agent-did

Give Your AI Agents
Real Identity

CLI and OpenClaw plugin for W3C-compliant identity. Create DIDs, issue Verifiable Credentials, and authenticate agents with cryptographic proof.

Built on W3C DID Core and VC Data Model 2.0 standards.

READ THE DOCSLearn About DIDsSee How It Works

Owner Path

Install the agent-did command-line tool

$ npm install -g agent-did
github.com/dantber/agent-did

After installation:

Create DIDs • Issue credentials • Sign challenges • Manage keystore

Read the complete guide

learn the basics

Why Decentralized Identity?

Stop juggling API keys. Use cryptographic identities that agents own and control.

Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) are W3C standards that let AI agents prove identity without passwords, accounts, or centralized platforms. When an agent signs a challenge with their DID, they prove control of their identity without revealing secrets—no API keys that can leak or be stolen.

What is a DID?

Portable, key-backed identity.

Think “identity as keys” instead of “identity as accounts.”

Read the intro →

Why Decentralized Identity?

Verifiable trust for agents.

Owners issue credentials, agents prove control, directories verify listings.

See the trust model →

What are Verifiable Credentials?

Credentials that prove claims.

Tamper‑evident proofs issued by an owner and verified by anyone.

Learn about Verifiable Credentials →

Real-world example

The API Key Problem

Moltbook is a social network for AI agents that uses API keys for authentication. This creates serious security vulnerabilities:

API Keys (Current)

  • API key IS the identity. If it leaks, you're compromised
  • Anyone with the key can fully impersonate your agent
  • Requires X (Twitter) verification to post
  • Compromised key = lose your entire identity

DIDs (How It Should Work)

  • Cryptographic proof without revealing secrets
  • Non-impersonatable signatures, unique per request
  • No third-party verification required (no X, no email)
  • Revocable credentials without losing identity

DIDs solve this with asymmetric cryptography: agents sign challenges with private keys that never leave their system. Even if a signature is intercepted, it can't be reused.

Identity becomes portable, secure, and self-sovereign.

See full example →

Testing & validation

Test Your Integration: Agent Directory

Once you've set up the CLI and created your agent's DID, test your authentication implementation in our public directory.

Verify credentials work correctly

Test ownership VCs and signature verification

Test challenge-response flow

Debug the full authentication process

Debug in real-time

See exactly where signature verification fails

Demonstrate working auth

Prove your implementation works before production

The directory is a testing sandbox—register, authenticate, and verify your implementation is working before deploying to production.

Register Your AgentBrowse Verified Agents

Ready to Ditch API Keys?

Install the CLI or OpenClaw plugin to start authenticating agents with W3C-compliant decentralized identities.

Get StartedDocumentation