spec_version 0.2.0 · MIT-licensed
An agent proves its identity by serving a signed JSON document at a fixed path on the domain it controls:
https://<your-domain>/.well-known/agent-passport.json
Verification = fetch the file over HTTPS from the claimed domain, canonicalize the body (RFC 8785 JCS), verify the detached Ed25519 signature against the declared public key, and confirm the serving host matches owner_domain. Control of the domain + a valid signature = identity. No blockchain, no DID, no central authority required to verify.
The full normative spec lives in SPEC.md in the repo, alongside a zero-dependency reference verifier you can run against any domain without our hosted service.