Building the trust layer for AI agents β the identity, audit, and memory primitives enterprise teams need before agents can actually ship.
π» Computer Engineering Β· I.O.E. Pulchowk Campus, Nepal
π sumityadav.com.np Β· Google Scholar Β· X @Rocker_Ritesh
π echo 'cm9ja2Vycml0ZXNoNEBnbWFpbC5jb20K' | base64 -d
My bet: memory without identity can't be audited, and identity without memory can't be explained. Enterprise AI trust needs both halves β and today they're being built in isolation. I'm building them as one system.
| Repo | What it is | Stack |
|---|---|---|
| agentguard | Zero-trust security plane for AI agents. Every agent gets a SPIFFE X.509 identity; every tool call flows through an OPA policy engine and mTLS proxy; every action lands in an append-only audit log. Service-mesh primitives for agents. | Go Β· Python SDK Β· React dashboard |
| sumit-server | Audited memory infrastructure for agents β every read and write carries a queryable transaction trail. 18 MCP tools, live on HF Spaces. | Python Β· Qdrant Β· MCP |
| spiffe-core | A minimal SPIFFE implementation (Workload API, trust bundles, attestation) β the identity substrate AgentGuard builds on. | Python Β· FastAPI |
| trat-multi-agent | Reference build of IETF Transaction Tokens (TraT) applied to multi-agent AI workflows: TxTS + gateway + agent pipeline, end-to-end. | Python Β· TypeScript |
Each repo cross-links the others so any of them walks you through the whole story. Open to conversations with investors and design partners β happy to demo.
- π§ͺ Tatva β the dashboard for sumit-server: transaction trail, access stats, memory versioning.
- π Blogs / Canvas β thinking-in-public on agent trust, memory, and identity.
- π€ agents.ai β multi-agent orchestration playground with semantic agent selection.
- π bio-llm β in-browser semantic RAG experiment.
- π§ vibe-coder β an agent that scaffolds Streamlit + FastAPI projects from plain English.
β‘ Fun fact: read 100%, understand <10% (without music).