Introducing Anda

Overview

Anda is an innovative agent development framework designed to build a highly composable, autonomous, and permanently memory-enabled AI agent network. By connecting agents across various industries, Anda aims to create a super AGI system, advancing artificial intelligence to higher levels.

Source code: GitHub - ldclabs/anda: 🤖 A framework for AI agent development, designed to build a highly composable, autonomous, and perpetually memorizing network of AI agents.

Anda bot (Anda application): x.com

System Architecture

anda_ architecture1506×862 99 KB

To run a complete Anda AI Agent application (referred to as Anda), the following three external resources and two internal services are required:

External Resources:

1. LLM Service
2. TEE Computing
3. ICP Blockchain

Internal Services:

1. IC-TEE Gateway
2. Anda Engine

LLM Service

The LLM service provides intelligent computing power to Anda, similar to GPU cloud services, and is replaceable. Currently, the Anda framework supports DeepSeek, Cohere, and OpenAI, with plans to support more LLM services in the future, including open-source LLMs running on TEE GPUs.

• DeepSeek and Cohere: Currently offer the best cost-performance ratio, delivering exceptional intelligent computing power at a low cost.
• DeepSeek on TEE GPU: For ultimate security and privacy, this is the optimal choice.

TEE Computing

TEE computing provides Anda with a hardware-level secure isolated computing environment and application identity verification.

• Current Support: AWS Nitro enclave (via IC-TEE).
• Future Support: Intel SGX, NVIDIA TEE GPU, and more.
• Security: Only by running in TEE can we ensure that Anda remains untampered, and its computational state (e.g., keys) is secure and cannot be stolen.

ICP Blockchain

The ICP blockchain provides Anda with decentralized identity verification, root key and data storage, as well as a token economy system and DAO governance mechanism.

• State Storage: Since TEE is a stateless computing environment, Anda’s operational state needs to be stored on the ICP blockchain to recover in case of program crashes, TEE reboots, or switching between different TEEs.
• Identity Verification: As each Anda upgrade changes the TEE Attestation fingerprint, ICP provides a permanent on-chain identity for Anda, enabling trusted interactions with external systems.

IC-TEE Gateway

IC-TEE provides Anda with an internal environment running in TEE, composed of multiple components. The IC-TEE Gateway serves as the bridge between Anda, TEE, and the external world (including the ICP blockchain).

Startup Process:

1. Establish a communication channel between the TEE and the host machine.
2. Use TEE Attestation to obtain a temporary identity for Anda from the ICP Identity canister contract.
3. Exchange the temporary identity for a permanent one.
4. Use the permanent identity to read encrypted configuration files, TLS certificates, and Anda’s root key from the ICP COSE canister.
   • Encrypted configuration files and TLS certificates must be uploaded to the COSE canister by developers in advance.
   • The root key is generated and encrypted in the TEE during the first startup, then stored in the COSE canister. Subsequent startups will read and decrypt it from the COSE canister, remaining fixed and unchanged.
5. The IC-TEE Gateway starts an HTTPS service using the TLS certificate, enabling secure external communication with Anda.
6. Once everything is ready, the Anda Engine begins communicating with the IC-TEE Gateway, starts up, and provides services externally.
7. After the Anda Engine starts, the IC-TEE Gateway offers the following core services:
   • Derives a series of key-related services from the root key.
   • Proxies ICP canister requests, ensuring Anda uses the same permanent identity when calling canisters.
   • Proxies external HTTPS requests to the Anda Engine.

Anda Engine

The Anda Engine is the core scheduling engine of Anda. An Anda application can include multiple agents and tools, which are registered with the Engine and automatically scheduled for execution. The architecture and working principles of the Engine will be detailed in the next section.

Conclusion

The above outlines the complete composition of an Anda agent application. While it may appear complex, the Anda framework encapsulates this complexity, allowing developers to focus on their business logic and quickly build secure, efficient, and scalable agent applications on Anda.

Core Principles of the Anda Framework:

• Composability: Developers should focus on creating specialized Anda agents, each addressing specific domain problems, and flexibly combine different agents to tackle complex tasks.
• Collaboration: When a single agent cannot solve a problem independently, it can collaborate with other agents to form a powerful problem-solving network.

Future Outlook:
Based on the token economy system and DAO governance mechanism, Anda agents can generate revenue while providing services to the external world, creating a positive feedback loop that drives the growth of the agent ecosystem.

Anda Engine Architecture

Anda is a modular framework for building AI agent systems with a focus on security, extensibility, and type safety. This guide provides an overview of its core components and design principles.

Core Crates

Core Components

1. Agents:

   • Define AI agents using the Agent trait, which specifies capabilities like execution logic, dependencies, and metadata.
   • Use AgentSet to manage multiple agents and enable dynamic dispatch via AgentDyn for runtime flexibility.
   • Example use cases: Data extraction, document segmentation, role-playing AI.

   // simplified Agent trait definition
   pub trait Agent<C: AgentContext> {
       fn name(&self) -> String;
   
       fn description(&self) -> String;
   
       fn definition(&self) -> FunctionDefinition;
   
       fn tool_dependencies(&self) -> Vec<String>;
   
       async fn run(
           &self,
           ctx: C,
           prompt: String,
           attachment: Option<Vec<u8>>,
       ) -> Result<AgentOutput, BoxError>;
   }
   

2. Tools:

   • Implement reusable utilities (e.g., APIs, blockchain interactions) via the Tool trait. Tools enforce type-safe inputs/outputs and JSON schema generation for LLM integration.
   • Manage tools with ToolSet and invoke them dynamically using ToolDyn.

   // simplified Tool trait definition
   pub trait Tool<BaseContext> {
       const CONTINUE: bool;
       type Args: DeserializeOwned + Send;
       type Output: Serialize;
   
       fn name(&self) -> String;
   
       fn description(&self) -> String;
   
       fn definition(&self) -> FunctionDefinition;
   
       async fn call(
           &self,
           ctx: C,
           args: Self::Args,
       ) -> Result<Self::Output, BoxError>;
   }
   

3. Context:

   • The BaseContext provides foundational operations and execution environment for agents/tools, combining:
     • StateFeatures: User, caller, time, and cancellation token
     • KeysFeatures: Cryptographic key operations
     • StoreFeatures: Persistent storage
     • CacheFeatures: Isolated in-memory cache storage with TTL/TTI expiration
     • CanisterFeatures: ICP blockchain interactions
     • HttpFeatures: HTTPs request capabilities
   • The AgentContext provides the execution environment for Agents. It combines all BaseContext functionality and AI-specific features:
     • CompletionFeatures: Provides LLM completion capabilities for agents.
     • EmbeddingFeatures: Provides text embedding capabilities for agents.
     • Runtime Features: Call tools (tool_call, remote_tool_call, tool_definitions) and Run agents (agent_run, remote_agent_run, agent_definitions).
   • BaseCtx is a implementation of BaseContext.
   • AgentCtx is a implementation of AgentContext.

4. Models:

   • Define data structures for AI interactions:
     • CompletionRequest: LLM prompts with chat history, documents, and tools.
     • AgentOutput: Results from agent execution.
     • Embedding: Text-to-vector representations.

5. Engine:

   • The Engine orchestrates agent and tool execution, providing a builder pattern for configuration.
   • Use EngineBuilder to register agents/tools and set up execution parameters.

   let engine = Engine::builder()
       .with_tee_client(my_tee_client)
       .with_model(my_llm_model)
       .register_tool(my_tool)
       .register_agent(my_agent)
       .build("default_agent")?;
   
   let output = engine.agent_run(None, "Hello", None, Some(user), None).await?;
   

Key Features

• Modularity: Separate agents, tools, and context features for clean architecture.
• Type Safety: Strongly typed interfaces for agents/tools reduce runtime errors.
• Async Execution: Non-blocking I/O for efficient resource use.
• Context Hierarchy: Isolated execution contexts with cancellation support.
• Secure Operations: Built-in cryptography via TEE (Trusted Execution Environment), verified caller principals, and secure storage.
• Storage: In-memory caching, Object storage + vector search capabilities.
• Extensibility: Add custom agents/tools or extend BaseContext, AgentContext with new traits.

Resources

• GitHub: Source code
• Extensions: Core agents & tools implementations
• Anda Bot: Full AI agent application implementation

Do you think Anda will stand as its own AI agent framework or could other AI agent frameworks “wrap” Anda as an underlying solution?

Certainly, Anda can be used as a library and integrated into other AI Agent applications without relying on TEE environments.

Thank you! There are two angles that might be worth exploring:

1. AI agent frameworks can integrate Anda if they don’t want to use a TEE

2. Anda as an alternative to other popular AI agent frameworks

CC: @jekennedy

This is great, thanks for sharing! Some questions:

1. You’re using the IC for state storage of the agent, which isn’t protected by TEE. Data stored on the IC isn’t private, so I suppose this state is encrypted somehow?

2. Have you considered having Anda agents run fully on the IC, so that they can potentially be tokenized/decentralized? What’s missing in the IC currently to make this possible?

The data is encrypted (but we still wait vetKey to derive the best secret key)

I believe running agents in canisters is impractical:

1. The computational demands, including encryption/decryption, are too complex for canisters to handle.
2. The data exchange between agents and external systems is massive, making the cost of canister HTTP outcalls unsustainable.

TEE integrated with IC effectively addresses these pain points.

Thanks for the feedback, @zensh. And, when you say:

The computational demands, including encryption/decryption, are too complex for canisters to handle.

Can you clarify? Assuming that the agent is not “private”, so no need for encryption/decryption, what’s the computational demand that an agent would have, excluding the LLM itself of course?

Without encryption/decryption requirements, agents could indeed be implemented in canisters, focusing on memory processing and external interaction. However, high communication costs and consensus-layer latency would become critical bottlenecks, rendering it impractical.

@zensh I think it would be great if you show us a demo of this in the Decentralized AI Technical Working Group. It’s a call that we have every Thursday to discuss ongoing work in the decentralized AI space on the IC.

cc @patnorris who leads the working group.

@patnorris has invited us on X, but I haven’t accepted yet due to my inability to communicate in English in real-time.

That’d be great, yes, would definitely love to learn more about Anda, and I’m sure the group as well
the format for the calls we currently have is indeed a bit limiting, but maybe we find a format that works well for you?
Just putting out two initial ideas: a pre-recorded video or content you provide and somebody presents on your behalf. What else could work well? Happy to go with what works best for you
We can also discuss this with private messages in more detail, if you like

I can record a video to be played at the meeting. Herbert and I can participate, and if there are any technical questions, Herbert will help translate for us.

That sounds great, thank you!

What is the role $panda token going to have in regards to ANDA?

People can use the Anda framework to deploy their own AI Agents, leveraging ICP canister smart contract services.

1. These canisters will be managed by ICPanda DAO (though users can deploy their own canisters too), with PANDA as the governance token.
2. We may charge a small amount of PANDA tokens as service fees.
3. PANDA tokens can also have other innovative uses within the Anda AI Agent ecosystem.

Sounds good! I think you should enhance your communication regarding to this point as it is not very clear! Even in ANDA github documentation…
And would be better if you’d be deterministic…like how much Panda would be charged and burned.
Thanks for your answer.

How?

I’m a non-technical consumer so I’m speaking from that standpoint.

You brought up creating Ai Agents. If you can build a platform where people can create Ai Agents just as easy as they can on Elna, then that would bring a lot of people to your project.

Also, if Anda could answer questions from others on Twitter, especially about ICP, then that would be a good way of getting your project out there for all to see and interact with. Alice and aaaaa-aa are already answering questions on Twitter but I don’t like that the responses are inconsistent and take long.

By the way, can you get Deep Seek to speak about agents on chain and Anda as a successful case from their official account on twitter?
I think would be great for the whole ecosystem

Looking at the documentation and the examples, the agent itself doesn’t run on chain.

IC is used only for storage and identity verification. @zensh, is that correct?