vouch-protocol 1.4.0

The Identity & Reputation Standard for AI Agents

Vouch Protocol

The Identity Layer for the Agentic Web

---

⚡ Quick Start

pip install vouch-protocol

# One command to configure SSH signing + Vouch branding
vouch git init

# All future commits are now signed and show ✅ Verified on GitHub
git commit -m "Secure commit"

---

The Open Standard for AI Agent Identity & Accountability

When Anthropic launched MCP, they solved "how agents call tools."
They didn't solve "how we TRUST those agents."

Vouch Protocol is the SSL certificate for AI agents.

Read the spec → | Join Discord →

---

The Problem

AI agents are making real-world API calls with ZERO cryptographic proof of:

• WHO they are
• WHAT they intended to do
• WHEN they did it

Examples of the risk:

• Healthcare AI accesses patient data → HIPAA violation risk
• Financial AI makes unauthorized trades → Liability nightmare
• Customer service AI leaks data → Compliance failure

Current solutions:

• DIY JWT signing → No agent-specific features, security mistakes easy
• Nothing → Most people just YOLO it and hope for the best

---

The Solution

Vouch Protocol provides cryptographic identity for AI agents, modeled after SSL/TLS:

✅ Ed25519 signatures (industry-standard cryptography)
✅ JWK key format (works with existing infrastructure)
✅ Audit trail (cryptographic proof of every action)
✅ Framework-agnostic (works with MCP, LangChain, CrewAI, etc.)
✅ Open source (Apache 2.0 license)

Think of it as:

• SSL certificate = Proves website identity
• Vouch Protocol = Proves AI agent identity

---

How It Works

The Workflow

4 Simple Steps:

1. Generate Identity - Create keypair and DID
2. Sign Action - Agent signs every API call
3. Send to API - Include token in HTTP header
4. Verify - API checks signature with public key

The Trust Model

Trust = Public Key Cryptography + JWT + DID
The same math that secures SSL/TLS, just for AI agents.

---

Why Vouch Protocol?

vs. DIY JWT

Feature	Vouch Protocol	DIY JWT
Agent-specific	✅ (designed for agents)	❌ (generic)
MCP integration	✅ (native)	❌ (manual)
Framework integrations	✅ (LangChain, CrewAI, etc.)	❌
Audit trail format	✅ (standardized)	❌ (custom)
Security best practices	✅ (built-in)	⚠️ (easy to mess up)

---

Quick Start

1. Install

pip install vouch-protocol

2. Generate Identity

vouch init --domain your-agent.com

3. Sign an Action (Agent Side)

from vouch import Signer
import os

signer = Signer(
    private_key=os.environ['VOUCH_PRIVATE_KEY'],
    did=os.environ['VOUCH_DID']
)

token = signer.sign({'action': 'read_database', 'target': 'users'})
# Include token in Vouch-Token header

4. Verify (API Side)

from fastapi import FastAPI, Header, HTTPException
from vouch import Verifier

app = FastAPI()

@app.post("/api/resource")
def protected_route(vouch_token: str = Header(alias="Vouch-Token")):
    public_key = '{"kty":"OKP"...}' # From agent's vouch.json
    
    is_valid, passport = Verifier.verify(vouch_token, public_key_jwk=public_key)
    
    if not is_valid:
        raise HTTPException(status_code=401, detail="Untrusted Agent")
        
    return {"status": "Verified", "agent": passport.sub}

That's it. 3 lines to sign, 3 lines to verify.

---

Integrations

Works with all major AI frameworks out-of-the-box:

• ✅ Model Context Protocol (MCP) - Native integration for Claude Desktop & Cursor
• ✅ LangChain - Sign tool calls automatically
• ✅ CrewAI - Multi-agent identity management
• ✅ AutoGPT - Autonomous agent signing
• ✅ AutoGen - Microsoft multi-agent framework
• ✅ Google Vertex AI - Sign function calls
• ✅ n8n - Low-code agent workflows

See all integrations →

---

Enterprise Features

• 🔐 Key Rotation - Automatic rotating keys for production
• 🎙️ Voice AI Signing - Sign audio frames in real-time
• ☁️ Cloud KMS - AWS KMS, GCP Cloud KMS, Azure Key Vault
• 📊 Reputation Scoring - Track agent behavior over time
• 🚫 Revocation Registry - Blacklist compromised keys
• ⚡ Redis Caching - Production-scale verification

---

🎯 Use Cases

Financial Services

# SEC-compliant trade logging
agent.sign({'action': 'execute_trade', 'amount': 10000, 'symbol': 'AAPL'})

Customer Service

# Data access accountability
agent.sign({'action': 'read_customer_data', 'customer_id': 'cust_abc'})

Healthcare AI

# HIPAA-compliant audit trail
agent.sign({'action': 'access_phi', 'patient_id': '12345'})

See full examples →

---

📚 Documentation

• 🚀 Quick Start
• 🔧 Integration Guides
• 📖 Protocol Specification
• 🏢 Enterprise Features
• 🛡️ Security Best Practices
• ❓ FAQ

---

🤝 Community

• Discord - Ask questions, share use cases → Join now
• GitHub Discussions - Technical discussions → Start a discussion
• Twitter/X - Updates and announcements → @Vouch_Protocol

---

🛣️ Roadmap

• Core protocol (Ed25519, JWK, JWT)
• MCP integration
• LangChain, CrewAI, AutoGPT integrations
• W3C Verifiable Credentials compatibility
• Multi-signature support
• Hardware key support (YubiKey, etc.)
• Browser extension (verify agents in real-time)

View full roadmap →

---

📜 License

Apache License 2.0 - See LICENSE file

This is NOT AGPL. You can use this in commercial, closed-source products.

For multi-license details (Client SDK/Server SDK/Specification), see our 3-layer license structure.

---

🙏 Acknowledgments

Inspired by:

• SSL/TLS (the gold standard for identity)
• OAuth 2.0 (federated identity done right)
• W3C Verifiable Credentials (the future of digital identity)

Built by Ramprasad Gaddam (Twitter/X)

---

🚀 Contributing

We welcome contributions! See CONTRIBUTING.md.

Areas where we need help:

• Add integrations (Haystack, Semantic Kernel, etc.)
• Improve documentation
• Write tutorials
• Build examples
• Security audits

---

⭐ Star this repo if you find it useful!

Star on GitHub | Join Discord | Follow on Twitter

---

📜 Prior Art Disclosures

To ensure ecosystem freedom, we publish defensive prior art disclosures for novel methods:

ID	Title	Key Claims
PAD-001	Cryptographic Agent Identity	Intent-bound tokens, agent DIDs
PAD-002	Chain of Custody	Recursive delegation, intent chains
PAD-003	Identity Sidecar Pattern	LLM key isolation, JIT signing

View all disclosures →