vouch-protocol 1.3.1

The Identity & Reputation Standard for AI Agents

Vouch Protocol

The Open Standard for AI Agent Identity & Accountability

When Anthropic launched MCP, they solved "how agents call tools."
They didn't solve "how we TRUST those agents."

Vouch Protocol is the SSL certificate for AI agents.

Read the spec → | Join Discord →

---

The Problem

AI agents are making real-world API calls with ZERO cryptographic proof of:

• WHO they are
• WHAT they intended to do
• WHEN they did it

Examples of the risk:

• Healthcare AI accesses patient data → HIPAA violation risk
• Financial AI makes unauthorized trades → Liability nightmare
• Customer service AI leaks data → Compliance failure

Current solutions:

• DIY JWT signing → No agent-specific features, security mistakes easy
• Nothing → Most people just YOLO it and hope for the best

---

The Solution

Vouch Protocol provides cryptographic identity for AI agents, modeled after SSL/TLS:

✅ Ed25519 signatures (industry-standard cryptography)
✅ JWK key format (works with existing infrastructure)
✅ Audit trail (cryptographic proof of every action)
✅ Framework-agnostic (works with MCP, LangChain, CrewAI, etc.)
✅ Open source (Apache 2.0 license)

Think of it as:

• SSL certificate = Proves website identity
• Vouch Protocol = Proves AI agent identity

---

How It Works

The Workflow

4 Simple Steps:

1. Generate Identity - Create keypair and DID
2. Sign Action - Agent signs every API call
3. Send to API - Include token in HTTP header
4. Verify - API checks signature with public key

The Trust Model

Trust = Public Key Cryptography + JWT + DID
The same math that secures SSL/TLS, just for AI agents.

---

Why Vouch Protocol?

vs. DIY JWT

Feature	Vouch Protocol	DIY JWT
Agent-specific	✅ (designed for agents)	❌ (generic)
MCP integration	✅ (native)	❌ (manual)
Framework integrations	✅ (LangChain, CrewAI, etc.)	❌
Audit trail format	✅ (standardized)	❌ (custom)
Security best practices	✅ (built-in)	⚠️ (easy to mess up)

---

Quick Start

1. Install

pip install vouch-protocol

2. Generate Identity

vouch init --domain your-agent.com

3. Sign an Action (Agent Side)

from vouch import Signer
import os

signer = Signer(
    private_key=os.environ['VOUCH_PRIVATE_KEY'],
    did=os.environ['VOUCH_DID']
)

token = signer.sign({'action': 'read_database', 'target': 'users'})
# Include token in Vouch-Token header

4. Verify (API Side)

from fastapi import FastAPI, Header, HTTPException
from vouch import Verifier

app = FastAPI()

@app.post("/api/resource")
def protected_route(vouch_token: str = Header(alias="Vouch-Token")):
    public_key = '{"kty":"OKP"...}' # From agent's vouch.json
    
    is_valid, passport = Verifier.verify(vouch_token, public_key_jwk=public_key)
    
    if not is_valid:
        raise HTTPException(status_code=401, detail="Untrusted Agent")
        
    return {"status": "Verified", "agent": passport.sub}

That's it. 3 lines to sign, 3 lines to verify.

---

Integrations

Works with all major AI frameworks out-of-the-box:

• ✅ Model Context Protocol (MCP) - Native integration for Claude Desktop & Cursor
• ✅ LangChain - Sign tool calls automatically
• ✅ CrewAI - Multi-agent identity management
• ✅ AutoGPT - Autonomous agent signing
• ✅ AutoGen - Microsoft multi-agent framework
• ✅ Google Vertex AI - Sign function calls
• ✅ n8n - Low-code agent workflows

See all integrations →

---

Enterprise Features

• 🔐 Key Rotation - Automatic rotating keys for production
• 🎙️ Voice AI Signing - Sign audio frames in real-time
• ☁️ Cloud KMS - AWS KMS, GCP Cloud KMS, Azure Key Vault
• 📊 Reputation Scoring - Track agent behavior over time
• 🚫 Revocation Registry - Blacklist compromised keys
• ⚡ Redis Caching - Production-scale verification

---

🎯 Use Cases

Financial Services

# SEC-compliant trade logging
agent.sign({'action': 'execute_trade', 'amount': 10000, 'symbol': 'AAPL'})

Customer Service

# Data access accountability
agent.sign({'action': 'read_customer_data', 'customer_id': 'cust_abc'})

Healthcare AI

# HIPAA-compliant audit trail
agent.sign({'action': 'access_phi', 'patient_id': '12345'})

See full examples →

---

📚 Documentation

• 🚀 Quick Start
• 🔧 Integration Guides
• 📖 Protocol Specification
• 🏢 Enterprise Features
• 🛡️ Security Best Practices
• ❓ FAQ

---

🤝 Community

• Discord - Ask questions, share use cases → Join now
• GitHub Discussions - Technical discussions → Start a discussion
• Twitter/X - Updates and announcements → @Vouch_Protocol

---

🛣️ Roadmap

• Core protocol (Ed25519, JWK, JWT)
• MCP integration
• LangChain, CrewAI, AutoGPT integrations
• W3C Verifiable Credentials compatibility
• Multi-signature support
• Hardware key support (YubiKey, etc.)
• Browser extension (verify agents in real-time)

View full roadmap →

---

📜 License

Apache License 2.0 - See LICENSE file

This is NOT AGPL. You can use this in commercial, closed-source products.

For multi-license details (Client SDK/Server SDK/Specification), see our 3-layer license structure.

---

🙏 Acknowledgments

Inspired by:

• SSL/TLS (the gold standard for identity)
• OAuth 2.0 (federated identity done right)
• W3C Verifiable Credentials (the future of digital identity)

Built by Ramprasad Gaddam (Twitter/X)

---

🚀 Contributing

We welcome contributions! See CONTRIBUTING.md.

Areas where we need help:

• Add integrations (Haystack, Semantic Kernel, etc.)
• Improve documentation
• Write tutorials
• Build examples
• Security audits

---

⭐ Star this repo if you find it useful!

Star on GitHub | Join Discord | Follow on Twitter

---

Defensive Disclosure (Prior Art)

Publication Date: December 14, 2025
Subject: Cryptographic Binding of AI Agent Intent via Model Context Protocol (MCP)

To ensure the freedom of the ecosystem to build secure agents, we explicitly disclose the following novel method as Prior Art:

1. The "Identity Sidecar" Pattern: An MCP Server acting as a local "Identity Proxy" for a stateless LLM, isolating keys from application code.
2. Just-in-Time (JIT) Intent Signing: A workflow where the LLM requests a signed "Vouch-Token" for a specific action before execution.
3. Non-Repudiation: Generating a cryptographically verifiable audit trail binding Identity, Intent, and Time.