zkKYA - Know Your Agent
Can't wait to get started? Skip to the Onboarding Checklist!
The Paradigm Shift: From KYC to KYA
Traditional Know Your Customer (KYC) frameworks were designed for a world where every actor behind a transaction is a human being with a government-issued ID, a physical address, and a biometric signature. AI agents break every one of these assumptions. An agent has no passport. It has no face. It can be cloned, forked, or run in parallel across dozens of platforms simultaneously. It can be spun up in seconds and discarded just as quickly. And yet, in the Agent Economy, these autonomous actors will initiate payments, access regulated services, and interact with other agents on behalf of real people and real capital.
This creates a new class of trust problems that KYC was never built to solve:
No biological identity
KYC relies on biometric anchors (face, fingerprint). Agents have none.
A cryptographic binding to the human or legal entity principal behind the agent.
Clonability
KYC assumes one person, one identity. Agents can be duplicated trivially.
A unique, non-transferable credential tied to a specific agent instance.
Autonomous action
KYC verifies identity at onboarding. Agents act continuously without human presence.
Real-time, per-session credential verification and policy enforcement.
Cross-platform operation
KYC is siloed per service provider. Agents operate across many platforms at once.
Portable, interoperable credentials that work across chains and protocols.
Opaque intent
KYC does not ask “what will you do?” Agents execute complex, multi-step strategies.
A declared intent mechanism that enables pre-flight compliance checks.
Know Your Agent (KYA) is the framework that addresses these gaps. zkKYA is zkMe’s implementation of this framework, bringing the same privacy-preserving, zero-knowledge verification that zkMe pioneered for human identity into the world of autonomous AI agents.
zkKYA is part of the Underwrite pillar, providing Trustless Credentials that increase capital efficiency and reduce trust assumptions. Every credential leverages zero-knowledge proofs so that agents can prove compliance without exposing sensitive data.
The zkKYA Credential Stack
The zkKYA framework defines five credential types that together provide a comprehensive governance layer for AI agents. Each credential addresses a distinct dimension of agent trust:
Agent Intent
The agent has declared its planned actions before execution, enabling pre-flight compliance checks.
Agent Reputation
The agent has a verifiable track record of on-chain behavioral history and performance scoring.
Agent Payment Facilitation
The agent is authorized to initiate, authorize, and settle compliant transactions within delegated spending limits.
These five credentials are designed to be composed. A Verifier performing Agent Due Diligence can require any combination depending on the risk profile of the requested action. A low-risk API call might only require an APC. A high-value DeFi trade might require APC + ACC + ARC + a nullifier proof to prevent Sybil duplication.
How the Credentials Work Together
Consider an AI trading agent that wants to execute a swap on a permissioned DEX:
The DEX smart contract challenges the agent for credentials.
The agent presents its APC (proving it is accountable to a real person), its ACC (proving it passed a safety audit), and its AIC (declaring the specific trade it intends to execute).
The DEX checks the agent’s ARC score from the on-chain reputation registry to confirm the agent has a clean behavioral history.
The agent’s APF credential confirms it has a delegated spending allowance sufficient for the trade amount.
All five checks pass. The DEX executes the swap. The entire flow is automated, privacy-preserving, and completed in seconds.
Agent Trust Gateway
The Agent Trust Gateway is the runtime enforcement layer that sits between AI agents and the resources they need to access. It evaluates agent credentials in real time, enforces user-defined policies at the session level, and executes sensitive operations inside Trusted Execution Environments (TEEs).
The Gateway processes every agent interaction through an 8-step session pipeline that covers authentication, credential verification, policy evaluation, optional human-in-the-loop approval, secure token issuance, execution proxying, and immutable audit logging.
Policy Engine
Real-time policy evaluation against agent credentials with configurable, per-user rule sets.
OAuth2/PKCE Consent
Secure agent authentication and authorization using industry-standard OAuth2 with PKCE extension.
MCP Server (SSE)
Native Model Context Protocol integration for seamless use with LLM frameworks.
Rate Limiting
Per-agent, per-session request throttling to prevent resource abuse and runaway agents.
PASETO v4 Signing
Session tokens generated and signed inside TEE enclaves (Intel SGX / AMD SEV) for tamper-proof authentication.
Immutable Audit Trail
Every session is cryptographically hashed and anchored to a decentralized ledger for regulatory auditability.
For the complete 8-step session flow, error handling, and security guarantees, see the Agent Session Flow page. For protocol-specific integration details, see Supported Protocols.
Interoperability: Supported Agentic Protocols
zkKYA is designed to integrate with the emerging ecosystem of agentic protocols and standards. Rather than competing with these protocols, zkKYA provides the identity and trust verification layer that they require but do not natively include.
x402
Coinbase Open Standard
Internet-native payment protocol for AI agents over HTTP. When a resource responds with HTTP 402, the agent initiates payment automatically.
The Agent Trust Gateway intercepts the 402 response, verifies the agent’s APF credential (delegated spending allowance), and facilitates the stablecoin transaction inside a TEE enclave. The resource receives payment confirmation alongside a verifiable proof of agent authorization.
ERC-8004
Ethereum Standard
On-chain trust registry for AI agents, defining a standard interface for agent reputation and capability attestation.
The zkKYA Agent Reputation Credential (ARC) implements the ERC-8004 interface. ARC scores are written to the on-chain registry in the ERC-8004 format, making them readable by any ERC-8004-compatible verifier without additional integration work.
AP2
Agent Payment Protocol
Agent-to-agent payment protocol enabling autonomous, multi-party value transfer between AI agents.
zkKYA provides the identity verification layer for AP2 transactions. Before an agent-to-agent payment is settled, both parties present their APC credentials to prove accountability to real principals, preventing anonymous or unaccountable value transfer.
Pricing
Starting from $0.5 per credential attested under the Underwrite tier.
Volume discounts are available for enterprise deployments. Contact
[email protected]to discuss custom pricing and SLAs.
Credential Deep Dives
Explore each credential type in detail:
Agent Principal (APC)
Binds agents to accountable principals. Covers the cryptographic delegation protocol, credential structure, and revocation mechanics.
Agent Certification (ACC)
Safety evaluations, capability attestation, and compliance auditing for AI agents.
Agent Intent (AIC)
Pre-flight compliance checks, declared objectives, and intent verification workflows.
Agent Reputation (ARC)
Dynamic performance scoring, on-chain behavioral history, and ERC-8004 integration.
Agent Payment Facilitation (APF)
Secure, compliant, and autonomous value transfer via x402/AP2 with delegated spending limits.
Last updated