No Client Identity
Create one to connect to servers
Create Identity

Trust Establishment Protocol

Watch how agents and servers establish secure, verified sessions. Each step builds cryptographic trust that enables tamper-evident audit trails.

ClientAgent
HandshakeRequest
ServerTool Provider
Step 1:HandshakeRequest@kya-os/contracts: HandshakeRequest

Client initiates connection by presenting its verifiable identity and supported capabilities.

Security Property

DID establishes cryptographic identity - the server can verify the client is who they claim to be.

DID-Based Identity

Agents present their decentralized identifier. No central authority required - identity is cryptographically verifiable.

Replay Protection

Each session includes a unique nonce. Even if traffic is intercepted, requests cannot be replayed.

Immutable Audit Trail

Every action is cryptographically sealed. Auditors can verify the complete chain of events years later.

Related Resources

Create a verifiable identityExplore proof generationW3C DID Specification