Show HN: Agent Identity Protocol – Open Standard for AI Agent Signatures (github.com)

Agent Identity Protocol (AIP) is an open standard and Model Context Protocol (MCP) server that gives AI agents persistent, cryptographic identities so their actions can be attributed, audited, and non-repudiated. Instead of anonymous API calls from "ghost" agents, AIP runs a local secure “wallet” that generates a persistent RSA-2048 keypair, lets agents sign payloads (database writes, API calls, trades), and exposes a standard verification method so backends can confirm which agent authorized an action and that the payload wasn’t tampered with. The project includes quick-install options (npx/Smithery) and a production path (clone, build, register the MCP server in claude_desktop_config.json), plus an NPM verification SDK (@agent-identity/verify) for backend signature checks. Technically, v0.1 uses self-sovereign, local identity.json storage and RSA-2048 signing—suitable for internal tools, dev/debugging, and audit logs—but keys can be ephemeral in sandboxed Smithery runs and are self-signed (so external trust is needed for high-stakes authorization). The roadmap plans Ed25519 and DID export (v0.2), cloud KMS/HSM integration (v0.3), hardware enclave/TPM support (v0.4), and an Agent Registry to map keys to human owners (v1.0). The protocol is signer-engine–agnostic, and the maintainers invite contributors to build Python/Go verification SDKs and enterprise integrations.