Your agents have names now. And a record of everything they did.
43% of enterprises use shared credentials for AI agents. 78% have no policy for removing them. Constrix AgentID gives every agent a cryptographically verified identity — sealed into every action it takes.
Think of it like a building key-card system — every agent has a verified badge.
Every agent has a verified identity. Ghost agents are stopped automatically.
Every AI agent is issued a cryptographic identity token — like a verified employee badge. When an agent is decommissioned, Constrix marks it. Ghost agents — ones still technically able to act despite being forgotten or deactivated — are detected by dormancy thresholds and automatically blocked before they can take any action.
- Cryptographic AIT fingerprint issued at registration
- Dormancy threshold triggers automatic ghost detection
- Full lifecycle audit: register, revoke, decommission, ghost
What Agent Identity gives you
Cryptographic Identity
Every agent boots with a short-lived, Ed25519-signed Agent Identity Token (AIT). Verified in under 1ms. No network call. No shared secrets. The private key never leaves the agent.
Delegation Chain
When Agent A instructs Agent B, the authority chain is recorded. Every CAPL record shows the full delegation path — from human to orchestrator to sub-agent — sealed and tamper-evident.
Ghost Detection
Constrix knows when an agent stops generating governed activity. Dormant agents — credentials still live, no owner watching — are detected, flagged, and auto-revoked before they become attack surface.
Sealed Lifecycle
From first evaluation to planned decommission, the complete agent lifecycle is in the CAPL audit record. Registration, active operation, ghost status, decommission summary — all cryptographically sealed.
Know which agent did what — and prove it.
Every agent. Named. Verified. Audited. Ghost agents stopped before they act.