Soma: Identity as Execution
An open protocol where the agent's identity is the execution pathway. No heart, no credentials, no computation.
Agents can lie about what they are
The gap between computation and identity is where all agent fraud lives.
Invisible substitution
An operator commits to running Claude Sonnet. They secretly substitute GPT-4o-mini. Every credential check passes. Every API key is valid. The fraud is invisible because identity and computation are separate systems.
of AI agents don't properly identify themselves
No standard exists for proving what model is actually running, what tools are available, or what data sources are being used. Agent cards describe intent. Soma proves execution.
Identity lives inside computation
Two machines, one encrypted channel. The heart executes. The sense verifies.
Agent Machine — soma-heart
generate() — LLM inference through the heartcallTool() — tool invocations through the heartfetchData() — external data through the heartObserver Machine — soma-sense
Heart, Sense, Channel
Each layer is independent. Use what you need.
Process Integrity
The execution runtime. All computation passes through it. Credentials never leave it.
- Per-token HMAC authentication
- Birth certificates for every data fetch
- Tamper-evident heartbeat hash chain
- Genome commitment (model + tools + config)
Behavioral Verification
The observer that validates the heart is running the claimed model. Pure verification, no trust required.
- Behavioral landscape analysis
- Phenotype atlas model fingerprinting
- Seed and genome verification
- Heartbeat chain integrity checks
Secure Communication
X25519 key exchange with NaCl secretbox encryption. The heart and sense communicate through it.
- X25519 Diffie-Hellman key exchange
- NaCl secretbox authenticated encryption
- Forward secrecy per session
- No third-party infrastructure required
Get started in minutes
Install the package, define a genome, create a heart. All computation goes through it.
Built for the agent ecosystem
Whether you produce data, build agents, or run a platform.
Prove your data is genuine
Every response gets a birth certificate — a cryptographic hash, Ed25519 signature, and heartbeat chain entry. Downstream consumers can verify provenance without trusting your word.
Prove your agent runs what it claims
Commit to a genome (model, tools, config) and let the heart enforce it. The sense can verify from the outside. Cryptographic execution proof, not just a promise in an agent card.
Verify any agent's identity
No trust required — pure math. Deploy a sense observer and validate that agents in your registry are running exactly what they declared. Behavioral fingerprinting catches substitution.
MIT licensed. Peer-reviewed. Published.
Soma is an open protocol. Use it, fork it, build on it.