Korven

AI agents can act. But they have zero security

2 followers

AI agents can act. But they have zero security

2 followers

We require HTTPS for web requests, OAuth for APIs, 2FA for logins. But AI agents? Zero identity. Zero authorization. Zero kill switch. AIP is the missing security layer: Ed25519 identity per agent (DID-based) Cryptographic boundary enforcement - not prompt guardrails Instant global revocation - one API call <1ms verification, deterministic (not probabilistic) @observe - free agent debugging (NEW v0.4.0) Open-source. Python + TypeScript. Works with LangChain, CrewAI, AutoGen.

Free Options

Launch tags:Open Source•Developer Tools•Artificial Intelligence

Launch Team / Built With

Wispr Flow: Dictation That Works Everywhere — Stop typing. Start speaking. 4x faster.

Stop typing. Start speaking. 4x faster.

Promoted

Maker

📌 Hey Product Hunt! 👋

During a demo, I watched an AI agent nearly drain a test account. In 3 seconds it

had authorized a $50K transfer with zero identity checks.

That's when I realized: we have HTTPS for web traffic, OAuth for APIs, 2FA for logins —

but AI agents execute actions with nothing but a system prompt and hope.

So I built AIP - the cryptographic protocol layer that was missing:

@shield(passport, actions=["transfer_funds"], limit=500)

One decorator. Every call is Ed25519-signed, boundary-checked, and revocable instantly.

What shipped today (v0.4.0):

• @observe - free agent visibility (logs everything, blocks nothing)

• One-line upgrade: @observe → @shield when you need enforcement

• 98 tests passing, Python + TypeScript SDKs

This is NOT prompt guardrails. It's deterministic, cryptographic enforcement,

the difference between hoping your agent follows instructions and knowing it can't

violate them.

I'd love to hear: what would make YOU trust an AI agent in production?

pip install aip-protocol

npm install aip-protocol

https://korven.cc

GitHub: https://github.com/theaniketgiri/aip

Report

1mo ago

Forum Threads

p/korven

•

1mo ago

Show me your scariest AI agent failure story

We've all seen it - an agent goes rogue during a demo, a test agent

accesses production data, a chatbot sends emails it shouldn't.

What's the worst thing an AI agent has done in your system?

(Bonus points if it happened in production )

p/korven

•

1mo ago

@observe - free agent debugging before you need security

We just shipped v0.4.0 with @observe, a free, lightweight way to

see what your agents are doing.

from aip_protocol import passport, observe

p/korven

•

1mo ago

AIP vs prompt guardrails - why we chose cryptography

Most AI safety tools use prompt-level filters:

- "Don't do anything harmful"

- LLM-as-judge (another model watching the first one)

- Retrieval-based guardrails

View all

📌 Hey Product Hunt! 👋

During a demo, I watched an AI agent nearly drain a test account. In 3 seconds it

had authorized a $50K transfer with zero identity checks.

That's when I realized: we have HTTPS for web traffic, OAuth for APIs, 2FA for logins —

but AI agents execute actions with nothing but a system prompt and hope.

So I built AIP - the cryptographic protocol layer that was missing:

@shield(passport, actions=["transfer_funds"], limit=500)

One decorator. Every call is Ed25519-signed, boundary-checked, and revocable instantly.

What shipped today (v0.4.0):

• @observe - free agent visibility (logs everything, blocks nothing)

• One-line upgrade: @observe → @shield when you need enforcement

• 98 tests passing, Python + TypeScript SDKs

This is NOT prompt guardrails. It's deterministic, cryptographic enforcement,

the difference between hoping your agent follows instructions and knowing it can't

violate them.

I'd love to hear: what would make YOU trust an AI agent in production?

pip install aip-protocol

npm install aip-protocol

https://korven.cc

GitHub: https://github.com/theaniketgiri/aip