agent-did

# Agent-DID: The Identity Layer for AI Agents

[![License: Apache-2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![Node.js](https://img.shields.io/badge/node-%3E%3D18-brightgreen)](https://nodejs.org)
[![Works with LangChain](https://img.shields.io/badge/works%20with-LangChain-blue)](integrations/langchain/)
[![Works with CrewAI](https://img.shields.io/badge/works%20with-CrewAI-orange)](integrations/crewai/)
[![Works with Semantic Kernel](https://img.shields.io/badge/works%20with-Semantic%20Kernel-purple)](integrations/semantic-kernel/)
[![Works with Microsoft Agent Framework](https://img.shields.io/badge/works%20with-MS%20Agent%20Framework-lightblue)](integrations/microsoft-agent-framework/)
[![Works with Google A2A](https://img.shields.io/badge/works%20with-Google%20A2A-green)](integrations/a2a/)
[![CI — TypeScript SDK](https://github.com/edisonduran/agent-did/actions/workflows/ci.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/ci.yml)
[![CI — Python SDK](https://github.com/edisonduran/agent-did/actions/workflows/ci-python.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/ci-python.yml)
[![CI — LangChain JS](https://github.com/edisonduran/agent-did/actions/workflows/ci-langchain-js.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/ci-langchain-js.yml)
[![CI — LangChain Python](https://github.com/edisonduran/agent-did/actions/workflows/ci-langchain-python.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/ci-langchain-python.yml)
[![CI — CrewAI](https://github.com/edisonduran/agent-did/actions/workflows/ci-crewai.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/ci-crewai.yml)
[![CI — Semantic Kernel](https://github.com/edisonduran/agent-did/actions/workflows/ci-semantic-kernel.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/ci-semantic-kernel.yml)
[![CI — Microsoft Agent Framework](https://github.com/edisonduran/agent-did/actions/workflows/ci-microsoft-agent-framework.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/ci-microsoft-agent-framework.yml)
[![CI — Google A2A](https://github.com/edisonduran/agent-did/actions/workflows/ci-a2a.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/ci-a2a.yml)
[![Contract Audit](https://github.com/edisonduran/agent-did/actions/workflows/contract-audit.yml/badge.svg)](https://github.com/edisonduran/agent-did/actions/workflows/contract-audit.yml)

> **Give your AI agents a verifiable identity — in the framework you already use, with or without blockchain.**

**Agent-DID** is an open standard and reference implementation that addresses a question the AI industry still lacks a clear answer for: *when an autonomous agent acts — signs a request, delegates a task, modifies data — how does the system on the other side know who that agent really is?*

OAuth delegates this to a centralized provider. MCP leaves it out of scope by design. Agent-DID addresses it at the cryptographic layer, without introducing platform lock-in and with native integrations across several major AI orchestration frameworks.

Built on W3C DID and Verifiable Credentials, Agent-DID provides:

- **A language-agnostic specification** ([RFC-001](docs/RFC-001-Agent-DID-Specification.md)) — 11/11 MUST conformant
- **TypeScript and Python SDKs** backed by dedicated CI, interoperability fixtures, and conformance checks
- **Native integrations** for LangChain (JS + Python), CrewAI, Semantic Kernel, and Microsoft Agent Framework
- **Flexible trust anchoring** — on-chain (EVM) for immutability, or web-based (`did:wba`) for zero-friction adoption

---

## Why Agent-DID

| Problem | What Agent-DID adds |
|---|---|
| MCP, A2A, and agent frameworks do not provide portable, verifiable agent identity | A DID-based identity layer that binds controller, model and prompt fingerprints, and declared capabilities |
| Requiring blockchain for every deployment slows adoption | Flexible trust anchoring: EVM when immutability matters, web-based DID methods such as `did:wba` when low friction matters |
| Existing frameworks orchestrate behavior, not trust | Native integrations that add identity to LangChain, CrewAI, Semantic Kernel, and Microsoft Agent Framework without replacing them |
| Agent actions are hard to attribute and verify | Ed25519 signing for payloads and HTTP requests, enabling verifiable actions and audit trails |
| Revocation is inconsistent across environments | Compatible resolvers can propagate and enforce revocation state for compromised agents |

---

## Design Philosophy

### The Core Problem

AI is no longer just a tool humans use — it is becoming an actor that makes decisions, negotiates, executes code, signs operations, and delegates tasks to other agents. This transition raises a question the industry still lacks a clear answer for:

> **How does a system know who the agent talking to it really is?**

Not who created it. Not which platform it runs on. But *which specific agent*, at this moment, with this behavior, executing these actions.

OAuth delegates this to a centralized provider. MCP leaves it out of scope by design. Agent-DID addresses it at the cryptographic layer, without platform lock-in.

### Five Principles

**1. Identity is a first-class citizen of the AI stack**
Identity is not a credential bolted on at the end. It is the foundation on which trust between autonomous systems is built. Without cryptographically verifiable identity there is no real audit trail, no algorithmic accountability, no revocation system that works when something goes wrong.

**2. Flexible by design, not by accident**
Not every system needs blockchain. Not every system can avoid it. Agent-DID rejects the imposition of a single trust-anchoring mechanism:
- High-frequency financial agents need EVM immutability and on-chain cryptographic traceability.
- Rapid-prototyping platforms need zero friction — no gas fees, no wallets.
- Regulated environments need verifiable credentials compatible with compliance frameworks.

The same standard — and the same SDK surface — is designed to work across all three cases.

**3. Meet the developer where they are**
A standard that requires learning a new paradigm before writing the first useful line of code has a structural adoption problem. Agent-DID integrates into the frameworks developers already use — LangChain, CrewAI, Semantic Kernel, Microsoft Agent Framework — and gives them verifiable identity without abandoning their workflow.

**4. Open standards over proprietary lock-in**
Agent-DID extends W3C DID Core and the Verifiable Credentials data model. It does not define a new identity format — it extends existing identity standards with AI-specific metadata: model hash, system prompt hash, declared capabilities, evolution lifecycle. An identity ecosystem for AI agents only has value if it is interoperable. A proprietary identity format creates dependency where interoperability is needed.

**5. Verifiability without accidental complexity**
Identity cryptography is complex. AI agent developers should not have to be. Agent-DID closes that gap with framework abstractions that inject identity into the agent's execution chain without extra developer code, and with Ed25519 as the default — a fast, compact, and widely trusted cryptographic primitive for high-frequency signing environments.

### What Agent-DID Is Not

- **Not an orchestration framework.** It does not replace LangChain or CrewAI. It integrates with them.
- **Not a payment system.** ERC-4337 compatibility exists for agent wallets, but payment management is out of scope.
- **Not a blockchain mandate.** The EVM registry is an option, not a requirement. `did:wba` and `did:web` are equally valid.
- **Not a centralized platform.** There is no Agent-DID server to connect to. The protocol and SDKs are the primary i

[truncated…]