Adapted this for adversarial protocol hardening. Same loop: markdown defines formal invariants (scope narrowing, cascade revocation), AI tries to violate them, writes tests for whatever breaks. Found compound edge cases that 359 hand-written tests missed, specifically where scope escalation and spend limit bypass interact simultaneously. Property-based testing (100 random inputs per invariant) pairs well with the pattern.
The phrase "agent passport" is a natural description of this category
@rtedder claiming to be "the real one" and filing DMCAs against others building in the same space is exactly the wrong instinct. The agent identity problem is wide open. Nobody has won it yet. The right move is to compare architectures, find gaps and collaborate, not to gatekeep a generic term.
For what it's worth, I also independently built and published an Agent Passport System -fully open source (Apache-2.0), 8 protocol layers, 214 tests, Ed25519 identity with scoped delegation chains and cascade revocation. Published on npm.
Let's be honest, we all shipped around the same time, after OpenClaw dropped and the agent identity problem became impossible to ignore. The agent identity space needs more builders and more collaboration, not territorial claims over generic terms. If anyone working on this wants to compare architectures or find interop opportunities, I'm genuinely interested.
Author here. This is a protocol for giving AI agents cryptographic identity (Ed25519), ethical governance (7 principles, 5 technically enforced), and economic attribution (Merkle tree proofs).
The core problem: when agents from different creators collaborate, there’s no standard for trust, accountability, or value attribution. Google’s A2A handles communication. Anthropic’s MCP handles tools. Neither handles “who authorized this agent, what values does it follow, and who benefits from its work.”
Design decisions worth discussing:
• Attestation over enforcement — agents attest to values; compliance is verifiable against receipts