aip-agents 0.1.0__tar.gz

aip_agents-0.1.0/.gitignore

@@ -0,0 +1,36 @@
+# Rust
+target/
+Cargo.lock
+
+# Python
+__pycache__/
+*.pyc
+*.egg-info/
+dist/
+.venv/
+*.so
+**/.pytest_cache/
+
+# Paper (local only)
+paper/
+texput.log
+
+# IETF draft (local only)
+ietf/
+
+# Planning (local only)
+planning/
+
+# Archives
+*.tar.gz
+
+# IDE
+.idea/
+.vscode/
+*.swp
+
+# OS
+.DS_Store
+
+# Claude
+.claude/

aip_agents-0.1.0/PKG-INFO

@@ -0,0 +1,124 @@
+Metadata-Version: 2.4
+Name: aip-agents
+Version: 0.1.0
+Summary: AIP identity and delegation for AI agent frameworks
+Project-URL: Homepage, https://github.com/sunilp/aip
+Project-URL: Documentation, https://github.com/sunilp/aip#aip-agents
+Project-URL: Repository, https://github.com/sunilp/aip
+Author-email: Sunil Prakash <sunil@sunilprakash.com>
+License-Expression: Apache-2.0
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: Apache Software License
+Classifier: Programming Language :: Python :: 3
+Classifier: Topic :: Security :: Cryptography
+Classifier: Topic :: Software Development :: Libraries
+Requires-Python: >=3.10
+Requires-Dist: base58>=2.1
+Requires-Dist: biscuit-python>=0.4
+Requires-Dist: cryptography>=43.0
+Requires-Dist: pydantic>=2.0
+Requires-Dist: pyjwt[crypto]>=2.9
+Provides-Extra: adk
+Requires-Dist: google-adk>=1.0; extra == 'adk'
+Provides-Extra: all
+Requires-Dist: crewai>=0.80; extra == 'all'
+Requires-Dist: google-adk>=1.0; extra == 'all'
+Provides-Extra: crewai
+Requires-Dist: crewai>=0.80; extra == 'crewai'
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.24; extra == 'dev'
+Requires-Dist: pytest>=8.0; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# aip-agents
+
+AIP identity and delegation for AI agent frameworks. Add cryptographic identity, scoped delegation chains, and audit-ready token flows to your CrewAI and Google ADK agents in 5 lines of code.
+
+## Install
+
+```bash
+pip install aip-agents[crewai]    # CrewAI
+pip install aip-agents[adk]       # Google ADK
+pip install aip-agents[all]       # Both
+```
+
+## Quick Start: CrewAI
+
+```python
+from crewai import Crew, Agent, Task
+from aip_agents.adapters.crewai import AIPCrewPlugin
+
+plugin = AIPCrewPlugin()
+
+researcher = Agent(role="researcher", ...)
+writer = Agent(role="writer", ...)
+crew = Crew(agents=[researcher, writer], tasks=[...])
+
+plugin.register(crew)  # Each agent gets an AIP identity + delegation token
+crew.kickoff()
+```
+
+## Quick Start: Google ADK
+
+```python
+from google.adk import Agent, Runner
+from aip_agents.adapters.adk import AIPAdkPlugin
+
+plugin = AIPAdkPlugin()
+
+agent = Agent(name="coordinator", sub_agents=[worker1, worker2], ...)
+runner = Runner(agent=agent)
+
+plugin.register(runner)  # Walks agent tree, creates delegation chains
+runner.run("task")
+```
+
+## What You Get
+
+When you register a plugin, every agent gets:
+
+1. **Cryptographic identity** - An Ed25519 keypair and AIP identifier (`aip:key:ed25519:z...`)
+2. **Delegation chain** - When a parent agent delegates to a sub-agent, a Biscuit token chain records the delegation with attenuated scope
+3. **Tool call headers** - `X-AIP-Token` headers ready to attach to outgoing tool/MCP calls
+
+Enable logging to see it in action:
+
+```python
+from aip_agents import AIPConfig
+
+plugin = AIPCrewPlugin(AIPConfig(log_tokens=True))
+```
+
+Output:
+```
+[AIP] Identity created: researcher -> aip:key:ed25519:z6Fk3...
+[AIP] Delegation: manager -> researcher [scope: web_search] [chain depth: 2]
+[AIP] Tool call: researcher -> web_search [chain depth: 3, verified]
+```
+
+## Configuration
+
+```python
+AIPConfig(
+    app_name="my-app",          # Root identity label
+    auto_identity=True,          # Auto-assign identity to every agent
+    auto_delegation=True,        # Auto-create delegation chains
+    persist_keys=False,          # Save keys to ~/.aip/keys/
+    log_tokens=False,            # Log token operations
+    default_scope=None,          # Default scope for root token
+)
+```
+
+## How It Works
+
+- **Identity**: Each agent gets an Ed25519 keypair. The public key becomes the agent's AIP identifier.
+- **Tokens**: Authority tokens use [Biscuit](https://www.biscuitsec.org/) - an append-only cryptographic token that enforces scope can only narrow, never widen.
+- **Delegation**: When Agent A delegates to Agent B, a new block is appended to A's token with B's identity and attenuated scope. The chain is cryptographically verifiable.
+- **Tool calls**: Tokens are attached via `X-AIP-Token` header, compatible with [AIP MCP middleware](https://github.com/sunilp/aip) for end-to-end verification.
+
+## Links
+
+- [AIP Specification](https://github.com/sunilp/aip/tree/main/spec)
+- [AIP Paper (arXiv:2603.24775)](https://arxiv.org/abs/2603.24775)
+- [GitHub](https://github.com/sunilp/aip)

aip_agents-0.1.0/README.md

@@ -0,0 +1,91 @@
+# aip-agents
+
+AIP identity and delegation for AI agent frameworks. Add cryptographic identity, scoped delegation chains, and audit-ready token flows to your CrewAI and Google ADK agents in 5 lines of code.
+
+## Install
+
+```bash
+pip install aip-agents[crewai]    # CrewAI
+pip install aip-agents[adk]       # Google ADK
+pip install aip-agents[all]       # Both
+```
+
+## Quick Start: CrewAI
+
+```python
+from crewai import Crew, Agent, Task
+from aip_agents.adapters.crewai import AIPCrewPlugin
+
+plugin = AIPCrewPlugin()
+
+researcher = Agent(role="researcher", ...)
+writer = Agent(role="writer", ...)
+crew = Crew(agents=[researcher, writer], tasks=[...])
+
+plugin.register(crew)  # Each agent gets an AIP identity + delegation token
+crew.kickoff()
+```
+
+## Quick Start: Google ADK
+
+```python
+from google.adk import Agent, Runner
+from aip_agents.adapters.adk import AIPAdkPlugin
+
+plugin = AIPAdkPlugin()
+
+agent = Agent(name="coordinator", sub_agents=[worker1, worker2], ...)
+runner = Runner(agent=agent)
+
+plugin.register(runner)  # Walks agent tree, creates delegation chains
+runner.run("task")
+```
+
+## What You Get
+
+When you register a plugin, every agent gets:
+
+1. **Cryptographic identity** - An Ed25519 keypair and AIP identifier (`aip:key:ed25519:z...`)
+2. **Delegation chain** - When a parent agent delegates to a sub-agent, a Biscuit token chain records the delegation with attenuated scope
+3. **Tool call headers** - `X-AIP-Token` headers ready to attach to outgoing tool/MCP calls
+
+Enable logging to see it in action:
+
+```python
+from aip_agents import AIPConfig
+
+plugin = AIPCrewPlugin(AIPConfig(log_tokens=True))
+```
+
+Output:
+```
+[AIP] Identity created: researcher -> aip:key:ed25519:z6Fk3...
+[AIP] Delegation: manager -> researcher [scope: web_search] [chain depth: 2]
+[AIP] Tool call: researcher -> web_search [chain depth: 3, verified]
+```
+
+## Configuration
+
+```python
+AIPConfig(
+    app_name="my-app",          # Root identity label
+    auto_identity=True,          # Auto-assign identity to every agent
+    auto_delegation=True,        # Auto-create delegation chains
+    persist_keys=False,          # Save keys to ~/.aip/keys/
+    log_tokens=False,            # Log token operations
+    default_scope=None,          # Default scope for root token
+)
+```
+
+## How It Works
+
+- **Identity**: Each agent gets an Ed25519 keypair. The public key becomes the agent's AIP identifier.
+- **Tokens**: Authority tokens use [Biscuit](https://www.biscuitsec.org/) - an append-only cryptographic token that enforces scope can only narrow, never widen.
+- **Delegation**: When Agent A delegates to Agent B, a new block is appended to A's token with B's identity and attenuated scope. The chain is cryptographically verifiable.
+- **Tool calls**: Tokens are attached via `X-AIP-Token` header, compatible with [AIP MCP middleware](https://github.com/sunilp/aip) for end-to-end verification.
+
+## Links
+
+- [AIP Specification](https://github.com/sunilp/aip/tree/main/spec)
+- [AIP Paper (arXiv:2603.24775)](https://arxiv.org/abs/2603.24775)
+- [GitHub](https://github.com/sunilp/aip)

aip_agents-0.1.0/__init__.py

@@ -0,0 +1,17 @@
+"""aip-agents: AIP identity and delegation for AI agent frameworks."""
+
+from aip_agents.core.config import AIPConfig
+from aip_agents.core.identity_manager import AIPIdentity, IdentityManager
+from aip_agents.core.token_manager import TokenManager
+from aip_agents.core.key_store import KeyStore
+
+__version__ = "0.1.0"
+
+__all__ = [
+    "AIPConfig",
+    "AIPIdentity",
+    "IdentityManager",
+    "KeyStore",
+    "TokenManager",
+    "__version__",
+]

aip_agents-0.1.0/adapters/__init__.py

@@ -0,0 +1 @@
+"""Framework adapters for AIP identity."""

aip_agents-0.1.0/adapters/adk/__init__.py

@@ -0,0 +1,3 @@
+"""Google ADK adapter for AIP identity and delegation."""
+from aip_agents.adapters.adk.plugin import AIPAdkPlugin
+__all__ = ["AIPAdkPlugin"]

aip_agents-0.1.0/adapters/adk/plugin.py

@@ -0,0 +1,109 @@
+from __future__ import annotations
+
+from aip_agents.core.config import AIPConfig
+from aip_agents.core.identity_manager import IdentityManager
+from aip_agents.core.logger import AIPLogger
+from aip_agents.core.token_manager import TokenManager
+
+
+class AIPAdkPlugin:
+    """AIP identity and delegation plugin for Google ADK."""
+
+    def __init__(self, config: AIPConfig | None = None):
+        self._config = config or AIPConfig()
+        self._identity_manager = IdentityManager(self._config)
+        self._token_manager = TokenManager(self._identity_manager, self._config)
+        self._logger = AIPLogger(enabled=self._config.log_tokens)
+        self._agent_tokens: dict[str, str] = {}
+        self._agent_scopes: dict[str, list[str]] = {}
+        # Tracks the name of the authority (chain root) whose keypair signed the biscuit
+        self._authority_name: dict[str, str] = {}
+
+    @property
+    def identity_manager(self) -> IdentityManager:
+        return self._identity_manager
+
+    @property
+    def token_manager(self) -> TokenManager:
+        return self._token_manager
+
+    def register(self, runner) -> None:
+        root_agent = runner.agent
+        self._register_agent_tree(root_agent, parent_name=None, authority_name=None)
+
+    def _register_agent_tree(
+        self,
+        agent,
+        parent_name: str | None,
+        authority_name: str | None,
+    ) -> None:
+        name = agent.name
+        identity = self._identity_manager.register(name)
+        self._logger.identity_created(name, identity.aip_id)
+        scope = self._extract_tool_names(agent)
+        self._agent_scopes[name] = scope
+
+        if parent_name is None:
+            # Root agent: issue a chained authority token under its own key
+            token = self._token_manager.issue_chained(name, scope=scope)
+            self._agent_tokens[name] = token
+            self._authority_name[name] = name
+            self._logger.token_issued(name, scope, "chained")
+            effective_authority = name
+        else:
+            # Sub-agent: delegate from parent's token using the chain authority's key
+            parent_token = self._agent_tokens.get(parent_name)
+            if parent_token is not None:
+                # Always use the chain authority name so from_base64 uses the right pubkey
+                chain_authority = authority_name or parent_name
+                delegation_token = self._token_manager.delegate(
+                    parent_token=parent_token,
+                    parent_name=chain_authority,
+                    child_name=name,
+                    attenuated_scope=scope,
+                    context=f"Sub-agent delegation: {parent_name} -> {name}",
+                )
+                self._agent_tokens[name] = delegation_token
+                self._authority_name[name] = chain_authority
+                depth = self._token_manager.chain_depth(delegation_token)
+                self._logger.delegation(parent_name, name, scope, depth)
+                effective_authority = chain_authority
+            else:
+                token = self._token_manager.issue_chained(name, scope=scope)
+                self._agent_tokens[name] = token
+                self._authority_name[name] = name
+                effective_authority = name
+
+        for sub_agent in getattr(agent, "sub_agents", []):
+            self._register_agent_tree(
+                sub_agent,
+                parent_name=name,
+                authority_name=effective_authority,
+            )
+
+    def get_agent_token(self, name: str) -> str | None:
+        return self._agent_tokens.get(name)
+
+    def get_agent_scope(self, name: str) -> list[str]:
+        return self._agent_scopes.get(name, [])
+
+    def get_chain_depth(self, name: str) -> int:
+        token = self._agent_tokens.get(name)
+        if token is None:
+            raise ValueError(f"No token for agent '{name}'")
+        return self._token_manager.chain_depth(token)
+
+    def get_tool_call_headers(self, name: str) -> dict[str, str]:
+        token = self._agent_tokens.get(name)
+        if token is None:
+            return {}
+        return {"X-AIP-Token": token}
+
+    def _extract_tool_names(self, agent) -> list[str]:
+        names = []
+        for tool in getattr(agent, "tools", []):
+            if hasattr(tool, "name"):
+                names.append(tool.name)
+            elif isinstance(tool, str):
+                names.append(tool)
+        return names if names else ["*"]

aip_agents-0.1.0/adapters/crewai/__init__.py

@@ -0,0 +1,3 @@
+"""CrewAI adapter for AIP identity and delegation."""
+from aip_agents.adapters.crewai.plugin import AIPCrewPlugin
+__all__ = ["AIPCrewPlugin"]

aip_agents-0.1.0/adapters/crewai/plugin.py

@@ -0,0 +1,78 @@
+from __future__ import annotations
+
+from aip_agents.core.config import AIPConfig
+from aip_agents.core.identity_manager import IdentityManager
+from aip_agents.core.logger import AIPLogger
+from aip_agents.core.token_manager import TokenManager
+
+
+class AIPCrewPlugin:
+    """AIP identity and delegation plugin for CrewAI."""
+
+    def __init__(self, config: AIPConfig | None = None):
+        self._config = config or AIPConfig()
+        self._identity_manager = IdentityManager(self._config)
+        self._token_manager = TokenManager(self._identity_manager, self._config)
+        self._logger = AIPLogger(enabled=self._config.log_tokens)
+        self._agent_tokens: dict[str, str] = {}
+        self._agent_scopes: dict[str, list[str]] = {}
+
+    @property
+    def identity_manager(self) -> IdentityManager:
+        return self._identity_manager
+
+    @property
+    def token_manager(self) -> TokenManager:
+        return self._token_manager
+
+    def register(self, crew) -> None:
+        for agent in crew.agents:
+            role = agent.role
+            identity = self._identity_manager.register(role)
+            self._logger.identity_created(role, identity.aip_id)
+            scope = self._extract_tool_names(agent)
+            self._agent_scopes[role] = scope
+            if self._config.auto_delegation:
+                token = self._token_manager.issue_chained(role, scope=scope)
+            else:
+                token = self._token_manager.issue(role, scope=scope)
+            self._agent_tokens[role] = token
+            self._logger.token_issued(role, scope, "chained" if self._config.auto_delegation else "compact")
+
+    def get_agent_token(self, role: str) -> str | None:
+        return self._agent_tokens.get(role)
+
+    def get_agent_scope(self, role: str) -> list[str]:
+        return self._agent_scopes.get(role, [])
+
+    def create_delegation(self, parent_role: str, child_role: str, task_description: str, scope: list[str] | None = None) -> str:
+        parent_token = self._agent_tokens.get(parent_role)
+        if parent_token is None:
+            raise ValueError(f"No token found for agent '{parent_role}'")
+        effective_scope = scope or self._agent_scopes.get(child_role, [])
+        delegation_token = self._token_manager.delegate(
+            parent_token=parent_token,
+            parent_name=parent_role,
+            child_name=child_role,
+            attenuated_scope=effective_scope,
+            context=task_description,
+        )
+        depth = self._token_manager.chain_depth(delegation_token)
+        self._logger.delegation(parent_role, child_role, effective_scope, depth)
+        self._agent_tokens[child_role] = delegation_token
+        return delegation_token
+
+    def get_tool_call_headers(self, role: str) -> dict[str, str]:
+        token = self._agent_tokens.get(role)
+        if token is None:
+            return {}
+        return {"X-AIP-Token": token}
+
+    def _extract_tool_names(self, agent) -> list[str]:
+        names = []
+        for tool in getattr(agent, "tools", []):
+            if hasattr(tool, "name"):
+                names.append(tool.name)
+            elif isinstance(tool, str):
+                names.append(tool)
+        return names if names else ["*"]

aip_agents-0.1.0/core/__init__.py

@@ -0,0 +1,8 @@
+"""Core identity, token, and key management."""
+
+from aip_agents.core.config import AIPConfig
+from aip_agents.core.identity_manager import IdentityManager, AIPIdentity
+from aip_agents.core.key_store import KeyStore
+from aip_agents.core.token_manager import TokenManager
+
+__all__ = ["AIPConfig", "AIPIdentity", "IdentityManager", "KeyStore", "TokenManager"]

aip_agents-0.1.0/core/config.py

@@ -0,0 +1,13 @@
+from dataclasses import dataclass, field
+
+
+@dataclass
+class AIPConfig:
+    """Configuration for AIP agent identity and delegation."""
+
+    app_name: str = "aip-app"
+    auto_identity: bool = True
+    auto_delegation: bool = True
+    persist_keys: bool = False
+    log_tokens: bool = False
+    default_scope: list[str] | None = None

aip_agents-0.1.0/core/identity_manager.py

@@ -0,0 +1,54 @@
+from dataclasses import dataclass
+
+from aip_agents.core.config import AIPConfig
+from aip_agents.core.key_store import KeyStore
+from aip_core.crypto import KeyPair
+
+
+@dataclass(frozen=True)
+class AIPIdentity:
+    """An agent's AIP identity."""
+    name: str
+    aip_id: str
+    public_key_bytes: bytes
+    keypair: KeyPair
+
+
+class IdentityManager:
+    """Creates and caches AIP identities for agents."""
+
+    def __init__(self, config: AIPConfig):
+        self._config = config
+        persist_dir = None
+        if config.persist_keys:
+            import os
+            persist_dir = os.path.expanduser(f"~/.aip/keys/{config.app_name}")
+        self._key_store = KeyStore(persist_dir=persist_dir)
+        self._identities: dict[str, AIPIdentity] = {}
+        self._root = self._create_identity(config.app_name)
+
+    def _create_identity(self, name: str) -> AIPIdentity:
+        if name in self._identities:
+            return self._identities[name]
+        kp = self._key_store.get_or_create(name)
+        aip_id = f"aip:key:ed25519:{kp.public_key_multibase()}"
+        identity = AIPIdentity(
+            name=name,
+            aip_id=aip_id,
+            public_key_bytes=kp.public_key_bytes(),
+            keypair=kp,
+        )
+        self._identities[name] = identity
+        return identity
+
+    def root_identity(self) -> AIPIdentity:
+        return self._root
+
+    def register(self, agent_name: str) -> AIPIdentity:
+        return self._create_identity(agent_name)
+
+    def get(self, agent_name: str) -> AIPIdentity | None:
+        return self._identities.get(agent_name)
+
+    def all(self) -> list[AIPIdentity]:
+        return list(self._identities.values())

aip_agents-0.1.0/core/key_store.py

@@ -0,0 +1,44 @@
+from pathlib import Path
+
+from aip_core.crypto import KeyPair
+from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
+
+
+class KeyStore:
+    """Manages Ed25519 keypairs for agents. In-memory by default, optional disk persistence."""
+
+    def __init__(self, persist_dir: str | None = None):
+        self._keys: dict[str, KeyPair] = {}
+        self._persist_dir = Path(persist_dir) if persist_dir else None
+        if self._persist_dir:
+            self._persist_dir.mkdir(parents=True, exist_ok=True)
+
+    def get_or_create(self, name: str) -> KeyPair:
+        if name in self._keys:
+            return self._keys[name]
+
+        if self._persist_dir:
+            key_file = self._persist_dir / f"{name}.key"
+            if key_file.exists():
+                raw = key_file.read_bytes()
+                private_key = Ed25519PrivateKey.from_private_bytes(raw)
+                kp = KeyPair(private_key)
+                self._keys[name] = kp
+                return kp
+
+        kp = KeyPair.generate()
+        self._keys[name] = kp
+
+        if self._persist_dir:
+            key_file = self._persist_dir / f"{name}.key"
+            key_file.write_bytes(kp.private_key_bytes())
+            key_file.chmod(0o600)
+
+        return kp
+
+    def has(self, name: str) -> bool:
+        if name in self._keys:
+            return True
+        if self._persist_dir:
+            return (self._persist_dir / f"{name}.key").exists()
+        return False

aip_agents-0.1.0/core/logger.py

@@ -0,0 +1,27 @@
+class AIPLogger:
+    """Structured logging for AIP token operations."""
+
+    def __init__(self, enabled: bool = False):
+        self._enabled = enabled
+
+    def identity_created(self, name: str, aip_id: str) -> None:
+        if self._enabled:
+            print(f"[AIP] Identity created: {name} -> {aip_id}")
+
+    def token_issued(self, agent_name: str, scope: list[str], mode: str) -> None:
+        if self._enabled:
+            print(f"[AIP] Token issued: {agent_name} scope={scope} mode={mode}")
+
+    def delegation(self, parent: str, child: str, scope: list[str], chain_depth: int) -> None:
+        if self._enabled:
+            print(
+                f"[AIP] Delegation: {parent} -> {child} "
+                f"[scope: {','.join(scope)}] [chain depth: {chain_depth}]"
+            )
+
+    def tool_call(self, agent_name: str, tool_name: str, chain_depth: int) -> None:
+        if self._enabled:
+            print(
+                f"[AIP] Tool call: {agent_name} -> {tool_name} "
+                f"[chain depth: {chain_depth}]"
+            )

aip_agents-0.1.0/core/token_manager.py

@@ -0,0 +1,111 @@
+import time
+
+from aip_agents.core.config import AIPConfig
+from aip_agents.core.identity_manager import IdentityManager
+from aip_token.claims import AipClaims
+from aip_token.compact import CompactToken
+from aip_token.chained import ChainedToken
+from aip_token.error import TokenError
+
+
+class TokenManager:
+    """Issues compact tokens and chained delegation tokens for agents."""
+
+    DEFAULT_TTL = 3600
+
+    def __init__(self, identity_manager: IdentityManager, config: AIPConfig):
+        self._id_mgr = identity_manager
+        self._config = config
+
+    def issue(self, agent_name: str, scope: list[str], ttl: int = DEFAULT_TTL) -> str:
+        identity = self._id_mgr.get(agent_name)
+        if identity is None:
+            raise TokenError(f"Agent '{agent_name}' not registered", "identity_unresolvable")
+        root = self._id_mgr.root_identity()
+        now = int(time.time())
+        claims = AipClaims(
+            iss=root.aip_id,
+            sub=identity.aip_id,
+            scope=scope,
+            max_depth=0,
+            iat=now,
+            exp=now + ttl,
+        )
+        return CompactToken.create(claims, root.keypair)
+
+    def verify(self, token_str: str, required_scope: str) -> CompactToken:
+        root = self._id_mgr.root_identity()
+        verified = CompactToken.verify(token_str, root.public_key_bytes)
+        if not verified.has_scope(required_scope):
+            raise TokenError(
+                f"Token does not authorize '{required_scope}'",
+                "scope_insufficient",
+            )
+        return verified
+
+    def issue_chained(
+        self,
+        agent_name: str,
+        scope: list[str],
+        max_depth: int = 5,
+        budget_cents: int | None = None,
+        ttl: int = DEFAULT_TTL,
+    ) -> str:
+        identity = self._id_mgr.get(agent_name)
+        if identity is None:
+            raise TokenError(f"Agent '{agent_name}' not registered", "identity_unresolvable")
+        token = ChainedToken.create_authority(
+            issuer=identity.aip_id,
+            scopes=scope,
+            budget_cents=budget_cents,
+            max_depth=max_depth,
+            ttl_seconds=ttl,
+            keypair=identity.keypair,
+        )
+        return token.to_base64()
+
+    def delegate(
+        self,
+        parent_token: str,
+        parent_name: str,
+        child_name: str,
+        attenuated_scope: list[str],
+        context: str,
+        budget_cents: int | None = None,
+    ) -> str:
+        parent_identity = self._id_mgr.get(parent_name)
+        child_identity = self._id_mgr.get(child_name)
+        if parent_identity is None:
+            raise TokenError(f"Agent '{parent_name}' not registered", "identity_unresolvable")
+        if child_identity is None:
+            raise TokenError(f"Agent '{child_name}' not registered", "identity_unresolvable")
+        chained = ChainedToken.from_base64(
+            parent_token, parent_identity.public_key_bytes
+        )
+        delegated = chained.delegate(
+            delegator=parent_identity.aip_id,
+            delegate=child_identity.aip_id,
+            scopes=attenuated_scope,
+            budget_cents=budget_cents,
+            context=context,
+        )
+        return delegated.to_base64()
+
+    def authorize_chained(self, token_str: str, tool: str) -> None:
+        for identity in self._id_mgr.all():
+            try:
+                chained = ChainedToken.from_base64(token_str, identity.public_key_bytes)
+                chained.authorize(tool, identity.public_key_bytes)
+                return
+            except Exception:
+                continue
+        raise TokenError(f"No valid authority found for tool '{tool}'", "scope_insufficient")
+
+    def chain_depth(self, token_str: str) -> int:
+        for identity in self._id_mgr.all():
+            try:
+                chained = ChainedToken.from_base64(token_str, identity.public_key_bytes)
+                return chained.current_depth()
+            except Exception:
+                continue
+        raise TokenError("Cannot determine chain depth", "token_malformed")

aip_agents-0.1.0/examples/adk_example.py

@@ -0,0 +1,57 @@
+"""Example: Add AIP identity and delegation to Google ADK agents.
+
+Usage:
+    pip install aip-agents[adk]
+    python adk_example.py
+"""
+
+from google.adk import Agent, Runner
+from aip_agents import AIPConfig
+from aip_agents.adapters.adk import AIPAdkPlugin
+
+# 1. Create the plugin
+plugin = AIPAdkPlugin(AIPConfig(
+    app_name="research-pipeline",
+    log_tokens=True,
+))
+
+# 2. Define sub-agents
+summarizer = Agent(
+    name="summarizer",
+    model="gemini-2.5-flash",
+    instruction="Summarize the research findings concisely.",
+    description="Summarization specialist",
+    tools=[],
+)
+
+fact_checker = Agent(
+    name="fact_checker",
+    model="gemini-2.5-flash",
+    instruction="Verify claims against sources.",
+    description="Fact verification agent",
+    tools=[],
+)
+
+# 3. Define coordinator with sub-agents
+coordinator = Agent(
+    name="coordinator",
+    model="gemini-2.5-flash",
+    instruction="Route tasks to the appropriate sub-agent.",
+    description="Task coordinator",
+    tools=[],
+    sub_agents=[summarizer, fact_checker],
+)
+
+# 4. Create runner and register plugin
+runner = Runner(agent=coordinator)
+plugin.register(runner)
+
+# 5. Inspect delegation chains
+print("\n--- Delegation Chain Depths ---")
+for name in ["coordinator", "summarizer", "fact_checker"]:
+    depth = plugin.get_chain_depth(name)
+    print(f"{name}: depth {depth}")
+
+print("\n--- Tool Call Headers ---")
+headers = plugin.get_tool_call_headers("summarizer")
+print(f"X-AIP-Token: {headers.get('X-AIP-Token', 'N/A')[:50]}...")

aip_agents-0.1.0/examples/crewai_example.py

@@ -0,0 +1,74 @@
+"""Example: Add AIP identity and delegation to a CrewAI crew.
+
+Usage:
+    pip install aip-agents[crewai]
+    python crewai_example.py
+"""
+
+from crewai import Agent, Crew, Task, Process
+from aip_agents import AIPConfig
+from aip_agents.adapters.crewai import AIPCrewPlugin
+
+# 1. Create the plugin (with logging to see what happens)
+plugin = AIPCrewPlugin(AIPConfig(
+    app_name="research-crew",
+    log_tokens=True,
+))
+
+# 2. Define your agents as normal
+researcher = Agent(
+    role="researcher",
+    goal="Find accurate information about AI agent identity protocols",
+    backstory="Expert at web research and source verification",
+    tools=[],
+    allow_delegation=False,
+)
+
+writer = Agent(
+    role="writer",
+    goal="Write clear, concise summaries of research findings",
+    backstory="Technical writer specializing in AI systems",
+    tools=[],
+    allow_delegation=False,
+)
+
+# 3. Define tasks
+research_task = Task(
+    description="Research the current state of AI agent identity protocols",
+    expected_output="A summary of existing protocols and gaps",
+    agent=researcher,
+)
+
+write_task = Task(
+    description="Write a blog post based on the research",
+    expected_output="A 500-word blog post",
+    agent=writer,
+)
+
+# 4. Create crew and register plugin
+crew = Crew(
+    agents=[researcher, writer],
+    tasks=[research_task, write_task],
+    process=Process.sequential,
+)
+
+plugin.register(crew)
+
+# 5. Access tokens programmatically
+print("\n--- Agent Identities ---")
+for agent_name in ["researcher", "writer"]:
+    identity = plugin.identity_manager.get(agent_name)
+    print(f"{agent_name}: {identity.aip_id}")
+
+print("\n--- Tool Call Headers ---")
+headers = plugin.get_tool_call_headers("researcher")
+print(f"X-AIP-Token: {headers.get('X-AIP-Token', 'N/A')[:50]}...")
+
+# 6. Create delegation
+delegation_token = plugin.create_delegation(
+    parent_role="researcher",
+    child_role="writer",
+    task_description="Write summary based on research findings",
+    scope=["write", "summarize"],
+)
+print(f"\nDelegation chain depth: {plugin.token_manager.chain_depth(delegation_token)}")

aip_agents-0.1.0/pyproject.toml

@@ -0,0 +1,46 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "aip-agents"
+version = "0.1.0"
+description = "AIP identity and delegation for AI agent frameworks"
+readme = "README.md"
+license = "Apache-2.0"
+requires-python = ">=3.10"
+authors = [
+    { name = "Sunil Prakash", email = "sunil@sunilprakash.com" },
+]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: Apache Software License",
+    "Programming Language :: Python :: 3",
+    "Topic :: Security :: Cryptography",
+    "Topic :: Software Development :: Libraries",
+]
+dependencies = [
+    "cryptography>=43.0",
+    "PyJWT[crypto]>=2.9",
+    "pydantic>=2.0",
+    "base58>=2.1",
+    "biscuit-python>=0.4",
+]
+
+[project.optional-dependencies]
+crewai = ["crewai>=0.80"]
+adk = ["google-adk>=1.0"]
+all = ["aip-agents[crewai,adk]"]
+dev = ["pytest>=8.0", "pytest-asyncio>=0.24"]
+
+[project.urls]
+Homepage = "https://github.com/sunilp/aip"
+Documentation = "https://github.com/sunilp/aip#aip-agents"
+Repository = "https://github.com/sunilp/aip"
+
+[tool.hatch.build.targets.wheel]
+packages = ["aip_agents"]
+
+[tool.hatch.build]
+root = "."