Python SDK for agent identity publishing, signed messaging, and registry-based verification
Project description
Agent Auth SDK
verifiable-agent-auth-sdk 为 Agent 提供可验证身份、Registry 公钥发现、HTTP/消息签名验签、原子 nonce 防重放和 Vault Transit 私钥托管。
当前版本:0.1.0b1。这是允许协议与 API 调整的 beta 版本。
安装
pip install verifiable-agent-auth-sdk
# 按需安装
pip install "verifiable-agent-auth-sdk[vault]"
pip install "verifiable-agent-auth-sdk[redis]"
pip install "verifiable-agent-auth-sdk[openai]"
Registry 是独立发行包:
pip install verifiable-agent-auth-registry
十分钟快速开始
1. Registry 管理员创建 developer 和 namespace
agent-auth-registry-admin create-developer --client-id developer-a
agent-auth-registry-admin grant-namespace \
--client-id developer-a \
--domain agents.example.com \
--path-prefix /team-a
保存首次命令输出的 API key。Registry v1 必须以单 worker 运行,并放在 HTTPS 反向代理之后。
2. 从 Vault 创建并发布 Agent
import os
from agent_auth_sdk import AgentInstance, RegistryClient
def registry_credential() -> str:
# 示例;生产环境请替换为 secret manager credential provider。
return os.environ["AGENT_REGISTRY_API_KEY"]
agent = AgentInstance.from_vault(
domain="agents.example.com",
name="team-a/weather",
organization="Example Lab",
endpoint="https://agents.example.com/weather/invoke",
vault_addr="https://vault.example.com",
vault_token_file="/run/secrets/vault-token",
transit_mount="transit",
key_name="weather-agent",
)
async with RegistryClient(
base_url="https://registry.example.com",
client_id="developer-a",
api_key=registry_credential,
) as registry:
await registry.publish(agent.metadata, signer=agent.signer)
3. 验证签名消息
from agent_auth_sdk import AgentVerifier, MetadataResolverConfig
async with AgentVerifier(
resolver_config=MetadataResolverConfig(
registry_url="https://registry.example.com",
),
) as verifier:
result = await verifier.verify_message(
message=incoming_message,
expected_recipient="agent://agents.example.com/team-a/resolver",
)
if not result.ok:
raise PermissionError(f"{result.code}: {result.reason}")
安全边界
- Registry 管理员是 developer namespace 的信任根;beta v1 不执行 DNS challenge。
- 配置 Registry 后默认失败关闭,不会因 Registry 故障静默改用不可信域名发现。
- Metadata capability 是经过认证的声明,不等同于业务授权;授权由应用策略决定。
- OpenAI
call_local_agent()保护同进程编排完整性,不提供进程隔离;真实网络边界使用RemoteAgentClient和AgentAuthASGIMiddleware。 - 私钥保留在 Vault Transit;SDK 只读取公钥并请求指定 key version 签名。
完整威胁模型见 SECURITY_MODEL.md。
文档
开发验证
python -m pytest -q
python -m build
python -m build packages/agent-auth-registry
python -m twine check --strict dist/* packages/agent-auth-registry/dist/*
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file verifiable_agent_auth_sdk-0.1.0b1.tar.gz.
File metadata
- Download URL: verifiable_agent_auth_sdk-0.1.0b1.tar.gz
- Upload date:
- Size: 48.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a748fc51f0dfeb8b6d8a6e53ed7ef834533e5fbfa89bee59e849101d5ed30537
|
|
| MD5 |
9d680a5da317d58d8343ee5773d04fa1
|
|
| BLAKE2b-256 |
b50311531de5c7034c07156f2a1cfb1a2cb8ec240d027b287aefd7db5cf2b112
|
Provenance
The following attestation bundles were made for verifiable_agent_auth_sdk-0.1.0b1.tar.gz:
Publisher:
publish.yml on YiheHuang/agent_auth_sdk
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
verifiable_agent_auth_sdk-0.1.0b1.tar.gz -
Subject digest:
a748fc51f0dfeb8b6d8a6e53ed7ef834533e5fbfa89bee59e849101d5ed30537 - Sigstore transparency entry: 2141469643
- Sigstore integration time:
-
Permalink:
YiheHuang/agent_auth_sdk@0dc8151192a31188c12f684d22474b002420e590 -
Branch / Tag:
refs/tags/v0.1.0b1 - Owner: https://github.com/YiheHuang
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@0dc8151192a31188c12f684d22474b002420e590 -
Trigger Event:
release
-
Statement type:
File details
Details for the file verifiable_agent_auth_sdk-0.1.0b1-py3-none-any.whl.
File metadata
- Download URL: verifiable_agent_auth_sdk-0.1.0b1-py3-none-any.whl
- Upload date:
- Size: 51.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
02986348f5edd0fd550da04d38d2c6c5ce9b7fce63a9e6e0ef325c6f9dc86033
|
|
| MD5 |
24b30452b73fef1cad6c87808228035a
|
|
| BLAKE2b-256 |
f7e2a0f7a0dccef28f347426d1fbfc4a9c0fbad42ee59cced87263f18cef8fb8
|
Provenance
The following attestation bundles were made for verifiable_agent_auth_sdk-0.1.0b1-py3-none-any.whl:
Publisher:
publish.yml on YiheHuang/agent_auth_sdk
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
verifiable_agent_auth_sdk-0.1.0b1-py3-none-any.whl -
Subject digest:
02986348f5edd0fd550da04d38d2c6c5ce9b7fce63a9e6e0ef325c6f9dc86033 - Sigstore transparency entry: 2141469658
- Sigstore integration time:
-
Permalink:
YiheHuang/agent_auth_sdk@0dc8151192a31188c12f684d22474b002420e590 -
Branch / Tag:
refs/tags/v0.1.0b1 - Owner: https://github.com/YiheHuang
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@0dc8151192a31188c12f684d22474b002420e590 -
Trigger Event:
release
-
Statement type: