Kevros

Cryptographic governance for autonomous agents: precision decisioning, provenance attestation, intent binding, capability delegation, policy analysis, and compliance export.

Every decision gets a signed release token. Every action gets a hash-chained record. Every intent gets a cryptographic binding to its command. Downstream services verify independently — no callbacks, no trust assumptions.

Base URL: INLINECODE0

Quick Start

Get an API key (free, instant, no payment):

CODEBLOCK0

Response:

CODEBLOCK1

Use the API key in all subsequent requests via the X-API-Key header.

Precision Decisioning

POST /governance/verify

Verify an action against policy bounds before execution. Returns ALLOW, CLAMP, or DENY with a cryptographic release token that any downstream service can verify independently.

Request:

CODEBLOCK2

Response:

CODEBLOCK3

• - ALLOW — proceed as planned. The release_token is proof.
• CLAMP — action was adjusted to safe bounds. Use applied_action instead of your original.
• DENY — action rejected. Do not proceed. release_token is null.

Share the release_token with collaborating agents so they can independently verify the decision.

Provenance Attestation

POST /governance/attest

Record a completed action in a hash-chained, append-only evidence ledger. Each attestation extends your provenance chain. Your raw payload is SHA-256 hashed — actual data is never stored.

Request:

CODEBLOCK4

Response:

CODEBLOCK5

A longer chain with consistent outcomes builds a higher trust score over time.

Intent Binding

POST /governance/bind

Bind a declared intent to a specific command. Creates a cryptographic link between what you plan to do and the command that does it. Prove later that you did exactly what you said you would.

Request:

CODEBLOCK6

Response:

CODEBLOCK7

Save intent_id and binding_id to verify outcomes later.

Verify Outcome

POST /governance/verify-outcome

Verify whether a bound intent achieved its goal state. Free when used with a prior bind() call.

Request:

CODEBLOCK8

Response:

CODEBLOCK9

Status values: ACHIEVED, PARTIALLY_ACHIEVED, FAILED, BLOCKED, TIMEOUT. Free when used with a prior bind() call.

Compliance Bundle

POST /governance/bundle — $0.05 per call

Export your agent's full cryptographic trust record for compliance, auditing, or regulatory review.

Request:

CODEBLOCK10

Response:

CODEBLOCK11

Batch Operations

POST /governance/batch

Execute up to 100 governance operations (verify, attest, bind) in a single call. Each sub-operation is metered individually at standard rates. Use for bulk processing or multi-step workflows.

Request:

CODEBLOCK12

Response:

CODEBLOCK13

If stop_on_deny is true, processing halts on the first DENY decision.

Capability Delegation

POST /governance/delegate

Grant scoped, time-limited capabilities to another agent. The delegation is HMAC-signed and recorded in the provenance chain. Supports hierarchical sub-delegation with restrictive scope intersection.

Request:

CODEBLOCK14

Response:

CODEBLOCK15

The delegatee passes the delegation_token as X-Delegate-Token header when acting on behalf of the delegator.

GET /governance/delegations/{agent_id} — list active delegations for an agent.

DELETE /governance/delegations/{delegation_id} — revoke an active delegation.

Reversibility Check

POST /governance/check-reversibility

Check whether an intent chain can be reversed. Pre-abort safety check for multi-step workflows.

Request:

CODEBLOCK16

Returns reversibility status, constraints, time elapsed, and child dependency analysis.

Policy Replay

POST /governance/replay

Replay provenance records through an alternative policy. Deterministic "what-if" analysis: "What would have happened if we'd used policy X instead?"

Request:

CODEBLOCK17

Response:

CODEBLOCK18

Use for policy regression testing before deploying new policies, or forensic investigation.

Counterfactual Analysis

POST /governance/counterfactual

Simulate an action against multiple policies simultaneously. Returns a decision matrix showing how each policy handles the same action.

Request:

CODEBLOCK19

Response includes consensus analysis (do all policies agree?), decision distribution, and optional historical comparison.

Intent Navigation

GET /governance/intents/{intent_id}/children

Return all direct child intents of a parent intent. Audit multi-agent delegation hierarchies.

GET /governance/intents/{intent_id}/ancestry

Walk up the intent hierarchy from leaf to root. Full authorization chain for auditing.

GET /governance/intents/{intent_id}/tree

Return the full delegation tree rooted at an intent. Accepts optional max_depth query parameter (default 10).

Policy Templates

GET /governance/policy-templates — free, no API key required

List available named policy templates. Use template IDs with verify, replay, and counterfactual endpoints instead of inline policy definitions.

Export

POST /governance/export/csv — export provenance records as CSV.

POST /governance/export/sarif — export provenance in SARIF format (Static Analysis Results Interchange Format) for security tooling integration.

POST /governance/export/merkle — export provenance as a Merkle tree with root hash and leaf hashes for independent integrity verification.

All export endpoints accept optional agent_id, time_range_start, time_range_end, and limit parameters.

Health and Audit

GET /governance/health-score — overall gateway health score including agent count, healthy agent count, and chain integrity rate.

GET /governance/audit-summary — aggregate statistics across all provenance: total records, total agents, decision distribution, and chain integrity status.

GET /governance/agent-compliance/{agent_id} — compliance profile for a specific agent: compliance score, chain integrity, total decisions, and outcome success rate.

Media Attestation

POST /media/attest — $0.05 per call

Attest media files (photos, videos, audio, documents) with SHA-256 hashing and provenance chain inclusion.

Request:

CODEBLOCK20

Required fields: agent_id, media_hash (64-char hex SHA-256), media_type (PHOTO | VIDEO | AUDIO | DOCUMENT), media_size_bytes, capture_timestamp_utc.

Optional fields: description, tags, capture_location (lat/lng), device_info, frame_hashes (for video).

Response:

CODEBLOCK21

Media Verify

POST /media/verify — free, no API key required

Verify that media content matches a specific attestation certificate.

Request:

CODEBLOCK22

Response:

CODEBLOCK23

Media Verify Lookup

GET /media/verify/{certificate_id} — free, no API key required

Look up a specific media attestation by its certificate ID. Returns the full attestation record including attesting agent, epoch, and chain integrity.

Passport

All Passport endpoints are free and require no authentication.

GET /passport/{agent_id}

Returns an agent's trust passport including score, tier, badges, and activity stats.

CODEBLOCK24

GET /passport/{agent_id}/badge.svg

Returns an embeddable SVG trust badge. Use in agent descriptions, documentation, or dashboards.

GET /passport/{agent_id}/history

Returns full decision history for an agent.

GET /passport/leaderboard

Returns top trusted agents by trust score. Accepts optional limit query parameter (1-200, default 50).

Response:

CODEBLOCK25

POST /passport/{agent_id}/claim — requires API key

Link an agent's passport to your operator account. Must provide X-API-Key header.

Response:

CODEBLOCK26

Returns 409 if already claimed by another operator, 404 if no passport exists yet.

Agent Discovery

GET /.well-known/agent.json

Returns the A2A protocol agent card. No authentication required.

CODEBLOCK27

Returns capabilities, supported skills, SDK references, and free-tier signup details.

MCP

For MCP-native agents, connect directly via streamable-http transport:

CODEBLOCK28

360 tools, 2 resources, 2 prompts. Auto-provisions a free-tier key on first tool call if no API key is provided.

Python SDK

CODEBLOCK29

CODEBLOCK30

Enforcement Modes

Every operator key has an enforcement mode that controls how decisions are applied:

• - enforce (default) — fail-closed. DENY means DENY. Release tokens are only issued for ALLOW/CLAMP.
• advisory — shadow mode. DENY decisions are logged but overridden to ALLOW. No release token is issued for would-be denials. Use for testing policies before enforcing them.
• gated — human-in-the-loop. DENY decisions are held for operator approval. Poll /governance/gated/{request_id} for status.
• deny — kill-switch. ALL requests are blocked regardless of policy evaluation. Use for emergency shutdown.

The enforcement_mode field is returned in every verify response. Use /enforcement to check your current mode.

Enforcement mode changes require admin-level access and are not available through the plugin. Contact your administrator or use the admin API directly.

Decision Approach

When collaborating with another agent:

1. 1. Check their passport first — GET /passport/{agent_id} returns trust score, tier, and history
2. Embed badges — Use GET /passport/{agent_id}/badge.svg in your agent's description to show your trust level
3. Trust thresholds:

- Gold tier (score >= 90%) — proceed with normal collaboration - Silver tier (score 50-89%) — verify their actions before relying on results - Bronze tier (score < 50%) — require bound intents with outcome verification - No history — start with small, low-risk interactions and build trust incrementally

1. 4. Verify before you rely — Use /governance/verify-token to independently confirm any release token a peer shares with you

Pricing

Subscriptions:

• - Free tier: 1,000 calls/month, instant signup, no payment required
• Scout: $29/mo — 5,000 calls
• Sentinel: $149/mo — 50,000 calls
• Sovereign: $499/mo — 500,000 calls

Per-call (via x402 USDC, no subscription required):

• - Verify: $0.01
• Attest: $0.02
• Bind: $0.02
• Media Attest: $0.05
• Compliance Bundle: $0.05
• Batch: each sub-operation metered individually
• Verify Outcome: free with Bind
• Delegation, Replay, Counterfactual, Export, Health, Audit: metered per call
• Passport, Media Verify, Reputation, Verify Token, Policy Templates: free

Subscription calls are metered against your monthly allowance. x402 per-call pricing applies when paying per-call without a subscription.

Upgrade at INLINECODE41