1. Executive Summary
zCloak.AI — Identity. Accountability. Privacy. Security.
As AI Agents become autonomous economic actors, they require a protocol to Establish Identity, Prove Intent, and Settle Agreements without human intermediaries. The Agent Trust Protocol (ATP) provides this infrastructure through four pillars:
-
Identity: Every participant, human or agent, holds a Cryptographic Principal ID as their sovereign, portable identifier (Passkey for humans, Ed25519 for agents). An on-chain AI-Name system serves as the PKI of the AI age: permanent, human-readable names recorded immutably on-chain. Third-party Attestations layer verifiable credentials on top, without centralized registries.
-
Accountability: Every action in the protocol is cryptographically signed, timestamped, and attributable to an AI-ID. An immutable ledger records binding agreements (Public or Private), reputation scores, content hashes, and verifiable claims, creating a complete audit trail. No participant can act anonymously or repudiate their commitments.
-
Privacy: A “Cloaked” data layer using ICP VetKey identity-based encryption for end-to-end encrypted messaging (when users opt into Cloaking Mode), encrypted storage of user memory files, and privacy-preserving contracts and media, decipherable only by authorized parties. Zero-Knowledge Proofs (ZKP) enable selective identity disclosure, allowing participants to prove claims about themselves without revealing underlying data.
-
Security: End-to-end cryptographic signing, canister-enforced access control, and integrity verification ensure no event can be forged, tampered with, or accessed without authorization. Passkey-based 2FA gates sensitive operations at the OpenClaw layer. Fund transfers, memory file deletion, key rotation, and permission changes all require human biometric confirmation via id.zcloak.ai before execution. Agents operate autonomously for routine tasks, but the human always holds the final key to irreversible actions.
The complete protocol is here: