai-api", 
    path="/v1/chat/completions"
)
# Gateway enforces: Does agent have OpenAI access? Rate limits? Business hours?
# Policy controls which agents can access which APIs, when, and how often

# 🔄 Secure delegation between agents
delegation_token = client.delegate_access(
    delegator_agent_id=agent.id, 
    target_agent_id="data-processor", 
    resource="financial-data", 
    permissions=["read"], 
    ttl_seconds=1800)

# 📊 Complete audit trail + policy enforcement
# Every action logged, every access controlled, every delegation tracked
# Result: Zero-trust security with full visibility and control

🔥 From Security Nightmare to Zero-Trust Security

Without DeepSecure	With DeepSecure
🔑 Shared API keys	🛡️ AI Agents don't have access to API keys
🤖 No Agent Identity	🔐 AI Agents get Ed25519 Cryptographic Identity
🚫 No Access Control	📋 AI Agents with Fine-Grained Policies
📊 No delegation and tracking	📊 AI Agents with crypotographic delegation and audit trail
🏭 Production Blockers	🚀 Enterprise-Ready

⚙️ Getting Started

Get fully set up with DeepSecure in under 5 minutes—secure your AI agents instantly!

Prerequisites

• Python 3.9+
• pip (Python package installer)
• Access to an OS keyring (macOS Keychain, Windows Credential Store, or Linux keyring) for secure agent private key storage
• Docker and Docker Compose for running the backend services

1. Install DeepSecure

pip install deepsecure

2. Backend Services Setup

DeepSecure uses a dual-service architecture:

• deeptrail-control - Control Plane (manages agents, policies, credentials)
• deeptrail-gateway - Data Plane (enforces policies, injects secrets)

Quick Start with Docker Compose

# Clone the repository
git clone https://github.com/DeepTrail/deepsecure.git
cd deepsecure

# Start both services
docker-compose up -d

# Verify services are running
docker-compose ps

This will start:

• Control Plane at http://localhost:8000
• Gateway at http://localhost:8001
• PostgreSQL database for persistent storage

3. Configure DeepSecure CLI

# Set the control plane URL
deepsecure configure set-url http://localhost:8000

# Verify connection
deepsecure health

4. Verify Installation

# Check version
deepsecure --version

# Test agent creation
deepsecure agent create --name "test-agent"

🎉 You're all set! Your secure AI agent infrastructure is now running.

Next Steps:

• Try the 30-second quickstart below
• Explore our examples for real-world use cases
• Read the Architecture Guide to understand the system

---

⚡ 30-Second Quickstart

# 1. Install DeepSecure
pip install deepsecure

# 2. Connect to your security control plane
# For local development:
deepsecure configure set-url http://localhost:8001

# For production (your deployed instance):  
# deepsecure configure set-url https://deepsecure.yourcompany.com

# 3. Create your first AI agent identity
deepsecure agent create --name "my-ai-agent"

# 4. Use in your AI code
import deepsecure

client = deepsecure.Client()
agent = client.agent("my-ai-agent", auto_create=True)
secret = client.get_secret(name="openai-api", agent_name=agent.name)

# That's it! Your agent now has secure, audited access to OpenAI

🎯 What you just achieved:

• ✅ Centralized Security: All your AI agents use one security control plane
• ✅ Zero Hardcoded Secrets: Agents get ephemeral credentials automatically
• ✅ Unique Identity: Each agent has cryptographic identity (Ed25519)
• ✅ Complete Audit Trail: Every action is logged for compliance and debugging
• 🛡️ Policy Enforcement Ready: Fine-grained access control available via deepsecure policy commands

🏗️ Architecture: Control Plane + Data Plane

DeepSecure implements a dual-service architecture designed for production scale:

🧠 Control Plane (deeptrail-control)

• Agent Identity Management: Ed25519 cryptographic identities
• Policy Engine: Fine-grained RBAC with delegation support
• Credential Issuance: Ephemeral, time-bound access tokens
• Audit Logging: Immutable security event tracking

🚀 Data Plane (deeptrail-gateway)

• Secret Injection: Automatic API key insertion at runtime
• Policy Enforcement: Real-time access control decisions
• Split-Key Security: Client/backend key reassembly for ultimate protection
• Request Proxying: Transparent handling of all agent tool calls

graph TB
    A[AI Agent/Developer] --> B[DeepSecure SDK]
    
    %% Management Flow - Direct to Control
    B -->|Management Operations<br/>Agent/Policy CRUD| D[Control Plane<br/>deeptrail-control]
    
    %% Runtime Flow - Through Gateway  
    B -->|Runtime Operations<br/>Tool Calls| C[Gateway<br/>deeptrail-gateway]
    C --> D
    C --> E[External APIs<br/>OpenAI, AWS, etc.]
    
    D --> F[Policy Engine]
    D --> G[Split-Key Store] 
    D --> H[Audit Log]
    
    %% Labels for clarity
    B -.->|"deepsecure agent create<br/>deepsecure policy create"| D
    B -.->|"agent.call_openai()<br/>with secret injection"| C
    
    style A fill:#e1f5fe
    style C fill:#f3e5f5  
    style D fill:#e8f5e8
    style E fill:#fff3e0

🔬 Examples

Explore our comprehensive example collection:

Example	Description	Framework
Basic Agent Creation	Create your first secure agent	Core SDK
LangChain Integration	Secure LangChain agents	LangChain
CrewAI Team Security	Multi-agent crew with delegation	CrewAI
Gateway Injection	Automatic secret injection	Core SDK
Advanced Delegation	Complex delegation workflows	Core SDK
Platform Bootstrap	Kubernetes/AWS agent bootstrapping	Infrastructure

🚀 What's Next?

You've now seen the core workflow! Ready to dive deeper?

📚 Documentation

Resource	Description
🚀 Getting Started	Complete setup guide with examples
🔧 CLI Reference	All commands and options
📖 SDK Documentation	Python SDK with full API reference
🏗️ Architecture Guide	Deep dive into system design
🔒 Security Model	Cryptographic foundations
🚀 Deployment Guide	Production deployment patterns

For hands-on examples, explore our examples/ directory with LangChain, CrewAI, and multi-agent patterns.

🤝 Contributing

DeepSecure is open source, and your contributions are vital! Help us build the future of AI agent security.

🌟 Star our GitHub Repository!
🐛 Report Bugs or Feature Requests: Use GitHub Issues.
💡 Suggest Features: Share ideas on GitHub Issues or GitHub Discussions.
📝 Improve Documentation: Help us make our guides clearer.
💻 Write Code: Tackle bugs, add features, improve integrations.

For details on how to set up your development environment and contribute, please see our Contributing Guide.

🫂 Community & Support

GitHub Discussions: The primary forum for questions, sharing use cases, brainstorming ideas, and general discussions about DeepSecure and AI agent security. This is where we want to build our community!

GitHub Issues: For bug reports and specific, actionable feature requests.

We're committed to fostering an open and welcoming community.

📜 License

This project is licensed under the terms of the Apache 2.0 License.

---

⭐ Star us on GitHub if DeepSecure helps secure your AI agents!

🚀 Get Started • 📖 Documentation • 💬 Join Discord

Built with ❤️ for the AI agent developer community