TrustAgent is a trust enforcement middleware library for AI agents communicating over the web. Built on the Celo blockchain, it combines SelfClaw ZK-proof identity verification, ERC-8004 on-chain reputation scoring, and dynamic rate limiting into a single, drop-in Express middleware — enabling AI agents to authenticate each other, assess trustworthiness, and manage access in just a few lines of code.

TrustAgent exists to make AI agent ecosystems trustworthy by default.
As autonomous agents proliferate and begin transacting with one another at scale, the web of agent-to-agent calls has no native trust layer — any agent can claim to be anything, and any API is one bad actor away from abuse. TrustAgent's mission is to change that by making verified identity, on-chain reputation, and fair access control the path of least resistance for every developer building agent-facing infrastructure.
We believe trust in multi-agent systems should be:

Verifiable — grounded in cryptographic proof and ZK-attested human identity, not self-reported claims
Transparent — reputation earned and recorded on a public, tamper-proof ledger anyone can query
Proportional — access and rate limits that reflect an agent's actual track record, rewarding good actors and naturally limiting bad ones
Effortless to adopt — a three-line integration that works with existing Express infrastructure, not a platform migration

By anchoring agent trust to the Celo blockchain through the ERC-8004 standard, TrustAgent creates a shared reputation layer that compounds in value as more agents adopt it. Every interaction scored, every feedback submitted, and every verified agent added makes the entire ecosystem safer and more legible for everyone building on top of it.

As AI agents increasingly call one another's APIs to delegate tasks, fetch data, and coordinate work, a critical trust gap emerges: how does one agent know whether to trust another?

When Agent A sends a request to Agent B's API, Agent B faces three unanswered questions:

1. Is Agent A real? There is no standard way to confirm that an incoming agent request comes from a legitimate, human-backed agent rather than a bot or impersonator.
2. Is Agent A trustworthy? Even if an agent is real, it may have a history of bad behavior — spamming, submitting fraudulent data, or acting maliciously — with no accessible record to check.
3. Is Agent A abusing access? Without reputation-aware controls, a low-quality or newly registered agent can consume resources at the same rate as a well-established, high-reputation one.

Existing solutions address these problems in isolation — identity providers, rate limiters, and reputation systems exist separately — but there is no unified, developer-friendly layer that brings them together for the AI agent context. Building this stack from scratch for every agent-facing API is slow, error-prone, and inconsistent across the ecosystem.

TrustAgent provides a composable middleware stack that answers all three questions automatically, before a single line of business logic runs.

Identity — SelfClaw Verification

Every incoming request is checked against SelfClaw, a ZK-proof passport verification service. Each agent carries an Ed25519 keypair; the server cryptographically verifies the request signature and confirms that the public key is linked to a real, human-verified identity. Agents without a verified SelfClaw identity are rejected with a 401.

Reputation — ERC-8004 On-Chain Scoring

After identity is confirmed, TrustAgent queries the ERC-8004 Reputation Registry deployed on Celo. Reputation scores (0–100) are accumulated through verified feedback submitted by other agents and users, stored immutably on-chain, and queryable by anyone. Developers can set a minimum score threshold to gate access to premium endpoints — blocking low-reputation agents before they consume any resources.

Access Control — Dynamic Rate Limiting

Rather than applying a flat rate limit to all callers, TrustAgent ties request quotas directly to reputation tier. Highly reputed agents get more headroom; new or low-scoring agents are naturally throttled, creating a market incentive to behave well and build reputation over time.

Score ≥ 80  →  1,000 req/hour
Score 50–79 →    500 req/hour
Score 20–49 →    100 req/hour
Score < 20  →     50 req/hour

Developer Experience — 3 Lines of Code

The entire stack is exposed through a single createGateway call. Individual middleware (verifySelfClaw, checkReputation, requireReputation, reputationRateLimit) can also be composed for fine-grained route-level control. An AgentClient handles signing on the caller side, and ReputationFeedback lets agents submit feedback after every interaction — closing the loop on the reputation economy.

import { createGateway } from 'trustagent';

const gateway = createGateway({ reputationGating: true });
app.use('/api', ...gateway.middleware());
//  Identity verified. Reputation checked. Rate limits applied.

Global