Trust-gated checkpoint nodes for LangGraph — cryptographic identity, policy enforcement, and trust-aware routing for multi-agent graphs
Project description
langgraph-trust
Trust-gated checkpoint nodes for LangGraph — cryptographic identity, governance policy enforcement, and trust-aware routing for multi-agent graphs.
Built on AgentMesh trust primitives. Designed as an external package per LangGraph maintainer guidance.
Install
pip install langgraph-trust
Quick Start
from langgraph.graph import StateGraph, END
from langgraph_trust import TrustGate, PolicyCheckpoint, trust_edge
from langgraph_trust.gate import TrustScoreTracker
# Shared trust tracker
tracker = TrustScoreTracker()
tracker.set_score("research-agent", 0.85)
# Build a trust-gated graph
graph = StateGraph(dict)
graph.add_node("research", research_agent)
graph.add_node("trust_check", TrustGate(min_score=0.7, tracker=tracker))
graph.add_node("execute", execution_agent)
graph.add_node("human_review", human_review_agent)
graph.add_edge("research", "trust_check")
graph.add_conditional_edges("trust_check", trust_edge(
pass_node="execute",
fail_node="human_review",
))
graph.add_edge("execute", END)
graph.add_edge("human_review", END)
graph.set_entry_point("research")
app = graph.compile()
Components
TrustGate
Conditional checkpoint node that evaluates an agent's trust score before allowing graph transitions.
gate = TrustGate(
min_score=0.7, # Minimum score to pass
review_threshold=0.8, # Optional: scores between min and review → REVIEW verdict
tracker=tracker, # TrustScoreTracker instance
identity_manager=idm, # Optional: AgentIdentityManager for capability checks
agent_name="my-agent", # Default agent (overridden by state["trust_agent"])
required_capabilities=["summarize"], # Optional capability requirements
)
PolicyCheckpoint
Governance policy enforcement at graph transitions.
from langgraph_trust.policy import GovernancePolicy
policy = GovernancePolicy(
name="production-safety",
max_tokens=4000,
max_tool_calls=5,
blocked_tools=["shell_exec", "file_delete"],
blocked_patterns=["password", "api_key", "secret"],
require_human_approval=False,
)
checkpoint = PolicyCheckpoint(policy=policy)
graph.add_node("policy_gate", checkpoint)
Trust-Aware Edges
from langgraph_trust import trust_edge, trust_router
# Simple pass/fail routing
graph.add_conditional_edges("gate", trust_edge(
pass_node="execute",
fail_node="quarantine",
review_node="human_review", # Optional
))
# General-purpose routing
graph.add_conditional_edges("gate", trust_router({
"pass": "execute",
"fail": "quarantine",
"review": "escalate",
}))
Dynamic Trust Scoring
from langgraph_trust.gate import TrustScoreTracker
tracker = TrustScoreTracker(default_score=0.5)
# After successful task
tracker.record_success("agent-a") # +0.01
# After failure (severity configurable)
tracker.record_failure("agent-a", severity=0.2) # -0.2
# Agent auto-blocked when score < min_score
Cryptographic Identity
from langgraph_trust import AgentIdentityManager
idm = AgentIdentityManager()
# Create Ed25519 identity with capabilities
alice = idm.create_identity("alice", capabilities=["summarize", "translate"])
print(alice.did) # did:langgraph:a3f7c2...
# Sign and verify data
sig = alice.sign(b"important data")
assert alice.verify(sig, b"important data")
How It Works
All components write their verdict to state["trust_result"]:
{
"verdict": "pass" | "fail" | "review",
"score": 0.85,
"threshold": 0.7,
"agent_did": "did:langgraph:abc...",
"reason": "Trust gate passed",
"capabilities_checked": ["summarize"],
"policy_violations": [],
"timestamp": "2026-02-17T..."
}
The trust_edge and trust_router functions read this verdict to route the graph.
Integration with Full AgentMesh
This package provides a lightweight, self-contained trust layer. For the full 5-dimension trust scoring engine with temporal decay, trust contagion, and Merkle audit chains, install:
pip install langgraph-trust[agentmesh]
Related
- AgentMesh — Full trust scoring engine
- Agent OS — Governance kernel for AI agents
- Dify Trust Layer — Similar integration for Dify (merged)
- LlamaIndex Integration — Trust layer for LlamaIndex (merged)
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file langgraph_trust-0.1.0.tar.gz.
File metadata
- Download URL: langgraph_trust-0.1.0.tar.gz
- Upload date:
- Size: 10.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a3d4204f1d78fee871f09b2c2a35da6ca0517bce1073e99a4e76fc7cea753dd2
|
|
| MD5 |
a564d2eaf0229c53084a90cab6abf1a7
|
|
| BLAKE2b-256 |
9db17cba5f0e4245b58bdd6b7fa94726376cd4ce9223d7ed4a4fee9b877e4e52
|
File details
Details for the file langgraph_trust-0.1.0-py3-none-any.whl.
File metadata
- Download URL: langgraph_trust-0.1.0-py3-none-any.whl
- Upload date:
- Size: 10.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
db2728fe750af5d3f94f98ee618d82dd38f5c8e7af830a4208b47f1cf01d65a0
|
|
| MD5 |
af2237e51dd35e4dac02841e57241746
|
|
| BLAKE2b-256 |
5426e5d646cbf5967c3b176ba7e19e5e0ddfcd830843a9d2824065594c1802be
|
