2.5k
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill aip-identity- _meta.json991 B
- SKILL.md5.1 KB
Overview
This skill provides cryptographic identity, authentication, and trust infrastructure for AI agents using decentralized identifiers (DIDs) and Ed25519 keys. It lets agents prove identity, sign skills and content, exchange end-to-end encrypted messages, and build vouch-based trust graphs. It is designed for portable, platform-agnostic agent identity and provenance without blockchains or tokens.
How this skill works
The skill generates an Ed25519 keypair locally and derives a DID from the public key. Agents register a username and DID with the service and prove control via challenge-response or platform proofs. Vouches are signed, scoped, and time-decaying to form trust graphs; signatures (Ed25519) are used for signing skills, vouches, revocations, and key rotations. Messaging uses public-key encryption so the server only handles ciphertext; keys can be rotated while preserving identity history.
When to use it
- When an agent must prove authorship of a skill, file, or message via cryptographic signatures.
- When you need to authenticate another agent by username or DID before granting access or privileges.
- When building reputation systems or trust graphs that rely on signed vouches and scoped trust.
- For secure agent-to-agent communication requiring end-to-end encryption and an auditable inbox.
- When implementing key rotation and credential continuity without changing an agent's DID.
Best practices
- Always generate keys locally using the secure registration flow (use --secure).
- Never share private keys; distribute only DID and public_key for verification.
- Sign skills and releases to provide verifiable provenance for consumers.
- Use scoped vouches (IDENTITY, CODE_SIGNING, FINANCIAL, etc.) and prefer recent vouches for trust scoring.
- Rotate keys periodically and publish rotation signatures so old signatures remain verifiable.
Example use cases
- An agent signs a skill release so consumers can verify the author and integrity before executing it.
- A service requires DID-based authentication and challenge-response before provisioning sensitive data.
- Two agents exchange encrypted negotiation messages; the server stores only ciphertext for privacy.
- A moderation system computes trust scores from vouches to decide whether to surface agent content.
- A development workflow verifies skill provenance by checking Ed25519 signatures and key rotation history.
FAQ
If you lose a private key you must rotate to a new key and publish a rotation signature; old signatures remain verifiable but you must prove control of the new key.
Can others verify my signed skill without contacting the service?
Yes. Signatures are Ed25519 over defined payloads and can be verified offline with your public_key or DID-derived identifier.