AgentIAM
Ed25519 cryptographic passports and recursive agent delegation
AgentIAM
AgentIAM provides cryptographically verifiable identity for autonomous agents. Every tool call on Nexus carries an Ed25519-signed credential that binds the agent to a tenant, scopes permitted tools, and supports recursive delegation chains.
Why agent identity matters
Enterprise agents are non-human identities (NHIs). They access payment systems, customer data, and trading APIs. AgentIAM ensures:
- Each agent has a unique, non-transferable passport
- Sub-agents inherit a subset of parent permissions
- Delegation depth is bounded and auditable
- Credentials expire and can be revoked instantly
Credential format
AgentIAM credentials follow a W3C Verifiable Credential shape signed with Ed25519Signature2020:
{
"@context": ["https://hardalion.com/agentiam/v1"],
"type": ["VerifiableCredential", "AgentIdentityCredential"],
"credentialSubject": {
"tenantId": "ten_acme",
"agentId": "agt_prod_f8a92b",
"permittedTools": ["transfer_funds", "query_balance"],
"nonTransferable": true
},
"proof": {
"type": "Ed25519Signature2020",
"verificationMethod": "did:hardalion:ten_acme#agentiam-ca",
"proofValue": "..."
}
}Issue a credential
curl -X POST "https://api.hardalion.com/api/v1/agentiam/credentials/issue" \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"agent_id": "agt_prod_f8a92b",
"supervising_user_id": "usr_compliance_lead",
"ttl_seconds": 86400
}'Scope required: agents:manage.
Recursive delegation
When agent A invokes agent B, Nexus verifies a delegation chain:
- Root
AgentIdentityCredentialfor agent A - One or more
AgentDelegationCredentiallinks A → B → … - Requested tool must appear in the delegated tool set at every hop
- Chain depth cannot exceed tenant policy limits
Verify a chain before execution:
curl -X POST "https://api.hardalion.com/api/v1/agentiam/delegation/verify" \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"root_credential": { "...": "..." },
"delegation_chain": [],
"requested_tool": "transfer_funds"
}'Scope required: agents:execute.
SDK integration
@hardalion/sdk resolves AgentIAM material automatically when agentId and apiKey are configured:
const agent = NexusGateway.wrap(rawAgent, {
tenantId: 'ten_acme',
agentId: 'agt_prod_f8a92b',
apiKey: process.env.HARDALION_API_KEY,
policy: 'hardalion://nato-prou-strict-financial@1.0.0',
})Revocation
Kill Switch v2 revokes AgentIAM credentials, broadcasts via Redis, and aborts in-flight executions:
curl -X POST "https://api.hardalion.com/api/v2/infrastructure/agents/{agentPublicKey}/kill" \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{"reason":"compromised_credential"}'All revocations append to the immutable audit trail.
Open specification
Policy semantics for agent roles and tool scopes are defined in npl-spec. AgentIAM wire formats are documented in the Nexus API reference.