Go
Referencegithub.com/identities-ai/ratify-protocol
go get github.com/identities-ai/ratify-protocol@v1.0.0-alpha.7/ Developers
Verifiable authorization
for AI agents, in any language.
The Ratify Protocol™ gives every AI agent a cryptographic identity and a verifiable delegation chain. Reference SDKs are free under Apache-2.0 and byte-for-byte interoperable across Go, TypeScript, Python, and Rust. The protocol spec is open under CC-BY-4.0.
This page is the entry point. For full per-language quickstarts, protocol concepts, SDK reference, and conformance details, see docs.identities.ai.
TypeScript
Browser + Node · npm soon@identities-ai/ratify-protocol
git clone https://github.com/identities-ai/ratify-protocol
cd ratify-protocol/sdks/typescript && npm installPython
3.10+ratify-protocol
pip install ratify-protocol==1.0.0a7Rust
no_std-friendlyratify-protocol
cargo add ratify-protocol@1.0.0-alpha.7The npm package @identities-ai/ratify-protocol publishes once our npm organization is approved. Until then, install the TypeScript SDK directly from source as shown — byte-identical to the Go, Python, and Rust references.
Three verbs
DELEGATE — sign a cert binding principal → agent with scopes, constraints, and expiry. PRESENT — agent collects its chain and signs a fresh verifier challenge. VERIFY — third party checks signatures, timestamps, and scope coverage in under a millisecond.
Hybrid post-quantum
Every signature is Ed25519 + ML-DSA-65 (NIST FIPS 204). Both must verify. Bundles signed today remain unforgeable when a cryptographically-relevant quantum computer exists.
Byte-for-byte interoperable
59 canonical test vectors gate every PR. A Python agent and a Rust verifier produce identical bytes for the same input. No reference-implementation tax.
No central issuer
The principal is the source of trust. Anyone with the principal's public key can verify, offline, with no live token-introspection call to a central authority.
Pluggable provider hooks
Revocation, policy, audit, anchor resolution, and constraint extensibility are first-class provider interfaces (SPEC §17). The deterministic verifier core stays universal and offline-capable; operational concerns are delegated to providers your deployment configures.
Verification receipts
Optionally sign each verify decision into a hybrid-signed VerificationReceipt that chains by prev_hash. Missing or backdated entries are detectable, giving you a tamper-evident audit ledger without a separate archive service.
What you build with
- Spec: Ratify Protocol v1 specification (CC-BY-4.0)
- Repository: github.com/identities-ai/ratify-protocol (Apache-2.0)
- Conformance vectors: 59 canonical fixtures at
testvectors/v1/ - Security reports: security@identities.ai