KYA (Know Your Agent) Manifest Standard

Version: 0.1.0-alpha
Status: Pre-submission Draft / Incubation Phase
Namespace: https://w3id.org/kya/v1

---

1. Overview

The KYA (Know Your Agent) Manifest is a machine-readable framework for disclosing the identity, governance, and operational boundaries of autonomous AI agents.

As AI agents transition from chatbots to economic actors, they require a standardized way to prove their safety parameters, hardware security, and legal accountability to third-party verifiers (exchanges, protocols, and users). KYA leverages W3C Verifiable Credentials and JSON-LD to create an interoperable "Identity Card" for the agentic web.

2. Core Pillars

• Cryptographic Identity: Built on Decentralized Identifiers (DIDs) with strict separation between acting keys (TEE-held) and governance keys (DAO/Human-held).
• Hardware Attestation: Native support for TEE (Trusted Execution Environment) fingerprints (MRENCLAVE/MRSIGNER) to prove the agent is running unmodified code.
• Operational Fuses: Programmable constraints including transaction value caps, domain whitelists, and regional restrictions.
• Legal Recourse: Integrated Ricardian contracts and dispute resolution paths to bridge code-logic with analog legal frameworks.

3. Repository Structure

The repository is organized to support automated validation and standard evolution:

• schema/ : Contains the JSON-LD Context and JSON Schema.
• examples/ : Reference implementations including full, minimal, and failure cases.
• tools/ : Python-based linter and validation suite.
• tests/ : pytest suite for structural and semantic validation.
• spec/ : The official W3C-style technical specification (ReSpec).

4. Getting Started

Prerequisites

• Python 3.10+
• make

Installation & Testing

To install the validation tools and run the test suite against the reference examples:

# Setup the environment
make install

# Run structural and semantic tests
make test

Documentation Drift Check

To compare the JSON Schema against the spec docs and list missing fields (including schema_human.md when present). Default mode enforces that schema_human.md stays in sync with the schema, while the spec pages are reported only. Use --strict to fail on any drift:

python3 tools/check_doc_drift.py
python3 tools/check_doc_drift.py --strict

Local Spec Preview

To view the human-readable specification locally:

make serve

# Open http://localhost:8000/spec/

5. Vocabulary & Discovery

The KYA standard terms are mapped to a permanent namespace. This ensures that terms like signing_policy have a globally unique definition that can be interpreted by AI Agents and search engines alike.

The root namespace (https://w3id.org/kya) is intended as a stable landing page, while versioned URIs like https://w3id.org/kya/v1 (context) and https://w3id.org/kya/v1/schema (schema) provide immutable references for released spec versions.

• Vocabulary Home: https://w3id.org/kya/vocab
• Context File: https://w3id.org/kya/v1

6. Security & Privacy

• Immutable Safety: Manifests should be bound to a registry (e.g., Blockchain or IPNS) to prevent replay attacks using the registry_lock field.
• Zero PII: This standard mandates that no Personally Identifiable Information (PII) be stored directly in the manifest to comply with global privacy regulations (GDPR/CCPA).

7. Standard Roadmap

1. Phase 1 (Current): Incubation and community review of the v0.1.0 schema.
2. Phase 2: Submission to W3C CCG (Credentials Community Group) for formal incubation.
3. Phase 3: Pilot integrations with TEE providers and On-chain Registries.
4. Phase 4: Formal v1.0.0 Baseline Release.

---

Built by the Open-KYA Community.