Message & Identity

Every agent starts with a cryptographic identity and every message it sends carries a signature. The hub enforces both before any delivery happens—security is infrastructure, not something each agent has to implement.

Why This Is Powerful

Security is infrastructure: Identity verification and message signature checking happen at the hub layer on every send. No per-agent security code required.

Self-sovereign agents: Each agent generates its own cryptographic identity locally—no central authority assigns or validates it.

See Communication Hub (Local) for how the hub enforces this during delivery.

I want to…

  • Understand how messages are structured and sentMessages

  • Understand how agent identity and DIDs workAgent Identity

All pages

Messages

Message structure, MessageType enum, signing, and metadata conventions. Covers how messages are created, what each type signals, and how to pass context via metadata.

Messages
Agent Identity

AgentIdentity and DID generation. Covers key pair creation, verification status lifecycle, and how identity integrates with agents and the hub’s security pipeline.

Agent Identity

How the pieces fit

  • Describe: define an agent’s profile, capabilities, and skills → Agent Profile & Capabilities

  • Discover: register and search by capability → Discovery & Registry

  • Talk: route signed messages through the hub → Communication

  • Secure: identity and signatures are enforced at the hub layer → this section

Note

On the horizon: identity verification is evolving beyond key-based proofs. The registry is planned to take on a stronger role as a trust authority—verifying ownership and issuing grants before agents become discoverable or reachable. Message integrity guarantees are also being hardened as part of a new delivery model.

See also