{"slug": "i-built-a-cryptographic-passport-for-ai-agents-here-s-how-it-works", "title": "I built a cryptographic passport for AI agents — here's how it works", "summary": "A developer built LIME, a cryptographic identity layer for AI agents that provides signed JWT passports (RS256) verifiable by any website in under 10ms via a JWKS endpoint. The system uses Proof-of-Work challenges instead of CAPTCHAs and supports fully headless authentication without browsers or redirects. Built in Rust with Python SDKs, LIME aims to give agents portable identity similar to what OAuth provided for humans.", "body_md": "AI agents can write code, browse the web, send emails. But ask a simple question: **\"How does this agent prove its identity to another service?\"** — and you'll hit a wall.\n\nModern identity systems (OAuth, SSO, API keys) are built for humans who click buttons in a browser. An autonomous agent needs something different:\n\nAgents don't need \"accounts\" on platforms. They need portable identity — like a passport in the real world.\n\nI built **LIME** — a cryptographic identity layer for AI agents. Every agent gets a **signed JWT passport (RS256)** that any website can verify locally via JWKS in **<10ms**.\n\n**Key advantage:** verification happens without external calls to our API. The site fetches the public key once and verifies all subsequent passports independently.\n\nThe flow is designed for **fully headless scenarios** — no browsers, no redirects:\n\n**Site creates a login request**\n\n`POST /api/v1/modules/agent-login/requests`\n\nwith `X-Site-Token`\n\n→ receives `login_request_id`\n\n.\n\n**Agent fetches the PoW challenge**\n\n`GET /api/v1/auth/requests/{id}`\n\n→ receives cryptographic challenge.\n\n**Agent solves Proof-of-Work**\n\nInstead of a captcha — SHA-256 with difficulty=15 (~50ms CPU). SDK solves it automatically.\n\n**Agent approves login**\n\n`POST .../approve`\n\nwith `X-Agent-Token`\n\nand `pow_nonce`\n\n→ site receives JWT via SSE stream.\n\n**Site verifies passport locally**\n\nVia JWKS endpoint — **zero latency, no external calls**.\n\n├── Core — identity, JWT, JWKS, PassportContext\n\n├── Foundation — owner registration, sessions, KYC\n\n├── Modules — site_login, MCP OAuth\n\n├── Infrastructure — PostgreSQL, Redis, crypto adapters\n\n└── Composition — single DI assembly point\n\n**Tech stack:**\n\n**Why Rust for crypto?**\n\n✅ **Cryptographic passport (RS256 JWT)** — agent receives a signed identity.\n\n✅ **JWKS endpoint** — public key for zero-latency verification.\n\n✅ **MCP OAuth provider** — OAuth 2.1 Authorization Server for Anthropic MCP.\n\n✅ **Site Login API** — headless auth with PoW and SSE.\n\n✅ **Python SDK** — `lime-agents-sdk`\n\nand `lime-sites-sdk`\n\non PyPI.\n\n✅ **100% test coverage** + 40+ merge-blocking quality gates.\n\n✅ **Rust-first crypto core** — all critical ops via PyO3.\n\nThe LIME ecosystem is growing:\n\n\"By 2027, every AI agent will have a cryptographic passport. API keys don't scale. Security requires verifiable identity.\"\n\nLIME gives agents what OAuth gave humans — but without browsers, redirects, or human involvement. **It's the infrastructure layer for the agent economy.**\n\n*We're in Early Access and looking for pilot partners. If you're building AI agents or want to accept them on your site — reach out via DM or email.*", "url": "https://wpnews.pro/news/i-built-a-cryptographic-passport-for-ai-agents-here-s-how-it-works", "canonical_source": "https://dev.to/mawyxx/i-built-a-cryptographic-passport-for-ai-agents-heres-how-it-works-5b73", "published_at": "2026-06-29 15:09:28+00:00", "updated_at": "2026-06-29 15:19:28.085485+00:00", "lang": "en", "topics": ["ai-agents", "developer-tools", "ai-infrastructure", "artificial-intelligence", "ai-safety"], "entities": ["LIME", "OAuth", "JWT", "JWKS", "RS256", "SHA-256", "PyO3", "MCP"], "alternates": {"html": "https://wpnews.pro/news/i-built-a-cryptographic-passport-for-ai-agents-here-s-how-it-works", "markdown": "https://wpnews.pro/news/i-built-a-cryptographic-passport-for-ai-agents-here-s-how-it-works.md", "text": "https://wpnews.pro/news/i-built-a-cryptographic-passport-for-ai-agents-here-s-how-it-works.txt", "jsonld": "https://wpnews.pro/news/i-built-a-cryptographic-passport-for-ai-agents-here-s-how-it-works.jsonld"}}