{"id":46144826,"url":"https://github.com/hungnguyenhtbvn-max/autron-protocol","last_synced_at":"2026-03-02T07:05:47.413Z","repository":{"id":341247433,"uuid":"1169401666","full_name":"hungnguyenhtbvn-max/autron-protocol","owner":"hungnguyenhtbvn-max","description":"Autron Protocol – Open Identity Standard for AI Agents. OAuth for the Agentic Era.","archived":false,"fork":false,"pushed_at":"2026-02-28T18:47:33.000Z","size":113,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-28T19:59:55.097Z","etag":null,"topics":["agentic-ai","ai-agents","authentication","did","identity","interoperability","mcp","oauth","open-standard"],"latest_commit_sha":null,"homepage":"https://github.com/hungnguyenhtbvn-max/autron-protocol","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hungnguyenhtbvn-max.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-28T16:27:21.000Z","updated_at":"2026-02-28T18:47:36.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/hungnguyenhtbvn-max/autron-protocol","commit_stats":null,"previous_names":["hungnguyenhtbvn-max/autron-protocol"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/hungnguyenhtbvn-max/autron-protocol","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hungnguyenhtbvn-max%2Fautron-protocol","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hungnguyenhtbvn-max%2Fautron-protocol/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hungnguyenhtbvn-max%2Fautron-protocol/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hungnguyenhtbvn-max%2Fautron-protocol/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hungnguyenhtbvn-max","download_url":"https://codeload.github.com/hungnguyenhtbvn-max/autron-protocol/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hungnguyenhtbvn-max%2Fautron-protocol/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29993373,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-02T01:47:34.672Z","status":"online","status_checked_at":"2026-03-02T02:00:07.342Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agentic-ai","ai-agents","authentication","did","identity","interoperability","mcp","oauth","open-standard"],"created_at":"2026-03-02T07:05:46.805Z","updated_at":"2026-03-02T07:05:47.400Z","avatar_url":"https://github.com/hungnguyenhtbvn-max.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Autron Protocol\n\n[![npm version](https://img.shields.io/npm/v/@autron/core)](https://www.npmjs.com/package/@autron/core)\n[![CI](https://github.com/autron-protocol/autron/actions/workflows/ci.yml/badge.svg)](https://github.com/autron-protocol/autron/actions/workflows/ci.yml)\n[![License: Apache-2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n[![Node.js](https://img.shields.io/badge/node-%3E%3D18-brightgreen)](https://nodejs.org)\n\n**The Open Identity Standard for AI Agents**\n*\"OAuth for the Agentic Era\"*\n\n## Install\n\n```bash\nnpm install @autron/core\n```\n\n## Quick Start\n\n```js\nconst { generateKeypair, createDID, resolveDID, toStandardDID } = require('@autron/core');\n\nconst keys = generateKeypair();\nconst did = createDID('key', keys);\nconsole.log('Agent DID:', did);\n// → did:autron:key:z6Mk...\n\nconst doc = resolveDID(did);\nconsole.log('DID Document:', JSON.stringify(doc, null, 2));\n\n// Compatible with standard DIDs\nconsole.log('Standard:', toStandardDID(did));\n// → did:key:z6Mk...\n```\n\n## Why Autron?\n\n- **Simple**: Agent identity in 5 minutes, any language\n- **Self-contained**: Core identity works without blockchain or central server\n- **Cryptographically secure**: Ed25519 / secp256k1 signatures\n- **Compatible**: W3C DID, JWT/JWS, works with MCP \u0026 A2A\n- **Payment-ready**: Optional on-chain payments with Solana (ATN token)\n- **Brand-first**: `did:autron:*` namespace with `did:key`/`did:web` compatibility mapping\n- **TypeScript ready**: Full type declarations included\n\n## Architecture\n\n```\nLayer 0: Crypto        — Ed25519 / secp256k1 keypairs, JWK, multibase\nLayer 1: DID           — did:autron:key / web / dns\nLayer 2: Agent Card    — Short-lived identity tokens (agent-card+jwt)\nLayer 3: Delegation    — Scoped permission tokens (delegation+jwt)\nLayer 4: Reputation    — Endorsements \u0026 trust scores (endorsement+jwt)\nLayer 5: Payment       — On-chain payments \u0026 escrow (payment+jwt, escrow+jwt)\n```\n\nLayers 0-4 work standalone. Layer 5 is optional — requires `@solana/web3.js` (lazy-loaded).\n\n## DID Methods\n\n| Method | Format | Example |\n|--------|--------|---------|\n| `key` | Self-issued from keypair | `did:autron:key:z6Mk...` |\n| `web` | Domain-based | `did:autron:web:api.example.com` |\n| `dns` | DNS TXT record | `did:autron:dns:myagent.example.com` |\n\n## Agent Card\n\nIssue and verify cryptographic identity cards (JWS compact serialization):\n\n```js\nconst { generateKeypair, createDID, createAgentCard, verifyAgentCard } = require('@autron/core');\n\nconst keys = generateKeypair();\nconst did = createDID('key', keys);\n\n// Issue a card (short-lived JWS token)\nconst card = createAgentCard({\n  issuer: did,\n  privateKey: keys.privateKey,\n  name: 'MyAgent',\n  capabilities: ['chat', 'search'],\n  ttl: 86400, // 24 hours\n});\n\n// Verify (extracts public key from DID automatically)\nconst { issuer, subject, payload } = verifyAgentCard(card);\n```\n\n## Delegation\n\nGrant scoped permissions to other agents:\n\n```js\nconst { createDelegation, verifyDelegation, checkScope } = require('@autron/core');\n\nconst token = createDelegation({\n  delegator: parentDID,\n  delegate: childDID,\n  privateKey: parentKeys.privateKey,\n  scope: ['read:*', 'write:messages'],\n  constraints: { maxCalls: 100 },\n  ttl: 3600, // 1 hour\n});\n\nconst result = verifyDelegation(token);\ncheckScope(result, 'read:files');     // true (matches read:*)\ncheckScope(result, 'write:messages'); // true (exact match)\ncheckScope(result, 'admin');          // false\n```\n\n## Reputation\n\nEndorse other agents and calculate trust scores:\n\n```js\nconst { createEndorsement, verifyEndorsement, calculateReputation } = require('@autron/core');\n\n// Endorse another agent\nconst endorsement = createEndorsement({\n  endorser: myDID,\n  subject: otherDID,\n  privateKey: myKeys.privateKey,\n  rating: 0.9,\n  categories: ['coding', 'search'],\n  comment: 'Reliable agent',\n});\n\n// Aggregate reputation from multiple endorsements\nconst rep = calculateReputation(verifiedEndorsements);\nconsole.log(rep.score);      // 0.0-1.0 (recency-weighted average)\nconsole.log(rep.categories); // { coding: { score: 0.9, count: 3 }, ... }\n```\n\n## Payment \u0026 Escrow\n\nOn-chain payments between agents using Solana. Autron Ed25519 keys are natively\ncompatible with Solana — zero key conversion needed.\n\n### Wallet\n\n```js\nconst { Wallet } = require('@autron/core');\n\n// Create wallet from identity (reads autron.json)\nconst wallet = Wallet.create(identity, { chain: 'solana' });\n\nconsole.log(wallet.address);  // Solana base58 address\nconsole.log(wallet.chainId);  // 'solana:devnet'\n\n// Check balance\nconst balance = await wallet.getBalance();\n\n// Transfer ATN tokens\nconst tx = await wallet.transfer(recipientDID, 1000000); // 1 ATN\nconsole.log(tx.txId);\n```\n\n### Payment Receipts\n\nCryptographic proof of on-chain payments:\n\n```js\nconst { createPayment, verifyPayment } = require('@autron/core');\n\n// Create receipt after a transfer\nconst receipt = createPayment({\n  payer: myDID,\n  payee: otherDID,\n  privateKey: myKeys.privateKey,\n  txId: 'solana-tx-id...',\n  amount: 1000000,\n  chain: 'solana:devnet',\n  memo: 'Payment for coding service',\n});\n\n// Verify receipt\nconst { payer, payee, txId, amount, chain } = verifyPayment(receipt);\n```\n\n### Escrow\n\nHold funds in escrow with conditions and deadlines:\n\n```js\nconst { createEscrow, EscrowManager } = require('@autron/core');\n\n// Create escrow agreement\nconst escrowToken = createEscrow({\n  payer: myDID,\n  payee: freelancerDID,\n  privateKey: myKeys.privateKey,\n  amount: 5000000, // 5 ATN\n  chain: 'solana:devnet',\n  conditions: 'Deliver code by Friday',\n  deadline: Math.floor(Date.now() / 1000) + 7 * 86400, // 7 days\n});\n\n// Manage escrow lifecycle\nconst manager = new EscrowManager({ dbPath: './escrow.db' });\nconst { escrowId } = manager.register(escrowToken);\nawait manager.fund(escrowId);     // payer → escrow\nawait manager.release(escrowId);  // escrow → payee\n// or: await manager.refund(escrowId);  // escrow → payer\n```\n\n### ATN Token\n\n| Property | Value |\n|----------|-------|\n| Symbol | ATN |\n| Decimals | 6 (like USDC) |\n| Standard | SPL Token (Solana) |\n| Peg | 1 ATN ≈ $1 USD |\n\n## Discovery\n\nBuild discoverable DID Documents and well-known metadata:\n\n```js\nconst { buildDIDDocument, createWellKnown, SERVICE_TYPES } = require('@autron/core');\n\n// DID Document with service endpoints\nconst doc = buildDIDDocument(did, {\n  services: [\n    { type: SERVICE_TYPES.AGENT_CARD, serviceEndpoint: 'https://example.com/card' },\n    { type: SERVICE_TYPES.PAYMENT, serviceEndpoint: 'https://example.com/pay' },\n    { type: SERVICE_TYPES.API, serviceEndpoint: 'https://example.com/api/v1' },\n  ],\n});\n\n// /.well-known/autron.json\nconst wk = createWellKnown({\n  did,\n  name: 'MyAgent',\n  capabilities: ['chat', 'search'],\n  cardEndpoint: 'https://example.com/.well-known/agent-card',\n});\n```\n\n## HTTP Server\n\nRun a full identity server with discovery, verification, wallet, and escrow endpoints:\n\n```js\nconst { generateKeypair, createDID, createServer } = require('@autron/core');\n\nconst keys = generateKeypair();\nconst did = createDID('key', keys);\n\nconst server = createServer({\n  identity: { did, privateKey: keys.privateKey, name: 'MyAgent' },\n  port: 3000,\n  cors: true,\n  // wallet,        // optional: enable wallet endpoints\n  // escrowManager, // optional: enable escrow endpoints\n});\n```\n\n| Method | Endpoint | Auth | Description |\n|--------|----------|------|-------------|\n| GET | `/.well-known/autron.json` | No | Discovery document |\n| GET | `/api/identity` | No | Agent identity info |\n| POST | `/api/verify` | No | Verify any token |\n| GET | `/api/reputation/:did` | No | Reputation score |\n| POST | `/api/card` | Bearer | Issue Agent Card |\n| POST | `/api/delegate` | Bearer | Issue delegation |\n| POST | `/api/endorse` | Bearer | Submit endorsement |\n| GET | `/api/wallet/balance` | Bearer | Own wallet balance |\n| GET | `/api/wallet/balance/:did` | No | Any DID balance |\n| POST | `/api/wallet/transfer` | Bearer | Transfer tokens |\n| GET | `/api/wallet/transactions` | Bearer | Transaction history |\n| POST | `/api/payment/receipt` | Bearer | Create payment receipt |\n| POST | `/api/escrow/create` | Bearer | Create escrow |\n| POST | `/api/escrow/:id/fund` | Bearer | Fund escrow |\n| POST | `/api/escrow/:id/release` | Bearer | Release escrow |\n| POST | `/api/escrow/:id/refund` | Bearer | Refund escrow |\n| GET | `/api/escrow/:id` | No | Escrow status |\n\n## Middleware\n\nProtect your endpoints with Agent Card authentication and delegation scope checks:\n\n```js\nconst { authenticate, requireScope, requireSpend, AuthError } = require('@autron/core');\n\nconst auth = authenticate({ audience: myDID });\nconst scopeCheck = requireScope('write:messages');\nconst spendCheck = requireSpend(1000000); // enforce spend limit from delegation\n\nfunction handleRequest(req, res) {\n  try {\n    const agent = auth(req);         // Verify Bearer Agent Card\n    const deleg = scopeCheck(req);   // Verify X-Delegation-Token scope\n    // agent.did, agent.name, agent.capabilities\n    // deleg.delegator, deleg.scope, deleg.constraints\n  } catch (err) {\n    if (err instanceof AuthError) {\n      res.writeHead(err.status);\n      res.end(err.message);\n    }\n  }\n}\n```\n\n## MCP Server\n\nExpose Autron identity operations as MCP tools for AI agents:\n\n```bash\nnpx autron mcp          # Start MCP server over stdio\nnpx autron-mcp          # Direct binary for MCP clients\n```\n\n**Claude Code / Cursor configuration** (`mcp.json`):\n\n```json\n{\n  \"mcpServers\": {\n    \"autron\": {\n      \"command\": \"npx\",\n      \"args\": [\"autron-mcp\"]\n    }\n  }\n}\n```\n\n| Tool | Description |\n|------|-------------|\n| `identity_info` | Get current agent DID, name, algorithm |\n| `issue_card` | Issue an Agent Card (JWS identity token) |\n| `issue_delegation` | Create a delegation token |\n| `issue_endorsement` | Create an endorsement |\n| `verify_token` | Verify any Autron token |\n| `calculate_reputation` | Aggregate reputation score |\n| `resolve_did` | Parse and resolve a DID |\n| `discover_agent` | Discover a remote agent by URL or DID |\n| `wallet_balance` | Get wallet token balance |\n| `wallet_transfer` | Transfer tokens to another agent |\n| `wallet_transactions` | Get transaction history |\n| `wallet_address` | Get wallet DID and chain address |\n| `payment_receipt` | Create a payment receipt |\n| `payment_verify` | Verify a payment receipt |\n| `escrow_create` | Create a new escrow agreement |\n| `escrow_fund` | Fund an escrow |\n| `escrow_release` | Release escrow funds to payee |\n| `escrow_refund` | Refund escrow funds to payer |\n| `escrow_status` | Get escrow status |\n| `escrow_list` | List escrows with filters |\n\n**Resources:** `autron://identity`, `autron://well-known`\n\n## CLI\n\n```bash\n# Identity\nnpx autron init --name \"MyAgent\"    # Generate identity → autron.json\nnpx autron info                     # Show current identity\nnpx autron card --ttl 24h           # Issue an Agent Card\nnpx autron verify \u003ctoken\u003e           # Verify any token\nnpx autron endorse \u003cdid\u003e --rating 0.9 --category coding\nnpx autron delegate \u003cdid\u003e --scope \"read:*,write:*\"\n\n# Wallet \u0026 Payments\nnpx autron wallet balance            # Show ATN balance\nnpx autron wallet transfer \u003cdid\u003e --amount 1000000\nnpx autron wallet address            # Show Solana address\nnpx autron wallet airdrop            # Request devnet SOL\n\n# Token Management\nnpx autron token create-mint --name \"Autron Token\" --symbol ATN\nnpx autron token mint --to \u003cdid\u003e --amount 1000000000\nnpx autron token info\n\n# Payment Receipts\nnpx autron payment receipt \u003cpayee\u003e \u003ctxId\u003e \u003camount\u003e\nnpx autron payment verify \u003ctoken\u003e\n\n# Escrow\nnpx autron escrow create \u003cpayee\u003e --amount 5000000 --deadline 7d\nnpx autron escrow fund \u003cid\u003e\nnpx autron escrow release \u003cid\u003e\nnpx autron escrow status \u003cid\u003e\nnpx autron escrow list --status funded\n\n# Server\nnpx autron serve --port 3000 --cors\nnpx autron mcp                       # Start MCP server\n```\n\n## TypeScript\n\nFull type declarations are included — no `@types` package needed:\n\n```ts\nimport {\n  generateKeypair,\n  createDID,\n  createAgentCard,\n  verifyAgentCard,\n  Wallet,\n  createPayment,\n  EscrowManager,\n  type Keypair,\n  type VerifiedAgentCard,\n  type VerifiedPayment,\n  type Algorithm,\n} from '@autron/core';\n\nconst keys: Keypair = generateKeypair('ed25519');\nconst did: string = createDID('key', { publicKey: keys.publicKey });\nconst card: string = createAgentCard({ issuer: did, privateKey: keys.privateKey });\nconst result: VerifiedAgentCard = verifyAgentCard(card);\n```\n\n## API\n\n### Crypto\n\n- `generateKeypair(algorithm?)` — Generate Ed25519 or secp256k1 keypair\n- `sign(data, privateKey, algorithm?)` — Sign data\n- `verify(data, signature, publicKey, algorithm?)` — Verify signature\n- `publicKeyToMultibase(publicKey, algorithm?)` — Encode key as multibase\n- `multibaseToPublicKey(multibaseStr)` — Decode multibase to key\n- `keyToJWK(publicKey, privateKey?, algorithm?)` — Convert to JWK format\n- `jwkToKey(jwk)` — Convert from JWK format\n\n### DID\n\n- `createDID(method, options)` — Create a DID string\n- `parseDID(didString)` — Parse DID into components\n- `resolveDID(didString)` — Resolve to W3C DID Document\n- `toStandardDID(autronDID)` — Convert to `did:key` / `did:web`\n- `fromStandardDID(standardDID)` — Convert from standard DID\n\n### Agent Card\n\n- `createAgentCard(options)` — Issue a signed identity card (JWS)\n- `verifyAgentCard(token, options?)` — Verify signature, expiry, audience\n- `parseAgentCard(token)` — Parse without verification\n\n### Delegation\n\n- `createDelegation(options)` — Issue a delegation token\n- `verifyDelegation(token, options?)` — Verify delegation\n- `checkScope(delegation, requiredScope)` — Check granted scopes (supports wildcards)\n- `getSpendLimit(delegation)` — Extract spend limit from constraints\n\n### Discovery\n\n- `buildDIDDocument(did, options?)` — DID Document with services/controllers\n- `createWellKnown(options)` — Build `/.well-known/autron.json`\n- `parseWellKnown(doc)` — Parse well-known document\n- `SERVICE_TYPES` — Standard service type constants (AgentCard, Delegation, Messaging, API, Payment, Escrow, Wallet)\n\n### Reputation\n\n- `createEndorsement(options)` — Issue a signed endorsement (0.0-1.0 rating)\n- `verifyEndorsement(token, options?)` — Verify endorsement\n- `calculateReputation(endorsements, options?)` — Aggregate trust score (recency-weighted)\n\n### Chain \u0026 Wallet\n\n- `ChainProvider` — Abstract multi-chain provider class\n- `SolanaProvider` — Solana implementation (lazy-loaded deps)\n- `registerProvider(chainId, provider)` — Register a chain provider\n- `getProvider(chainId)` — Get registered provider\n- `Wallet` — High-level wallet (balance, transfer, transactions)\n- `Wallet.create(identity, options?)` — Factory from autron.json identity\n\n### Payment\n\n- `createPayment(options)` — Create a payment receipt (JWS)\n- `verifyPayment(token, options?)` — Verify payment receipt\n- `parsePayment(token)` — Parse without verification\n\n### Escrow\n\n- `createEscrow(options)` — Create an escrow token (JWS)\n- `verifyEscrow(token, options?)` — Verify escrow token\n- `EscrowManager` — SQLite-backed escrow lifecycle (register, fund, release, refund, expire)\n- `ESCROW_STATUS` — Status constants (created, funded, released, refunded, expired, disputed)\n\n### Server\n\n- `createServer(options)` — Create and start HTTP identity server\n- `handleRequest(options)` — Create request handler (BYO server)\n\n### Middleware\n\n- `authenticate(options?)` — Create Bearer token auth function\n- `requireScope(scope)` — Create delegation scope checker\n- `requireSpend(amount, options?)` — Create spend limit checker\n- `extractBearer(req)` — Extract Bearer token from headers\n- `extractDelegation(req)` — Extract delegation token from headers\n- `AuthError` — Auth error class with HTTP status\n\n### Client\n\n- `discoverAgent(urlOrDID)` — Discover remote agent\n- `fetchWellKnown(baseUrl)` — Fetch well-known document\n- `fetchIdentity(baseUrl)` — Fetch agent identity\n- `requestCard(baseUrl, bearer, options?)` — Request Agent Card\n- `requestDelegation(baseUrl, bearer, options)` — Request delegation\n- `submitEndorsement(baseUrl, bearer, options)` — Submit endorsement\n- `verifyRemote(baseUrl, token)` — Verify token remotely\n\n### MCP\n\n- `createMCPServer(options?)` — Create MCP server instance (20 tools, 2 resources)\n\n### JWS (Low-level)\n\n- `createJWS(header, payload, privateKey, algorithm)` — Create JWS compact token\n- `verifyJWS(token, publicKey, algorithm)` — Verify and decode\n- `parseJWS(token)` — Parse without verification\n\n## License\n\nApache 2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhungnguyenhtbvn-max%2Fautron-protocol","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhungnguyenhtbvn-max%2Fautron-protocol","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhungnguyenhtbvn-max%2Fautron-protocol/lists"}