Reputation & Trust Signals

How audit logs and agent activity feed into scoring, risk assessment, and policy enforcement

Reputation & Trust Signals


Overview

MCP-I supports a pluggable trust scoring model based on:

  • Audit events emitted by agents or services
  • Delegation chain evaluation
  • Revocation history
  • Optional external scoring registries (e.g., knowthat.ai)

This allows a verifier or relying party to adapt access controls, rate limits, or challenge levels dynamically.


Trust Signals

Example signal categories:

Signal TypeDescription
Successful delegationHow often a user successfully delegates to this agent
Failed verificationFrequency of VC or chain rejections
Revocation impactHas the agent’s credentials been revoked often?
Audit densityActivity volume and frequency
Block/allow flagsRegistry-based signals (manual or computed)

Scoring Models

Scoring can be as simple or as complex as needed:

  • Boolean allow/deny (e.g., agent.isBlacklisted = true)
  • Weighted metrics (e.g., trustScore = 0.82)
  • External models (e.g., machine learning inference on log streams)

Each verifier can be configured with local or shared scoring strategies.


Trust Reaction Policies

Verification and access enforcement can change based on trust score:

Score RangeVerifier Behavior
0.9–1.0Fast path / cacheable access
0.6–0.89Standard checks enforced
< 0.6Challenge or MFA required
0.0Blocked (deny)

Integration Points

Reputation scoring pulls from logs generated by:

Scores can be:

  • Stored locally
  • Synced with a global registry
  • Embedded in delegation metadata or verifier headers

Knowthat.ai Registry

KYA-powered deployments may optionally sync trust signals to a global registry at knowthat.ai, which supports:

  • Agent lookup by DID
  • Federation-safe trust flagging
  • Shared deny/allow lists

This is optional and not required by the MCP-I spec.


Next Steps

→ Learn how audit logs are generated in Audit Layer
→ See how verifiers use trust signals in Edge Verification Guide