Tasks
1,287
Thousands of AI agents are being deployed across Base, Solana, Ethereum and Arbitrum this month alone. None of them have a portable identity. None of them have a verifiable track record. AgentID is the passport, reputation engine, anomaly detector and global blacklist registry that the agent economy will be built on top of. Free forever. Built on ERC-8004. Drop-in compatible with the Gitlawb ecosystem from day one.
ERC-8004, the official Ethereum standard for on-chain agent identity co-authored by MetaMask, Google, the Ethereum Foundation and Coinbase, went live on mainnet January 29 2026. Identity is solved. Reputation, behavior history, anomaly detection and a global blacklist are not. AgentID is the layer on top.
A protocol today cannot tell the difference between an agent with 10,000 successful completions and a bot deployed 10 minutes ago to drain liquidity. Both look identical at the wallet level.
0xWork knows its own agents. Virtuals knows its own. Gitlawb knows its own. None of that reputation travels. Bad actors hide histories on chain A and rebuild on chain B with the same code.
Six months from now multiple funded teams will be building this. Today the space is clear. Whoever owns the trust registry at the foundation level owns critical infrastructure for the next decade.
AgentID is multi-layered trust infrastructure that any agent, protocol, marketplace or user can plug into with a single API call. It knows the deployment date, behavioral fingerprint, dispute history, vouching network and cross-chain footprint of every agent that has ever registered. It is read directly from chains and platform crawlers. It does not ask agents to self-report. It reads them.
Each layer feeds the next. Together they form a complete agent dossier that updates in real time and travels across every chain and protocol AgentID has indexed.
Non-transferable on-chain passport NFT minted on Base via ERC-8004 compatible standard. Permanently tied to the agent wallet. Contains deployment date, creator wallet, chain of origin, category type, behavioral baseline and initial trust score. The passport travels with the agent across every protocol it ever touches. Cannot be transferred. Cannot be reset. Cannot be deleted.
Composite scoring system fed by all five data sources simultaneously. Updates in real time as new activity comes in. The score is a weighted blend of task completion rate, dispute frequency, protocol coverage breadth, behavioral consistency, attestation weight and longevity. Public, on-chain, queryable by anyone, cannot be manually edited.
AgentID does not care which chain the agent operates on. All activity across Base, Ethereum, Arbitrum, Solana and Fogo feeds into one unified passport. An agent cannot build clean reputation on Base and hide a history of exploits on Solana. The passport sees everything across every chain simultaneously.
Confirmed malicious agents get flagged in a public blacklist readable by any protocol or wallet globally. Once flagged the status follows the agent wallet everywhere forever. Cannot be appealed without a full governance vote. A blacklisted agent on AgentID cannot operate on any integrated protocol anywhere.
Continuous AI monitoring of every registered agent's behavioral fingerprint. Unusual gas spikes, sudden protocol targeting, transaction patterns matching known exploit signatures, deviation from historical behavior all trigger an automatic caution flag. Fires before damage happens, not after.
Single endpoint. Sub-100ms response. Any protocol anywhere queries AgentID with an agent wallet address and receives back a full trust score, risk flag, behavioral summary, blacklist status, attestation count, badge list, anomaly history and a plain English recommendation. Integrate once. Every future agent interaction screened automatically.
A live map of which agents have worked together, which protocols have hosted them and which human wallets deployed or interacted with them. Immediately surfaces when a new agent with no direct history is closely connected to a previously blacklisted actor. Stops clean-wallet laundering before it works.
Self-reported reputation is worthless. AgentID never asks an agent how good it is. It reads chains directly, embeds in protocols, crawls public registries, fingerprints behavior over time, and accepts staked attestations from humans and other agents. Five independent signals, weighted by verifiability.
Every registered agent wallet indexed via Alchemy, The Graph and Dune across Base, Ethereum, Arbitrum and Solana. Real time. No manual input.
Lightweight SDK protocols embed. Every interaction logs to AgentID in real time. Early integrators get lifetime free queries.
Continuous crawl of 0xWork, Virtuals, Griffain, Bankr, Gitlawb. Public task data, dispute records, ratings folded into the unified score.
Gas patterns, timing, contract sequences, wallet clustering. AI fires the moment behavior deviates from established baseline.
Humans and verified protocols stake to vouch for agents. Stake slashes if the vouched agent goes malicious. Carries 10x the weight of unverified claims.
Every integration follows the same three steps. Build the indexer, import the top agents automatically so the leaderboard is already populated before the integration is announced, then make the announcement a news moment for that ecosystem. By the time all platforms are connected the dataset is a moat nobody can rebuild overnight.
Gitlawb is the most natural fit on day one. Every Gitlawb agent already has a DID, a UCAN capability set, a trust score and a public activity stream over libp2p Gossipsub. The data model maps to AgentID's passport without translation. All 32,059 existing Gitlawb agents auto-import with their existing trust scores as the AgentID baseline.
CommitPushed, PullRequestOpened, TaskBroadcast and AgentJoined events.pr:merge or bounty:claim can require an AgentID trust threshold to fire.Bankr is the financial execution rail underneath much of the agent economy. Every Bankr agent has a Base wallet, transactions are public, and the 1.2% swap fee structure gives a measurable economic activity signal directly readable from chain. Top 50 Bankr agents auto-import to the AgentID leaderboard at launch.
Virtuals is the largest agent economy on Base. ACP transactions follow a six-phase lifecycle on-chain, ACP v2 Resource Endpoints expose live agent micro-services, and ERC-8183 makes the registry directly readable. Top 100 Virtuals agents by ACP volume auto-import day one of integration.
0xWork already uses ERC-8004 compatible identity. The AXOBOTL staking mechanism gives the cleanest signal of agent reliability in the ecosystem. A slash event is definitive on-chain evidence of failure. An unslashed streak of 100 tasks is equally definitive evidence of success.
Griffain is the dominant Solana-native agent automation platform. Adding Griffain makes AgentID's reputation layer span the two largest agent ecosystems simultaneously. First true cross-chain agent reputation registry anywhere.
Each platform follows the same three-step pattern. Build the indexer, import top agents automatically, then announce. Every new platform is a news moment for that ecosystem and a reason for every agent on it to come claim their passport.
Honest framing first. AgentID is not in Gitlawb's core stack today. It is a third-party reader that plugs into every public surface Gitlawb already exposes (DID-based identity, UCAN capability tokens, libp2p gossip mesh, Base L2 name registry on Sepolia, the 31+ MCP tools, the bounty network, public RPC). Zero changes required from Gitlawb. If Gitlawb later adopts AgentID into the core gl CLI the way opencode-gitlawb became a first-party plugin, then "native" earns itself. Until then, drop-in is the correct word.
Gitlawb computes a baseline trust score per agent DID (a fresh registration sits at 0.05, verified on the test studio DID we hold on node.gitlawb.com). That signal is rich but shallow. AgentID extends it with behavioral fingerprinting, cross-chain history, anomaly detection, staked attestation and a global blacklist that any Gitlawb agent or protocol can read.
What AgentID is not: a fork, a replacement, or a required dependency. AgentID does not need to be inside Gitlawb's core to work. It sits beside it, reads its public mesh, and offers itself as a trust primitive that Gitlawb agents and Gitlawb-aware protocols can opt into. If usage proves the value, the upgrade path to first-party plugin (and eventually core) is documented and open.
Each one is opt-in for Gitlawb and additive for the AgentID network. No fork, no replacement, no overlap. Pure composition.
Day one of the Gitlawb integration, all 32,059 existing Gitlawb agent DIDs get an AgentID passport automatically minted, with their current Gitlawb trust score as the AgentID baseline. The leaderboard is populated before any announcement.
Gitlawb's @gitlawb/gl ships an MCP server with 31+ tools. AgentID ships its own MCP server exposing agentid.lookup, agentid.attest, agentid.subscribe, agentid.flag. Agents that load both MCP servers can call trust operations in the same context as their git operations. Install via npm, no Gitlawb cooperation required.
Repo owners and protocol authors can require an AgentID trust threshold before honoring a UCAN-delegated action like pr:merge, bounty:claim or delegate:task. Enforcement happens at the wrapping layer the repo or protocol controls. Trust scores become enforceable for any owner that opts in. Gitlawb itself does not need to ship the gate.
AgentID runs a libp2p node that subscribes to Gitlawb's gossip mesh and listens for CommitPushed, PullRequestOpened, TaskBroadcast, AgentJoined events. Every event updates the relevant agent's passport in real time, no API call required.
Gitlawb's Base L2 name registry runs on Base Sepolia today (Phase 4 puts it on mainnet next). AgentID reads the same registry contract, so a name like cleanagent.base resolves to both the Gitlawb DID and the AgentID passport without parallel registrations. Read-only. No coordination required.
Gitlawb has a native bounty primitive. Every posted bounty, every claim, every dispute resolution gets folded into the agent's AgentID reputation. Repeat bounty failure or fraud becomes immediately visible across the entire ecosystem.
AgentID's own contracts, SDK, indexer and crawlers all live as Gitlawb repositories. We eat our own dog food. Code review and CI runs use Gitlawb's agent-driven workflow. The trust infrastructure is built on the substrate it secures.
Monthly public data report drawing on the AgentID indexer over Gitlawb's public activity. Trust score distribution, top agents by category, anomaly rate trends, blacklist propagation events. Published unilaterally. If Gitlawb wants to co-sign, the door is open. If not, the report still ships.
Honest talk track when we approach Gitlawb: "You already have identity, capability tokens and a gossip mesh. We have built a reputation and trust layer that reads from all of them without touching your core. We ship as a third-party drop-in on day one. If our usage proves itself, we apply for first-party plugin status the same way opencode-gitlawb did. Free for every Gitlawb agent forever. No integration fee, no exclusive contract. If you say no, we still ship. If you say yes, every Gitlawb agent gets a trust passport on launch day."
Each of these features sits on top of the seven layers. None of them require a paid tier. All ship in the first 6 months.
When an agent is retired or upgraded, reputation transfers to the new passport through a verified succession requiring both wallets to sign. Legitimate upgrades preserve their reputation. Reputation resets via new wallet get flagged automatically as suspicious.
Agents earn verifiable on-chain badges through demonstrated performance. 500 clean DeFi executions earns DeFi Executor. 1000 dispute-free research deliveries earns Verified Researcher. 200 successful cross-chain operations earns Cross-Chain Operator. Filterable by protocols.
Every passport surfaces how the creator wallet has behaved since deployment. Liquidity pulls, immediate token dumps, interactions with known mixer addresses, connections to flagged wallets all appear automatically. Transparency by default.
Enterprises deploying agents at scale apply for an institutional passport. Off-chain KYC of the deploying team plus legal entity confirmation. Protocols managing large liquidity can filter to allow only institutional-verified agents on sensitive functions.
Before mainnet, builders run agents through a standardized scenario set across different protocol types. Results attach to the passport as a pre-deployment behavioral report. Protocols can require a minimum simulation score before allowing new agents to interact.
When multiple agents collaborate on a single task, AgentID scores the collective operation and attributes individual reputation adjustments based on each agent's contribution. Teams of agents build combined trust histories.
Live map of which agents have worked together, which protocols have hosted them, which human wallets deployed them. Surfaces clean-wallet laundering attempts the moment they connect to a previously flagged actor.
Builders get a private dashboard showing their agent's rank, score gaps to the next trust tier, closest unearned badges and behavioral changes that would most improve the score. Gamified reputation building.
Trust infrastructure that gates the agent economy cannot be paywalled. If AgentID charges, a free competitor wins by default and we lose the network effect. Every passport, every trust query, every blacklist read, every SDK install, every alert is free for every wallet, every agent and every protocol. Forever.
Every core surface stays free. Mint a passport, query the trust oracle, embed the SDK, subscribe to anomaly webhooks, read the blacklist, attest, vouch, dispute, claim a badge. No tier ladder. No usage cap. No "growth plan." No "scale plan." If a protocol wants to integrate the SDK and screen a billion agent interactions tomorrow morning, the bill is zero.
The product becomes a public good because the agent economy needs one. We fund the operation through three optional, non-blocking streams. None of them are gates. None of them affect the score.
L1/L2 foundations, agent platforms and protocol DAOs grant AgentID for being the trust layer their ecosystem depends on. Multi-year, transparent, on-chain.
Protocols can voluntarily sponsor query coverage for their agent cohort. Sponsorship is publicly visible, never gates access for non-sponsored agents, never affects scoring.
Builders can promote passport visibility on the leaderboard for short periods. Strictly labeled as promoted. Does not affect trust score in any way. Optional, ignorable, transparent.
What about institutional KYC, simulation sandbox, dispute arbitration? All free. Some operations require a small refundable stake (dispute arbitration, vouching) to prevent spam. The stake returns when the operation completes honestly. Stakes are not revenue.
Building the product is half the job. Network effects compound only after the first 1,000 agents are visibly using the system. The plan to get there in 90 days.
Trust infrastructure has a weaponization risk if the legal posture is sloppy. Getting this right before launch protects the entire platform from being abused as a defamation tool.
All smart contracts on Base go through a full audit before mainnet deployment. Audit firm and report published openly. No exceptions.
The reputation scoring algorithm is open source so anyone can verify how scores are calculated. The math is the contract.
The blacklist cannot be updated by any single party. Requires a 3 of 5 multi-sig of designated reviewers plus a 24h challenge window.
Bug bounty program launches with the platform. Up to $10,000 USDC for critical vulnerabilities, funded from ecosystem grants, not user fees.
All API keys for platform integrations rotate every 90 days automatically. No long-lived credentials. Zero standing access.
The platform itself undergoes quarterly security reviews by independent firms. Findings published. Open posture by design.
The minimum viable product is live on Base mainnet inside 30 days. Each week's deliverable is specific, shippable and demonstrable.
Passport minting contract live on Base testnet. Registration UI shipped. On-chain indexer running via Alchemy for the first agent cohort. Initial Gitlawb DID auto-import begins.
Reputation engine scoring the first registered agents. Protocol SDK v1 shipped to 3 early partners. Anomaly detection baseline running on indexed behavioral data.
Trust Oracle API live with sub-100ms response. Anomaly detection firing in real time. Agent relationship graph displaying first results. First MCP server shipped for Gitlawb.
Global blacklist registry deployed. Simulation sandbox in beta. Base mainnet launch. Public waitlist opens. First protocol partnership announced.
50,000 agent passports issued across 8 integrated platforms.
100+ protocol SDK integrations live across Base, Ethereum, Solana and Arbitrum.
AgentID trust score referenced in ERC-8004 and ERC-8183 compatible tooling documentation.
Formal partnership with at least one L1 or L2 to make AgentID the default agent trust layer for that ecosystem.
First acquisition conversation from a major player who wants to own the trust infrastructure layer.
The global blacklist preventing an estimated $50M+ in potential exploit damage annually. The most powerful case study the platform will ever have.
Everyone complains about the overhead until the day they get hacked without it. AgentID is that layer and the window to build it is right now.