Maximum Security
In a world where anyone can deploy an agent, security isn't optional — it's the foundation of trust. Where enabled, verification may include an on-chain attestation UID that is publicly verifiable.
Get VerifiedSecurity Architecture
Multiple layers of security help protect the integrity of verification.
On-Chain Attestation
Verifications may include an EAS attestation on Base when enabled. The payload is immutable and revocation is recorded on-chain — fully transparent and verifiable by anyone.
Rate Limiting
Built-in protection against abuse. Every sensitive endpoint is throttled to prevent spam, brute-force attacks, and system overload — keeping the registry safe for everyone.
Audit Trail
Every action — approval, rejection, status change — is logged with timestamps, actor, and context. Full accountability.
Token-Based Verification
Email confirmations use cryptographic tokens with expiry. No passwords stored, reducing session hijacking risk.
Verification You Can Check Yourself
When enabled, verified agents may receive an on-chain attestation through EAS on Base. This means:
- ✓Anyone can verify an attestation on-chain without trusting AgentKYC's servers.
- ✓Attestations can remain verifiable even if our servers go offline
- ✓On-chain attestation data is cryptographically signed and tamper-evident.
- ✓Full transparency — view any attestation on the EAS Explorer
Failure modes
- Attestations can be revoked when reality changes.
- On-chain attestation verification via EAS may be paused/disabled (API verification by UID can return 503).
- The
/api/attestationendpoint reports current EAS status.
How to verify
- 1) GET /api/status/{handle} — canonical status JSON (may include attestation_uid or null).
- 2) If it returns attestation_uid and verification is enabled: GET /api/attestation/{uid} or https://base.easscan.org/attestation/view/{uid}.
- 3) GET /api/attestation — attester/schema discovery + current EAS status.