attestix
Integrates with CrewAI to allow multi-agent systems to manage identity, compliance, and credentialing workflows with cryptographic verification.
Anchors artifact hashes to Base L2 via the Ethereum Attestation Service, enabling on-chain verification of compliance records and agent identities.
Integrates with LangChain to enable AI agents to create and manage identities, compliance profiles, verifiable credentials, and other artifacts for EU AI Act compliance.
Integrates with OpenAI Agents SDK to provide tools for agent identity, compliance automation, verifiable credentials, and cryptographic proof generation.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@attestixcheck compliance for my AI agent"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Install
# v0.4.0-rc.2 is a release candidate (pre-release). Use --pre to install it:
pip install --pre attestixv0.4.0-rc.2 packaging fix: the wheel now ships only the canonical
attestix.*namespace. The pre-rc.2 flat layout (from services... import,from auth... import, ...) keeps working via thin deprecation shims that emit aDeprecationWarningon first import and are scheduled for removal in v0.5.0. Update imports tofrom attestix.services... importat your earliest convenience.
CLI
attestix status # System overview
attestix init --name MyBot # Create agent identity
attestix compliance <agent-id> # Check EU AI Act compliance
attestix verify <agent-id> # Verify identity cryptographically
attestix audit <agent-id> # View hash-chained audit trail
attestix credential --list # List W3C Verifiable CredentialsREST API
pip install fastapi uvicorn
uvicorn attestix.api.main:app --reload # Swagger docs at http://localhost:8000/docsWeb Dashboard
pip install streamlit
streamlit run demo/webapp/app.py # Opens at http://localhost:8501Quick Demo
python examples/quickstart.py # Full 9-module workflow in 0.1 secondsWhy Attestix
On August 2, 2026, the EU AI Act enforcement begins. Fines reach EUR 35M or 7% of global revenue.
Existing compliance tools (Credo AI, Holistic AI, Vanta) are organizational dashboards. None produce machine-readable, cryptographically verifiable proof that an AI agent can present to another agent, regulator, or system.
Agent identity is fragmenting across walled gardens (Microsoft Entra, AWS AgentCore, Google A2A, ERC-8004). No single tool combines agent identity + EU AI Act compliance + verifiable credentials in one protocol.
Attestix fills this gap.
Modules
Module | Tools | What it does |
Identity | 8 | Unified Agent Identity Tokens (UAITs) bridging MCP OAuth, A2A, DIDs, and API keys. GDPR Article 17 erasure |
Agent Cards | 3 | Parse, generate, and discover A2A-compatible agent cards |
DID | 3 | Create and resolve W3C Decentralized Identifiers ( |
Delegation | 4 | UCAN-style capability delegation with EdDSA-signed JWT tokens |
Reputation | 3 | Recency-weighted trust scoring (0.0 - 1.0) with category breakdown |
Compliance | 7 | EU AI Act risk profiles, conformity assessments (Article 43), Annex V declarations |
Credentials | 8 | W3C Verifiable Credentials with Ed25519Signature2020 proofs, presentations |
Provenance | 5 | Training data provenance (Article 10), model lineage (Article 11), hash-chained audit trail (Article 12) |
Blockchain | 6 | Anchor artifact hashes to Base L2 via Ethereum Attestation Service, Merkle batching |
Quick Start
As an MCP Server (Claude Code)
Add to your Claude Code config (~/.claude.json):
{
"mcpServers": {
"attestix": {
"type": "stdio",
"command": "python",
"args": ["-m", "attestix.main"]
}
}
}Then ask Claude:
"Create an identity for my data analysis agent with capabilities: data_analysis, reporting"
As a Python Library
from attestix.services.identity_service import IdentityService
from attestix.services.compliance_service import ComplianceService
from attestix.services.credential_service import CredentialService
identity_svc = IdentityService()
compliance_svc = ComplianceService()
credential_svc = CredentialService()
# 1. Create an agent identity
agent = identity_svc.create_identity(
display_name="MyAgent",
source_protocol="manual",
capabilities=["data_analysis", "reporting"],
description="Analyzes quarterly financial data",
issuer_name="Acme Corp",
expiry_days=365,
)
agent_id = agent["agent_id"] # attestix:f9bdb7a94ccb40f1
agent_did = agent["issuer"]["did"] # did:key:z6Mk...
# 2. Create a compliance profile
profile = compliance_svc.create_compliance_profile(
agent_id=agent_id,
risk_category="limited",
provider_name="Acme Corp",
intended_purpose="Analyzes quarterly financial data",
)
# 3. Issue a verifiable credential
credential = credential_svc.issue_credential(
subject_id=agent_id,
credential_type="AgentIdentityCredential",
issuer_name="Acme Corp",
claims={"capabilities": ["data_analysis", "reporting"]},
expiry_days=365,
)
print(credential["proof"]["type"]) # Ed25519Signature2020For a complete end-to-end walkthrough covering all 9 modules, run the quickstart:
python examples/quickstart.pyFrom Source
git clone https://github.com/VibeTensor/attestix.git
cd attestix
pip install -r requirements.txt
python -m attestix.mainEU AI Act Compliance Workflow
Take a high-risk AI agent from zero to fully compliant:
1. create_agent_identity --> UAIT with DID (Ed25519 signed)
2. record_training_data --> Article 10 data governance
3. record_model_lineage --> Article 11 technical documentation
4. create_compliance_profile --> Risk categorization + obligations
5. record_conformity_assessment --> Article 43 third-party assessment
6. generate_declaration_of_conformity --> Annex V declaration + W3C VC
7. create_verifiable_presentation --> Signed VP for regulatorHigh-risk systems are blocked from self-assessment:
record_conformity_assessment(assessment_type="self", ...)
--> ERROR: "High-risk AI systems require third_party conformity assessment"Full walkthrough: EU AI Act Compliance Guide
How It Works
Every artifact Attestix produces is cryptographically signed with Ed25519:
Artifact | Standard | Signed |
Agent Identity (UAIT) | Custom + DID | Ed25519 |
Verifiable Credential | W3C VC Data Model 1.1 | Ed25519Signature2020 |
Verifiable Presentation | W3C VP | Ed25519Signature2020 |
Delegation Token | UCAN-style JWT | EdDSA |
Compliance Records | EU AI Act Annex V | Ed25519 |
Audit Trail | Hash-chained log | SHA-256 chain |
Blockchain Anchor | EAS on Base L2 | On-chain |
No cloud dependency. All core operations work offline with local JSON storage.
Architecture
attestix/ # Canonical Python package (v0.4.0-rc.2)
main.py # MCP server entry point (47 tools)
cli.py # `attestix` console script
config.py # Environment-based configuration
errors.py # Error handling with JSON logging
api/ # FastAPI REST surface
main.py # uvicorn entry: `attestix.api.main:app`
routers/ # one router per service (44 endpoints)
auth/
crypto.py # Ed25519 key management
ssrf.py # SSRF protection for outbound HTTP
services/
identity_service.py # UAIT lifecycle, GDPR erasure
agent_card_service.py # A2A agent card operations
did_service.py # DID creation and resolution
delegation_service.py # UCAN delegation tokens
reputation_service.py # Trust scoring
compliance_service.py # EU AI Act profiles and assessments
credential_service.py # W3C VCs and VPs
provenance_service.py # Training data, lineage, audit trail
blockchain_service.py # Base L2 anchoring via EAS
storage/ # Repository seam (file / memory / pg)
signing/ # Signer seam (in-process / kms)
audit/ # Tamper-evident event chain
tenancy/ # Tenant context
idempotency/ # Stripe-style idempotency keys + middleware
blockchain/
merkle.py # Merkle tree for batch anchoring
tools/ # MCP tool definitions (one file per module)The pre-v0.4.0-rc.2 flat layout (services/, auth/, storage/, ...) is
preserved as deprecation shims at the same paths. They re-export from the
canonical attestix.* namespace and emit a DeprecationWarning on first
import. The shims are scheduled for removal in v0.5.0.
All 47 Tools
Tool | Description |
| Create a UAIT from any identity source |
| Auto-detect token type and register |
| Check existence, revocation, expiry, signature |
| Convert to A2A, DID Document, OAuth, or summary |
| List UAITs with protocol/revocation filters |
| Get full UAIT details |
| Mark a UAIT as revoked |
| GDPR Article 17 right to erasure across all stores |
Tool | Description |
| Parse an A2A Agent Card JSON |
| Generate agent.json for hosting |
| Fetch |
Tool | Description |
| Generate ephemeral |
| Generate |
| Resolve any DID to its DID Document |
Tool | Description |
| UCAN-style capability delegation token |
| Verify JWT signature, expiry, structure |
| List delegations by agent and role |
| Revoke a delegation token |
Tool | Description |
| Record outcome and update trust score |
| Get score with category breakdown |
| Search agents by reputation criteria |
Tool | Description |
| Create EU AI Act profile with risk categorization |
| Retrieve full compliance profile |
| Update an existing compliance profile |
| Gap analysis: completed vs missing requirements |
| Record self or third-party assessment (Article 43) |
| Generate Annex V declaration + auto-issue VC |
| Filter by risk category and compliance status |
Tool | Description |
| Issue W3C VC with Ed25519Signature2020 proof |
| Check signature, expiry, revocation |
| Verify any VC JSON from an external source |
| Revoke a Verifiable Credential |
| Get full VC details |
| Filter by agent, type, validity |
| Bundle VCs into a signed VP for a verifier |
| Verify a VP with embedded credentials |
Tool | Description |
| Record training data source (Article 10) |
| Record model chain and metrics (Article 11) |
| Log agent action with hash-chained audit trail (Article 12) |
| Get full provenance record |
| Query audit log with filters |
Tool | Description |
| Anchor identity hash to Base L2 via EAS |
| Anchor credential hash to Base L2 via EAS |
| Merkle batch anchor of audit log entries |
| Verify an on-chain anchor against local data |
| Get anchoring status for an artifact |
| Estimate gas cost for anchoring |
Standards Conformance
Every standards claim is validated by 91 automated conformance benchmarks that run alongside the rest of the suite for a total of 481 tests passing (1 skipped on Windows). These benchmarks demonstrate cryptographic conformance with the listed standards; they are not a substitute for a legal compliance audit. Run them yourself:
docker build -f Dockerfile.test -t attestix-bench . && docker run --rm attestix-benchStandard | What is tested | Tests |
RFC 8032 (Ed25519) | 4 IETF canonical vectors: key derivation, signature generation (exact match), verification, tamper rejection | 18 |
W3C VC Data Model 1.1 | Credential structure, Ed25519Signature2020 proof, mutable field exclusion, VP structure, replay protection | 25 |
W3C DID Core 1.0 |
| 18 |
UCAN v0.9.0 | JWT header (alg/typ/ucv), all payload fields, capability attenuation, expiry enforcement, revocation | 18 |
MCP Protocol | 47 tools registered, 9 modules, async convention, snake_case naming | 5 |
Performance | Ed25519 key gen, JSON canonicalization, sign/verify, identity creation, credential ops | 7 |
Performance (median latency, 1000 runs)
Operation | Latency |
Ed25519 key generation | 0.08 ms |
JSON canonicalization | 0.02 ms |
Ed25519 sign + verify | 0.28 ms |
Identity creation | ~14 ms |
Credential issuance | ~17 ms |
Credential verification | ~2 ms |
UCAN token creation | ~9 ms |
Security
Ed25519 signatures on all UAITs, VCs, assessments, declarations, and audit entries
Hash-chained audit trail with SHA-256 for tamper-evident logging
SSRF protection blocks private IPs, metadata endpoints, and DNS rebinding
Encrypted key storage with AES-256-GCM when
ATTESTIX_KEY_PASSWORDis setPrivate keys never exposed in tool responses
No external API calls required for core operations
Research Paper
Attestix is described in a research paper covering system architecture, cryptographic pipeline, EU AI Act compliance automation, and evaluation with 481 automated tests (390 functional + 91 RFC / W3C conformance benchmarks).
Attestix: A Unified Attestation Infrastructure for Autonomous AI Agents Pavan Kumar Dubasi, VibeTensor Private Limited, 2026.
Citing Attestix
If you use Attestix in your research, please cite:
@article{dubasi2026attestix,
title = {Attestix: A Unified Attestation Infrastructure for Autonomous AI Agents},
author = {Dubasi, Pavan Kumar},
year = {2026},
url = {https://github.com/VibeTensor/attestix},
note = {Open-source. Apache License 2.0}
}Documentation
Full documentation at attestix.io/docs
Guide | Description |
Installation and first identity in 5 minutes | |
Step-by-step compliance workflow | |
How to determine your AI system's risk category | |
System design and data flows | |
All 47 tools with parameter tables | |
LangChain, OpenAI Agents SDK, CrewAI, MCP client | |
Environment variables, storage, Docker | |
Paper, citation formats, evaluation highlights | |
Recency-weighted trust scoring and categories | |
End-to-end code examples for common workflows |
Disclaimer
Attestix generates machine-readable, cryptographically signed compliance documentation. It is a documentation and evidence tooling system. It does not replace legal counsel, notified body assessments, or official regulatory submissions. Always consult qualified legal professionals for compliance decisions.
Sponsors
Attestix is free and open-source. If you or your organization benefit from it, please consider sponsoring to support continued development, security audits, and infrastructure.
Contributing
See CONTRIBUTING.md for development setup and guidelines.
License
Apache License 2.0. See LICENSE.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/VibeTensor/attestix'
If you have feedback or need assistance with the MCP directory API, please join our Discord server