Agent Trust Protocol (TAP)

Overview

The Agent Trust Protocol (TAP) provides identity verification for AI agents participating in commerce. It answers the fundamental question: Is this agent who it claims to be?

TAP operates at the identity layer of the three-layer trust model, below authorization and execution protocols.

Core Concepts

Agent Identity

Every agent has a cryptographic identity consisting of:

• Public key (Ed25519) - verifiable by anyone
• Private key (Ed25519) - held securely by agent operator
• Agent Card - signed metadata describing agent capabilities

Agent Cards

Agent Cards are JSON documents signed by the agent’s private key:

{
  "agent_id": "did:tap:abc123",
  "name": "Shopping Assistant v2",
  "operator": "did:tap:operator456",
  "capabilities": ["commerce", "comparison", "purchasing"],
  "max_transaction": 500,
  "valid_until": "2027-01-01T00:00:00Z",
  "signature": "base64-ed25519-signature"
}

Verification Flow

1. Agent presents signed Agent Card
2. Verifier checks signature against public key
3. Verifier confirms card is within validity period
4. Verifier checks agent against revocation list
5. If all pass, agent identity is verified

Integration with Other Protocols

TAP provides the identity layer that other protocols depend on:

• AP2 mandates reference TAP agent IDs
• ACP sessions can require TAP verification
• A2A communication authenticates via TAP credentials

Implementation Status

Component	Status	Notes
Agent Card Schema	Active	v1.0 specification finalized
Ed25519 Verification	Active	Standard cryptographic implementation
Revocation Lists	Active	Distributed revocation checking
Operator Verification	Draft	Business entity verification

Security Considerations

• Private keys must never be exposed
• Agent Cards should have limited validity periods
• Revocation must be checked for every transaction
• Operator identity ties agents to accountable entities

Resources

• TAP Specification (Draft)
• Reference Implementation
• Agent Card Validator