Trust infrastructure for autonomous AI agents.
KYA Mission Control verifies who owns an agent, what it is allowed to do, and creates an auditable record before it acts, spends, transacts, or represents a business.
- Apache 2.0 open protocol
- Cross-runtime: Claude · GPT · Gemini · Llama
- Ed25519-signed receipts
- No vendor lock-in
Tap "Try it yourself" to open the full lab. Real signed requests, real Ed25519 receipts, offline-verifiable.
Other tools control a tool call. We control the whole mission lifecycle.
AI agents are moving from chat to action. Trust hasn't caught up.
Agents will access tools, customer data, APIs, wallets, marketplaces, and business workflows. Every CISO is about to ask the same five questions, and existing infrastructure has no answer.
Which agent is this, and who owns it?
The internet was built for humans with cookies and CAPTCHAs. Agents need a portable, verifiable passport.
What authority did the parent give the child?
When agents spawn agents, scope cascades. We track the lineage tree and enforce subset delegation.
How much has it spent on what surfaces?
Tokens, dollars, time, API calls, all under one mission ledger with a deterministic hard-stop.
What did it actually do, and can I prove it tomorrow?
A signed receipt. A Merkle root. An optional on-chain anchor. Auditor-grade proof, forever.
How do I stop it when it's stuck or wrong?
await checkpoint(reason, scope, signer), a one-line escalation primitive. Five-second sign-off on phone.
Existing tools control individual tool calls. Nobody owns the mission.
One control layer for identity, permissions, and accountability.
Eight primitives. One mission lifecycle. Built to wrap any agent framework you already use, with zero coupling to a single model vendor or cloud.
Agent Identity Registry
Cryptographic agent passports. Issue, rotate, revoke. Ed25519 by default.
Human + Business Ownership
Bind every agent to a human owner and an organisational entity. Verifiable provenance.
Permission & Spending Policies
Per-mission delegation tree. Scope subset, expiry ceiling, no re-parenting. OAuth can't do this.
Risk Scoring
Real-time trust meter. Stuck-state detection. Anomaly flagging across surfaces.
Action Audit Logs
Every state transition signed and chained. Indexed by mission, lineage, and surface.
Compliance-Ready Reports
Export Merkle-rooted, Ed25519-signed receipts. Optional Base anchor for regulated workflows.
API for Platforms
5-line SDK for TypeScript and Python. Wraps LangChain, Anthropic Tools, OpenAI Assistants.
Reputation & History
Cross-runtime reputation that travels with the agent, not the platform that hosts it.
The mission lifecycle, in five steps.
- Step 01
Verify owner
Bind a human and a business to the agent. KYC/KYB-ready, your data stays in your DB.
- Step 02
Register agent
Mint a root passport. Ed25519 keys. Spawn child birth certificates with subset scopes.
- Step 03
Assign permissions
Per-mission scopes, multi-dimension budget, expiry ceiling, deny-on-out-of-scope policy gate.
- Step 04
Monitor actions
Stuck-state detector. Real-time risk score. One-line human checkpoint for irreversible moves.
- Step 05
Export audit proof
Merkle-rooted, signed mission receipt. Optional Base anchor. Verifiable forever, by anyone.
Wraps any LangChain, Anthropic Tools, OpenAI Assistants, or custom agent.
The SDK is intentionally tiny. You pass an intent and a budget; KYA mints the passport, spawns child certs, routes across surfaces, escalates to a human if needed, and hands you a signed receipt at the end.
import { KYA } from "@kya/sdk";
const kya = new KYA({ apiKey: process.env.KYA_API_KEY });
const mission = await kya.missions.start({
intent: "Renew top 5 SaaS subs, $25K total, decline auto-renew over 8%",
budget: { dollars: 25_000, time_s: 600, surfaces: 5 },
scopes: ["procurement.renew", "procurement.compare"],
});
const receipt = await mission.complete();
// signed, verifiable, optionally anchored on BaseFrom human owner to audit ledger, in one mission.
KYA sits above the runtime. It doesn't replace your MCP gateway, your wallet, or your API client, it wraps them in a single mission envelope that travels with the agent.
All KYC, intent, and deliverable contents stay in your Postgres. Only Merkle roots can be anchored.
Receipts are Ed25519-signed JSON by default. The on-chain anchor is one toggle for crypto-native customers.
Same mission produces identical receipts whether the reasoner is Claude, GPT, Gemini, or Llama. No model lock-in.
Nine scenarios. Real cryptography. No video.
Click any scenario to open the live border-checkpoint console. Each click runs against real RFC 9421 signed requests, real Ed25519 keys, and a real 12-state mission engine. The receipts are downloadable, offline-verifiable, and bit-identical to what an enterprise auditor would receive.
Verified mission
Passport ✓ · scope ⊆ mission ✓ · 3 dispatches under budget · MCP routing · signed receipt issued.
No passport
Rogue agent shows up without an Ed25519-signed credential. Identity check fails on the first hop. Mission never starts.
Revoked passport
Issue passport, revoke it, then try to use it. Signature is valid; status is revoked. Door slammed before the mission boots.
Child scope escalation
Parent has procurement.read. Child requests procurement.write. Server-side scope-subset invariant rejects the child birth certificate.
Budget exceeded
$500 budget. Two dispatches: $300 admitted, $750 trips the hard-stop. State transitions to CHECKPOINT_PENDING; human decides.
High-risk action
External email send is in scope and under budget, but the risk classifier flags it irreversible. Mandatory checkpoint before dispatch.
Stuck browser
API 404, MCP 404, browser fallback hits a CAPTCHA-shaped DOM. Stuck-detector fires at 30 s. Mission pauses; human takes over.
Replay blocked
Same nonce, same counter, replayed seconds later. RFC 9421-compliant verifier rejects on the second attempt. No double-spend.
Verify a receipt offline
Load receipt JSON. Reconstruct 9 Merkle leaves. Recompute root. Ed25519.verify(sig, root, issuer_pub). Anyone, anywhere.
Skip the video. Run the policy gate yourself.
The lab is a real FastAPI service on Cloud Run, signing real Ed25519 receipts, with the full mission state machine running in front of you. Replay-protected, signed, deterministic.
Built for the platforms about to run agent traffic.
AI agent marketplaces
Issue every listed agent a portable identity. Verify ownership, score reputation, expose audit trail to buyers.
SaaS platforms adding agents
Wrap existing AI features in 5 lines. Ship the audit and kill-switch your enterprise pilots are demanding.
Fintech and crypto wallets
Per-mission spend caps. Signed receipts. Optional on-chain anchor. AP2 + ERC-8004 ready.
Enterprises deploying internal agents
Department-scoped agents with subset delegation. Compliance teams get evidence. Engineers keep velocity.
Customer-agent transaction platforms
Freelance agents acting on a customer's behalf, with provable scope, receipts, and dispute trail.
AI insurance carriers
Actuarial-grade evidence of agent actions. Underwrite agent liability with a standardised receipt format.
The agent economy needs an identity layer.
Three forces are converging in 2026. The wire-level standards are settling fast. The application-layer noun, the Mission, is still missing.
- RFC 9421HTTP Message Signatures · IESG, April 2026
- ERC-8004Live Jan 29, 2026 · 45K+ agents registered
- AP2 + Verifiable IntentFIDO consortium · 60+ orgs
- a16z Speedrun SR007Agent-native infra wave
- a16z cryptoAdopting Know Your Agent framing
- Voice + browser agentsGoing full lifecycle in prod
- Enterprise pilotsDemanding audit trails as gating
- Munich Re · Lloyd'sUnderwriting AI agent liability
- ChatGPT Agent · DevinBurning real $ with no receipt
We ship the mission noun before AWS or Cloudflare extends their stack to it.
Each incumbent owns a slice. KYA owns the mission above all of them.
We adopt RFC 9421. We integrate with ERC-8004. We wrap AgentPort, AgentGateway, AgentCore Gateway. The mission lives above the wire.
| Capability | KYA Mission Control | AWS AgentCore | Cloudflare WBA | ERC-8004 |
|---|---|---|---|---|
Cross-runtime portable identity AWS-locked / wire-only / on-chain only | ||||
Per-mission delegation tree Child birth certificates with subset enforcement | ||||
Cross-surface budget hard-stop Multi-dimension: tokens, dollars, time, surfaces, calls | ||||
Mission state machine + signed receipt Merkle-rooted, Ed25519-signed, optionally anchored | ||||
Human-checkpoint primitive (one line) | ||||
Optional on-chain anchor | ||||
Open spec + commercial implementation |
Governance-first thinking, already shipping in production.
MAS-AI builds governed multi-agent systems for real-world operations. KYA Mission Control is designed from the same governance-first thinking behind Daena, identity, memory, auditability, accountable agent execution.
Senior AI Architect / ML Engineer. Decade of production AI for security-critical workloads. Inventor on two patents pending: Sunflower-Honeycomb Memory Architecture, and Neural-Backed Memory Fabric (NBMF).
Daena will be customer-zero of KYA from week one.
Daena is MAS-AI's governed multi-agent platform, 10 departments, 60 capabilities per agent, a 10-stage governance pipeline, tiered NBMF memory, and production deployment on Cloud Run. Its 10 departments will produce real KYA mission receipts on day one.
"Other tools control a tool call. We control the whole mission lifecycle."
WorldSignal · 30+ Claude Code skills · multiple production-LLM systems for security-critical workloads.
Building agent products? Join the private beta.
Onboarding 10 design partners. SDKs, mission console, and receipt verifier. We'll reply within 48 hours with a calendar link if you're a fit.
- Free for design partners through Q3 2026
- Direct Slack channel with the founder
- Influence the open mission-receipt spec
- Audit-friendly, governance-first by default