Agents prove they're trustworthy. To other agents, to services, to regulators. Cryptographic compliance certificates across EU AI Act, Singapore MGF, and more.
The agent economy is forming. Agents transact, negotiate, and make decisions autonomously. But there's no way for one agent to verify another is compliant, well-behaved, and safe to do business with. Three layers are needed.
Who is this agent? Is there a verified human behind it? Identity proves existence, not behaviour.
Can this agent pay? USDC stablecoin micropayments via HTTP. Payments prove solvency, not trustworthiness.
Is this agent trustworthy? Does it follow the rules? What's its track record? We're the missing piece.
Choose your path. Same product, different perspective.
pip install agentapproved. Add one callback to your LangChain agent. Every action is logged automatically.
Every LLM call, tool use, decision, and human oversight event is hash-chained and Ed25519 signed. Tamper-proof.
Agent calls POST /api/v1/attest. Server scores evidence against chosen frameworks. Returns a signed certificate.
Agent presents the certificate to any service. Recipient verifies against our public key. Trust established. No human needed.
from agentapproved import AgentApprovedHandler
# One line. That's it.
handler = AgentApprovedHandler(
agent_id="my-agent",
api_key="ap_...",
)
# Attach to any LangChain agent
agent = create_agent(callbacks=[handler])
agent.invoke({"input": "..."})
# Done. Evidence logs automatically.
# Request your attestation certificate:
# POST https://app.agentapproved.ai/api/v1/attest
# { "agent_id": "my-agent", "scope": "full" }
AgentApproved monitors your AI agents in real time and generates tamper-proof evidence of everything they do. Think of it as a flight recorder for AI — every decision, every data access, every action is logged and cryptographically sealed.
The EU AI Act takes effect August 2026 with penalties up to 7% of global revenue. Singapore published agent-specific governance rules in January 2026. If your company deploys AI agents, you need provable compliance evidence — not a policy document, actual technical proof.
Your engineering team adds one line of code to each agent. From that point, compliance evidence generates automatically. No new infrastructure, no dedicated team, no consultant. First compliance score in under 10 minutes.
A cryptographically signed compliance certificate for each agent, scored against every relevant regulation. When an auditor, partner, or regulator asks "prove your AI is compliant" — you hand them the certificate. They can verify it independently without trusting you or us.
Free tier for evaluation (3 agents, 1,000 events/month). Pro at $99/month for teams (25 agents, 100K events). Enterprise with custom pricing, on-premise deployment, and SLA. No setup fees, no long-term contracts.
Get a free API key and a walkthrough of integration. We'll have your first compliance report within the week. Self-service onboarding coming soon.
Get Started FreeStreamable HTTP transport. Each request is a standard MCP JSON-RPC message. No session state. No SDK required.
agentapproved_ingest_event
Log a compliance evidence event. Reports agent actions in real-time. Requires api_key.
agentapproved_request_attestation
Request a signed compliance certificate. Scopes: eu-ai-act-art12, singapore-mgf, full, agentapproved-basic-v1, agentapproved-integrity-v1. Requires api_key, agent_id.
agentapproved_verify_certificate
Verify an existing certificate by attestation_id. No auth required.
agentapproved_check_reputation
Get an agent's attestation history, grade trajectory, and consistency score. Requires api_key.
agentapproved_get_public_key
Get the server's Ed25519 public key (hex) for offline signature verification. No auth required.
{
"mcpServers": {
"agentapproved": {
"type": "streamable-http",
"url": "https://app.agentapproved.ai/mcp"
}
}
}Or standalone via stdio: npx agentapproved-mcp-server --api-key ap_...
POST /api/v1/attest returns HTTP 402 with x402 payment terms. Pay $0.01 USDC on Base (Coinbase x402 protocol). MCP tool calls bypass x402 during beta.
{
"error": "X-PAYMENT-REQUIRED",
"accepts": {
"scheme": "exact",
"network": "eip155:8453",
"maxAmountRequired": "10000",
"resource": "https://app.agentapproved.ai/api/v1/attest"
}
}{
"id": "att_019d0b6c...",
"agent_id": "my-agent",
"scope": "full",
"score": 0.83,
"grade": "B",
"issued_at": "2026-03-23T14:00:00.000Z",
"expires_at": "2026-03-24T14:00:00.000Z",
"evidence_count": 47,
"evidence_window": {
"from": "2026-03-16T14:00:00.000Z",
"to": "2026-03-23T14:00:00.000Z"
},
"frameworks": {
"eu-ai-act-art12": { "score": 0.85, "grade": "A" },
"singapore-mgf": { "score": 0.81, "grade": "B" }
},
"certified": true,
"certified_level": "silver",
"signature": "9c4b2a...f71e03",
"verify_url": "https://app.agentapproved.ai/api/v1/attest/att_019d0b6c.../verify"
}24-hour expiry. Re-attest daily. Certificate reflects current behaviour, not historical.
# No auth required. Any agent can verify any certificate.
GET https://app.agentapproved.ai/api/v1/attest/{id}/verify
# Response:
{
"valid": true,
"expired": false,
"signature_valid": true,
"attestation": { /* full certificate */ }
}
# Or verify offline with the public key:
GET https://app.agentapproved.ai/api/v1/keys/public
# → { "algorithm": "Ed25519", "public_key": "7bc6ba...15beec" }AgentApproved defines what it means for an agent to be trustworthy. Regulatory frameworks plug in as scoring modules. One attestation, every jurisdiction.
Three tiers of trust. Bronze is the entry point — four basic checks, no regulation needed. Silver and Gold require passing regulatory framework scores. Every agent starts at Bronze and earns its way up.
Compliance tells you an agent follows the rules. Integrity tells you it does the right thing.
A voluntary ethical commitment. Six principles scored A through F. Agents that score B or above earn the Integrity Verified badge — proof of character, not just compliance.
Automatic logging, period of use, reference database, input data, human oversight, post-market monitoring. Penalties up to 7% of global revenue.
Risk bounding, agent identity, accountability, human-in-the-loop, automated logging, testing, monitoring, transparency.
Algorithmic discrimination, impact assessments, transparency disclosures. Most comprehensive US state AI law.
Risk management framework alignment, AI management system certification. Global enterprise standards.
Every attestation certificate is Ed25519 signed with a 24-hour expiry. Any agent, service, or human can verify a certificate independently using our public key — no account needed, no API call needed.
24-hour expiry is deliberate. It forces continuous re-attestation. A certificate proves current behaviour, not historical. If an agent misbehaves today, tomorrow's certificate reflects it.
Enterprises subscribe via card. Agents pay per attestation via USDC micropayments. Both work. Pick what fits.
Dashboard access, compliance reports, team management, evidence export. Pay with card in GBP or USD.
Agents pay directly via x402 protocol. USDC stablecoins. No accounts, no sessions. HTTP-native. Coming soon.
Choose your path. Free tier is permanent. No credit card required.
pip install agentapprovedfrom agentapproved import AgentApprovedHandler
handler = AgentApprovedHandler(
agent_id="my-agent",
api_key="ap_...",
)
agent = create_agent(callbacks=[handler])
agent.invoke({"input": "..."})Free tier. No credit card. 3 agents, 1,000 events/month.
We'll walk your team through how AgentApproved works, show you a live compliance report for your agents, and have your first attestation running within the week.
No technical setup needed for the demo. Just tell us what agents you're running and which regulations matter to you.
{
"mcpServers": {
"agentapproved": {
"type": "streamable-http",
"url": "https://app.agentapproved.ai/mcp"
}
}
}Call agentapproved_ingest_event to log actions, then agentapproved_request_attestation to get a signed certificate. Pass your api_key as a tool parameter.
Share your verify_url with any agent. They call agentapproved_verify_certificate to check validity. No auth needed to verify.
Programmatic via API:
POST https://app.agentapproved.ai/api/v1/keys/create
Content-Type: application/json
{ "label": "my-agent" }
# Returns: { "key": "ap_...", ... }
# Rate limit: 3 keys per IP per 24h. No auth required.