Open Standard · RFC v2.0

Cryptographic trust
for autonomous
AI agents.

A minimal protocol to make agent actions verifiable and tamper-evident.

No blockchain. No consensus. No central authority.

MIT License Ed25519 NIST FIPS 204 RFC 8785 Post-quantum ready

aiss · playground LIVE

GENERATE → SIGN → VERIFY in the browser · no server

from aiss import AgentIdentity

agent = AgentIdentity.create()
event = agent.stamp("user_prompted", {"data": "hello"})
assert agent.verify(event)
# → signed, hash-chained, tamper-evident

ready

output

Click RUN to generate a live signed event →

The problem

✗

Logs can be modified

No cryptographic proof of history.

✗

No verifiable authorship

Identity is asserted, not proven.

✗

Vulnerable to quantum attacks

Classical signatures will break. Most systems are not prepared.

AISS makes agent history
independently verifiable.

✓

Cryptographic proof of authorship

✓

Hash-chained — any modification is detectable

✓

Portable — verify without the original infrastructure

✓

Post-quantum hybrid signatures (ML-DSA-65)

The standard

Four primitives. Nothing more.

AISS defines the minimal cryptographic surface for autonomous agent trust. No consensus, no blockchain, no central registry.

Identity

Deterministic agent ID derived from an Ed25519 keypair. No registration required.

RFC §5–6

Event chain

Signed, hash-linked, append-only history. Any modification breaks the chain.

RFC §7–9

Fork resolution

Deterministic canonical chain selection when concurrent writes occur.

RFC §10

A2A trust

Agent-to-agent handshake with co-signed events. Trust without a central authority.

RFC §16

Architecture

One standard.
Many implementations.

AISS defines the cryptographic foundation. Any system can build on top of it.

AISS is independent. PiQrypt is one implementation.

Reference implementation: PiQrypt (Python)

Additional capabilities may exist in specific implementations.

Other implementations welcome. See CONFORMANCE.md.

TrustGate

Governance & human oversight gate

optional

Vigil

Behavioural monitoring & VRS dashboard

optional

PiQrypt

Reference implementation

implementation

AISS
Identity · Event chain · Fork · A2A
this package

Compliance (indicative)

Built for regulated environments.

AISS provides the cryptographic mechanisms that compliance frameworks require. Compliance depends on implementation.

Framework	Control	AISS mechanism
EU AI Act Art. 12	Inviolable logging	Hash-chained signed events
SOC 2 CC6.6	Audit trail	AISS-1.0-AUDIT export
NIST AI RMF MEASURE 2.5	Traceability	Tamper-evident event history
GDPR Art. 5.1.f	Integrity	Fork detection + signatures
HIPAA §164.312	Audit controls	Immutable event chain

Non-normative mapping. AISS does not provide compliance by itself.

Get started

Up and running
in 30 seconds.

the package, generate an identity, stamp your first event.

install aiss-standard View on GitHub

          quickstart.py
          ● AISS-1.0
        
          from aiss import AgentIdentity

          from aiss.memory import store_event

          # Create identity

          agent = AgentIdentity.create()

          # Stamp events

          e1 = agent.stamp("init", {"version": "1.0"})

          e2 = agent.stamp("action", {"type": "buy"})

          # Verify chain integrity

          assert agent.verify_chain()

          # Persist + export

          store_event(e2.raw)

          audit = agent.export()

Specification

Open. Auditable. Yours.

Full protocol specification, test vectors, and conformance matrix — publicly available.

📄

RFC v2.0

Full protocol specification

✓

CONFORMANCE.md

Implementation matrix & test vectors

⚙

GitHub

Source code, issues, contributions

Cryptographic trust for autonomous AI agents.