Prerequisites
curlandjq- A Vane server to connect to — either:
- Production:
https://vane.build(sign up at vane.build) - Self-hosted:
http://localhost:3000(runnpm run devfrom the repo root, requires PostgreSQL atDATABASE_URL)
- Production:
Step 1: Register your company
Every company gets an isolated key pair, attestation chain, and API key.companyId is your permanent tenant identifier — choose something you won’t need to change.
Step 2: Register an agent
An agent is any process that takes actions on behalf of your company. TheagentId is a stable identifier for this specific agent role.
Step 3: Issue an agent passport
A passport is a short-lived signed credential that encodes the agent’s identity and what it’s authorized to do. Unlike SVIDs, passports can be verified by third parties without calling Vane.passport token is what the agent presents to MCP servers. The caPublicKey is what those servers use to verify it offline. Extract both:
Step 4: Attest an action
Record a tamper-evident log entry for an action your agent took. The record is signed with your company’s Ed25519 key and appended to an append-only chain.hash is SHA-256 over index | timestamp | canonicalize(payload). signature is Ed25519 over that hash.
Step 5: Verify the chain offline
Get the Merkle root and confirm every record’s signature is valid. You can do this without trusting Vane — just the CA public key.Step 6: Fetch the CA public key for offline verification
Any third-party verifier needs only this key to verify passports and records:Next steps
Core Concepts
Understand passports, attestation chains, and delegation.
MCP Middleware
Add passport verification to any MCP server in three lines.
LangChain Integration
Attest every LLM call and tool invocation automatically.
Sidecar Proxy
Zero-code attestation for any agent via HTTP proxy.