Cryptographic trust primitive for autonomous AI agents.
from aiss import AgentIdentity
agent = AgentIdentity.create()
event = agent.stamp("user_prompted", {"data": "hello"})
assert agent.verify(event)
print(event["hash"]) # tamper-evident proof{
"agent_id": "3gFw2S1NT6dzo9vTPQ6JNWEwYFysZn8F",
"event_type": "user_prompted",
"payload": { "data": "hello" },
"signature": "eA3oT793bV/hJnDX...",
"hash": "8b1cfab333041b26...",
"timestamp": 1771845244
}pip install aissAISS makes agent actions:
- verifiable — cryptographic proof of authorship
- portable — no infrastructure dependency
- tamper-evident — hash-chained, any modification is detectable
- post-quantum ready — Ed25519 + ML-DSA-65 hybrid (NIST FIPS 204)
| Primitive | Description | RFC |
|---|---|---|
| Identity | Deterministic agent ID derived from public key | §5–6 |
| Event chain | Signed, hash-linked, append-only history | §7–9 |
| Fork resolution | Deterministic canonical chain selection | §10 |
| A2A trust | Agent-to-agent handshake and co-signed events | §16 |
| Profile | Cryptography | Use case |
|---|---|---|
| AISS-1 | Ed25519 · SHA-256 · RFC 8785 | General interoperability |
| AISS-2 | Ed25519 + ML-DSA-65 hybrid | Regulated environments · forward secrecy |
Full control over keys, events, chain, memory, and exports.
from aiss import generate_keypair, derive_agent_id, stamp_event, verify_event
from aiss.memory import store_event, search_events
from aiss.exports import export_audit_chain
priv, pub = generate_keypair()
agent_id = derive_agent_id(pub)
event = stamp_event(priv, agent_id, {"event_type": "action"})
verify_event(event, pub)See docs/API.md for the full reference.
AISS — identity · event chain · fork resolution · A2A ← this package
Foundation layer for verifiable agent systems.
AISS defines the standard. Additional features may be available in specific implementations.
Reference implementation: PiQrypt (Python)
| Framework | Control | AISS mechanism |
|---|---|---|
| EU AI Act Art. 12 | Inviolable logging | Hash-chained signed events |
| SOC 2 CC6.6 | Audit trail | AISS-1.0-AUDIT export |
| NIST AI RMF MEASURE 2.5 | Traceability | Tamper-evident event history |
| GDPR Art. 5.1.f | Integrity | Fork detection + signatures |
| HIPAA §164.312 | Audit controls | Immutable event chain |
AISS provides the cryptographic mechanisms. Compliance depends on implementation. Non-normative mapping.
Vigil — optional local monitoring interface.
aiss start # → http://localhost:8421Provides a local dashboard for agent activity, chain health, and VRS scoring.
Reference: PiQrypt (Python)
Community: open — submit a PR to list yours.
Requirements: pass all normative test vectors in vectors/, conform to SPEC.md.
- RFC v2.0 — full protocol specification
- CONFORMANCE.md — implementation matrix
- aiss-standard.org — landing page & playground
- GitHub
Contributions welcome — spec improvements, test vectors, bug reports. See CONTRIBUTING.md.
MIT — see LICENSE.
Protocol concepts deposited via e-Soleau (INPI France): DSO2026006483 — 19 Feb 2026 · DSO2026009143 — 12 Mar 2026