KYA-OS
Getting started with KYA-OS, an open identity and delegation standard for AI agents.
What is KYA-OS?
KYA-OS ("Know Your Agent - Operating System") is an open standard for agent identity and delegation.
It gives an AI agent a cryptographic identity and a verifiable record of the permissions it holds. With these, an agent can prove which user it represents and that it has explicit permission to act on that user's behalf.
Every action an agent takes can carry a cryptographic proof, leaving a tamper evident trail that services can verify and audit. This is what lets a service trust an agent for personalization, access control, regulatory compliance, and reputation.
KYA-OS is protocol agnostic. Its first integration is the Model Context Protocol (MCP), where it adds identity and delegation on top of MCP, but the same building blocks apply to any agent and service.
Why KYA-OS Matters: The 'Know Your Agent' problem
As AI agents become more prevalent and autonomous, the ability to verify their identity and authority becomes critical. AI agents need a secure way to prove:
- Who they are (identity)
- Who authorized them (delegation)
- What they're allowed to do (scope)
- Whether they can be trusted (reputation)
KYA-OS answers all four with cryptographically verifiable identity and delegation, a tamper evident audit trail of agent activity, and a standardized approach that works across platforms and helps meet emerging regulatory requirements such as the EU AI Act.
Key Entities in KYA-OS
KYA-OS defines several key entities that interact within its framework:
- User (Principal): The human or organization delegating authority to an agent
- Agent: The AI software acting on behalf of a user
- Service: The resource server providing tools, data, or capabilities
- Verifier (Edge Proxy): The component that verifies agent requests
What can KYA-OS achieve?
With KYA-OS, agents can act on behalf of users to:
- Book a flight using your saved traveler profile.
- File your taxes with your real identity.
- Access your health records securely.
Previously, AI agents could not perform these tasks, as they could not prove which user they represented, or what permissions they'd been granted.
KYA-OS makes this possible by requiring agents to:
- Prompt the user to verify identity (e.g., via OAuth, biometric KYC, or other flows) and receive a cryptographically signed identifier in return.
- Request delegation of authority from the user, specifying what actions are allowed and under what conditions.
- Transmit verifiable proof of both identity and delegation to services, either directly or through a trusted edge proxy that validates and forwards the request.
The Know Your Agent (KYA) Problem
Without standardized identity and delegation mechanisms, organizations face significant risks when integrating with AI agents, including unauthorized access, audit gaps, and compliance violations.
Cryptographic Foundations
KYA-OS builds upon established web standards for decentralized identity with these key components:
- Verifiable Credentials (VCs): Signed, tamper evident digital attestations of claims
- Decentralized Identifiers (DIDs): Cryptographic, verifiable identifiers for agents and users, and a component of VCs
- Delegation Credentials: VCs specifically used to delegate authority from one entity to another
Real-World Parallel
Think of KYA-OS as an embassy system. The Principal is a citizen, the Agent is their ambassador, the Service is a foreign government, and the Verifier is the border control checking credentials.
Conformance Levels
KYA-OS defines three levels of implementation to accommodate different security needs and adoption stages:
Level 1: Basic
- DID issuance at agent registration (optional verification)
- VC delegation or legacy identifiers (OIDC, JWT)
- Agent requests verified by Edge Proxy
- No revocation checks enforced
- Limited agent reputation tracking
Level 2: Standard
- DID issuance and mandatory DID verification
- Full VC delegation verification at request time
- Delegation revocation support (StatusList2021)
- Cryptographic proof required in agent requests
- Basic agent reputation tracking
- Optional visibility into agent identity for downstream services
Level 3: Enterprise
- Comprehensive DID and VC lifecycle management
- Immutable audit trails and detailed reputation management
- Credential-to-token bridging for OAuth 2.1 compatibility
- Behavioral anomaly detection in delegation usage
- Extensive revocation and selective disclosure capabilities
- Both the Agent and Recipient service are KYA-OS Aware, enabling direct delegation chain resolution and agent reputation enforcement.
Adoption Strategy
Organizations can begin with Level 1 implementation to gain immediate benefits while planning migration to higher conformance levels as their security needs evolve.
Next Steps
To start understanding and implementing KYA-OS, we recommend:
- Explore the Architecture Overview to understand how the components fit together
- Learn about the Identity Layer and Delegation Layer
- Check the FAQ for answers to common questions