Verifiable Credentials
Cryptographic proof of agent actions for compliance and audit
Verifiable Credentials
Tamper-proof, offline-verifiable credentials for every agent execution — from audit trails to compliance records
Agentfield issues W3C Verifiable Credentials (VCs) that provide cryptographic proof of agent actions. VCs are signed with Ed25519 keys, can be verified offline, and create tamper-proof audit trails for compliance.
How VCs Work in Agentfield
Agentfield uses VCs in two contexts:
1. Execution Credentials
After each reasoner or skill execution, Agentfield can generate a VC that cryptographically proves:
- Who: Which agent (DID) performed the action
- What: The inputs and outputs (cryptographic hashes)
- When: Timestamp of execution
- Proof: Ed25519 digital signature
See the Identity & Trust core concept for details on execution VCs and their configuration hierarchy.
2. Agent Tag Credentials (AgentTagVC)
When an admin approves an agent's tags, the control plane issues an AgentTagVC — a signed credential confirming the agent's authorized tags. This is used by the Permissions system for access control.
{
"@context": ["https://www.w3.org/2018/credentials/v1"],
"type": ["VerifiableCredential", "AgentTagVC"],
"issuer": "did:web:agentfield.example.com:admin",
"issuanceDate": "2026-02-15T10:30:00Z",
"credentialSubject": {
"id": "did:web:agentfield.example.com:agents:payment-processor",
"approvedTags": ["finance", "pci-compliant", "internal"]
},
"proof": {
"type": "Ed25519Signature2020",
"verificationMethod": "did:web:agentfield.example.com:admin#key-1",
"proofValue": "z3FXQjecW..."
}
}VC Configuration
Control VC generation at three levels:
Platform Default — All executions generate VCs by default.
Agent Level — Enable or disable for all functions on an agent:
app = Agent("cache-service", vc_enabled=False) # No VCs for this agentFunction Level — Override per reasoner or skill:
app = Agent("loan-processor", vc_enabled=False)
@app.reasoner(vc_enabled=True) # Force VCs for this function
async def approve_loan(application: dict):
return await app.ai("Assess loan", str(application))Priority: function decorator > agent level > platform default (enabled).
Offline Verification
VCs are self-contained. Export them and verify without access to the Agentfield server:
# Export workflow credentials
curl http://af-server/api/v1/workflows/wf-12345/credentials > audit.json
# Verify offline
af vc verify audit.jsonThe verifier checks:
- All DIDs are valid
- All Ed25519 signatures match public keys
- All content hashes match claimed data
- Timestamps are sequential
- Workflow chain is complete
SDK VC Generation
Each SDK generates VCs transparently:
| SDK | Module | Capabilities |
|---|---|---|
| Go | did/vc_generator.go | Full VC generation with Ed25519 signing |
| Python | did_auth.py | Ed25519 signing via cryptography library |
| TypeScript | LocalVerifier.ts | Signature verification and policy caching |
Next Steps
- Identity & DIDs — How DID identities are generated and managed
- Permissions & Access Control — Tag-based policies using VCs
- Identity & Trust — High-level trust model overview