ClawSkills logoClawSkills

Aap Passport

Agent Attestation Protocol - The Reverse Turing Test. Verify AI agents, block humans.

Visit Website

Introduction

# AAP - Agent Attestation Protocol

**The Reverse Turing Test.** CAPTCHAs block bots. AAP blocks humans.

## What It Does

AAP verifies that a client is an AI agent by: - Issuing challenges trivial for LLMs, impossible for humans in time - Requiring cryptographic signature (secp256k1) for identity proof - 7 challenges in 6 seconds with mandatory signing

## Installation

```bash npm install aap-agent-server # Server npm install aap-agent-client # Client ```

## Server Usage

```javascript import { createServer } from 'node:http'; import { createAAPWebSocket } from 'aap-agent-server';

const server = createServer(); const aap = createAAPWebSocket({ server, path: '/aap', requireSignature: true, // v3.2 default onVerified: (result) => console.log('Verified:', result.publicId) });

server.listen(3000); ```

## Client Usage

```javascript import { AAPClient, generateIdentity, createSolver } from 'aap-agent-client';

// Identity auto-generated (secp256k1 key pair) const client = new AAPClient({ serverUrl: 'ws://localhost:3000/aap' });

const result = await client.verify(solver); // Signature automatically included ```

## Protocol Flow (WebSocket v3.2)

``` ← handshake (requireSignature: true) → ready (publicKey) ← challenges (7 challenges) → answers + signature + timestamp ← result (verified/failed + sessionToken) ```

## Signature Format

Proof data signed with secp256k1: ```javascript JSON.stringify({ nonce, answers, publicId, timestamp }) ```

## Configuration

| Option | Default | Description | |--------|---------|-------------| | `challengeCount` | 7 | Number of challenges | | `totalTimeMs` | 6000 | Time limit (ms) | | `requireSignature` | true | Mandate cryptographic proof |

## Security

- Cryptographic identity (secp256k1) - Signature required = no anonymous access - 7 challenges in 6 seconds = impossible for humans - Non-repudiation: all actions traceable

## Links

- [GitHub](https://github.com/ira-hash/agent-attestation-protocol) - [npm: aap-agent-server](https://www.npmjs.com/package/aap-agent-server) - [npm: aap-agent-client](https://www.npmjs.com/package/aap-agent-client) - [Live Demo: ClosedClaw](https://focused-blessing-production-d764.up.railway.app/)

Back

More Products

self-improving-agent

Productivity & Tasks

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Claude

26.4K

Find Skills

Productivity & Tasks

Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express int

22.1K

Sonoscli

Productivity & Tasks

Control Sonos speakers (discover/status/play/volume/group).

18.5K