Skip to main content

MolTrust trust verification interceptor for Google ADK

Project description

moltrust-adk

Trust verification interceptor for Google ADK — gate outbound Agent-to-Agent (A2A) calls on a target agent's MolTrust trust score using ADK's RequestInterceptor hook.

When a RemoteA2aAgent is about to call a remote agent, this interceptor checks the remote's 0–100 behavioral trust score at GET /skill/trust-score/{did} and — in block mode — aborts the call (returning an ADK Event) if the score is below your threshold.

Install

pip install moltrust-adk

This pulls google-adk[a2a] (the A2A extra provides the RemoteA2aAgent / RequestInterceptor machinery).

Usage

from google.adk.agents import RemoteA2aAgent
from google.adk.a2a.agent.config import A2aRemoteAgentConfig
from moltrust_adk import create_trust_interceptor

agent = RemoteA2aAgent(
    name="my-remote-agent",
    agent_card="https://example.com/.well-known/agent.json",
    config=A2aRemoteAgentConfig(
        request_interceptors=[
            create_trust_interceptor(
                did="did:moltrust:...",   # target remote agent's DID
                min_score=60,
                action="block",           # "block" | "warn" | "log"
            )
        ]
    ),
)

create_trust_interceptor returns an ADK RequestInterceptor whose before_request hook runs before every A2A send_message.

What it does

  • block — if the target's score is < min_score, is withheld, or the agent is unregistered, the interceptor returns an Event and the remote call never happens (fail-closed). A high enough score passes the request through unchanged.
  • warn / log — never blocks; emits a warning / info log on a negative check (dry-run / observability mode).
  • Fail-open on errors — a MolTrust transport/registry hiccup allows the call (a monitoring dependency must not break your agent graph).

Target identity (DID)

The outbound A2AMessage does not carry the remote's identity, so the target did is supplied at wiring time (you know which remote you're calling). Alternatively, pass did_key="..." to read it from a2a_request.metadata[...].

Tiers — keyless by default

  • Tier 1 (keyless): no API key required (rate-limited). This is the default.
  • Tier 2 (free account): pass api_key=... (or set MOLTRUST_API_KEY) for higher rate limits — sent as the X-API-Key header.

Every request carries User-Agent: moltrust-adk/<version> so MolTrust can attribute traffic to this integration.

Trust score vs. AGT

The trust score (0–100) is a recomputable behavioral signal — its on-chain solvency component is independently verifiable at /credits/solvency/{did}. It is not the AGT token; no token is required to read a score.

⚠️ Experimental

RemoteA2aAgent and the RequestInterceptor API are marked @a2a_experimental in google-adk — the API may change between ADK releases. Pin your google-adk version if you need stability.

License

MIT — see LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

moltrust_adk-0.1.0.tar.gz (9.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

moltrust_adk-0.1.0-py3-none-any.whl (9.2 kB view details)

Uploaded Python 3

File details

Details for the file moltrust_adk-0.1.0.tar.gz.

File metadata

  • Download URL: moltrust_adk-0.1.0.tar.gz
  • Upload date:
  • Size: 9.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for moltrust_adk-0.1.0.tar.gz
Algorithm Hash digest
SHA256 f96c5529f4c0b4d8a4b1515b217c92caab76519f54cde29686fcec451aa74e2f
MD5 c615e4e7759e5bef4a610ed506551a65
BLAKE2b-256 48767192f9d86ce14150aa86f64dc52ed6e9b3f8fe75a34bafdd5a26b8e71d3c

See more details on using hashes here.

File details

Details for the file moltrust_adk-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: moltrust_adk-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 9.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for moltrust_adk-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 cbc849603162927cad22eea2702332648c0880752a494df0d6f4ff79e1f0db0a
MD5 83e585815738248fc7a96d378cf961e8
BLAKE2b-256 b77ec4c2d627290474c91f65e9ce47da689e9717cdd6a62815ddf80b4b1d625b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page