JSPM

aip-protocol

0.4.0
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 10
  • Score
    100M100P100Q66881F
  • License MIT

The only thing that makes AI agents production-ready. Cryptographic identity, boundary enforcement, and kill switch for autonomous agents.

Package Exports

  • aip-protocol

Readme

AIP — Agent Intent Protocol (TypeScript)

The only thing that makes AI agents production-ready.

Cryptographic identity, boundary enforcement, and an instant kill switch for autonomous AI agents. Works with LangChain.js, Vercel AI SDK, or any TypeScript/JavaScript agent framework.

AIP-1 Ed25519 Conformance License

Install

npm install aip-protocol

Quick Start

import { verifyIntent, RevocationStore, hexToBytes } from "aip-protocol";

// Verify an agent's signed intent before allowing execution
const result = verifyIntent(envelope, {
  publicKey: hexToBytes("e734ea6c..."),
  revocationStore: new RevocationStore(),
});

if (result.valid) {
  console.log(`✓ Verified — tier: ${result.tier_used}`);
  executeAction(envelope.intent); // Safe to proceed
} else {
  console.log(`✗ Blocked: ${result.errors.join(", ")}`);
  // e.g. "AIP-E202: MONETARY_LIMIT" or "AIP-E400: AGENT_REVOKED"
}

What It Does

Capability Description
Cryptographic Identity Ed25519 keypair per agent, DID-based addressing
Boundary Enforcement Action allowlists, monetary limits, geo restrictions, time windows
Kill Switch Revoke any agent instantly via the Revocation Mesh
Tiered Verification Tier 0 (<1ms HMAC) → Tier 1 (~5ms Ed25519) → Tier 2 (full pipeline)
Intent Drift Detection Flags actions outside an agent's declared scope
Replay Protection Nonce-based replay attack prevention

Real-Time Kill Switch (Mesh Client)

Connect to the AIP Revocation Mesh for real-time agent management:

import { MeshClient } from "aip-protocol";

const mesh = new MeshClient("your_api_key", {
  onRevocation: (event) => {
    console.log(`🚨 Agent ${event.agent_id} ${event.type}: ${event.reason}`);
  },
});

await mesh.connect();

// Kill a rogue agent across all connected services instantly
await mesh.revoke("did:web:acme.com:agents:rogue-bot", "anomalous_behavior");

// Check status
const status = await mesh.status("did:web:acme.com:agents:my-bot");

Error Codes

Every failure returns a machine-readable AIP-Exxx code:

Range Category Examples
AIP-E1xx Envelope Errors Invalid Signature, Expired, Replay Detected
AIP-E2xx Boundary Violations Action Not Allowed, Monetary Limit, Geo Restricted
AIP-E3xx Attestation Failures Model Hash Mismatch, Intent Drift
AIP-E4xx Trust Failures Agent Revoked, Delegation Invalid
AIP-E5xx Protocol Errors Mesh Unavailable, Handshake Timeout

Conformance

This SDK passes all 31 AIP-1 conformance test vectors, byte-identical to the reference Python SDK:

npx tsx src/conformance.ts
# ✓ ALL 31 VECTORS PASSED

Architecture

src/
  types.ts        — TypeScript interfaces (IntentEnvelope, VerificationResult, etc.)
  canonical.ts    — Canonical serialization (byte-identical to Python SDK)
  crypto.ts       — Ed25519 + HMAC-SHA256 via @noble/ed25519
  revocation.ts   — In-memory revocation store with nonce replay detection
  verification.ts — Full 8-step verification pipeline
  mesh.ts         — Real-time Revocation Mesh client (SSE)
  index.ts        — Barrel exports

Dependencies

Only two runtime dependencies — both audited, pure-JS cryptographic libraries:

License

MIT