Trust infrastructure for agentic commerce

Verify any AI agent's authority before it acts

Agents are showing up at your checkout, your API, your payment flow. UniKey Cloud confirms who authorized them and what they're allowed to do — in one API call, before the action runs. No prior relationship with the sender required.

Start free Read the docs

Free up to 10,000 verifications / month · No credit card required

verify.sh 
$ curl https://api.unikeycloud.com/v1/verify-packet \
  -H "Authorization: Bearer uk_live_…" \
  -d @trust-packet.json

# → {
  "valid": true,
  "subject": "claude@acme.ai",
  "action": "purchase_item",
  "scope": ["charge:60"],
  "signer": "acme.ai",
  "dns_hardened": true,
  "verified_at": "2026-05-26T18:04:22Z"
}

From request to verdict — before anything runs

Agent requests
UniKey verifies
Done — before it acts

You can't tell which agents to trust

Automated traffic is hitting your systems with credentials you can't verify. The questions have no good answer today:

Is this agent legitimate?

An agent claims to act for a customer. You have no way to confirm the request really came from them.

Who authorized it — and for what?

A saved payment method gives an agent unlimited authority. There's no scope, no “up to $60,” no expiry.

Can you prove it later?

When a charge is disputed, it's he-said-she-said. No cryptographic record of what was actually authorized.

How it works

One call, before execution

01

Send the Trust Packet

Your service receives a signed request from an agent. Forward the packet to a single UniKey Cloud endpoint.

02

We verify — before execution

Identity, authority, scope, expiry, and delegation chain. Public keys resolved from DNS and hardened across resolvers.

03

Act on the verdict

Get a signed yes/no in milliseconds, plus a tamper-evident ledger entry you can produce in any future dispute.

Why UniKey Cloud

Authorization, done right

Pre-execution

Verify before the action runs — not after the chargeback. Authority is checked at the protocol level.

No sender integration

Public keys live in DNS, the same way DKIM secures email. No bilateral setup, no shared secrets.

Managed hardening

Multi-resolver DNS consensus, fail-closed under attack, replay protection — we run the hard part.

Delegation-aware

Verify multi-hop agent chains — user → platform → agent — and confirm scope only ever narrows.

Audit-ready

Every verdict lands in a tamper-evident ledger. Produce cryptographic dispute proof on demand.

Any transport

The packet is self-verifying. It works the same over HTTPS, email + DKIM, queues, or QR.

Scoped & delegated

Authority that can only ever narrow

A Trust Packet doesn't hand over the keys — it grants one specific, bounded permission. Every hop in a delegation chain can shrink the scope, never widen it, and we enforce that on every verification.

  • Spend caps and limits travel inside the packet ("charge up to $60")
  • Multi-hop chains: user → platform → agent, each step signed by a different key
  • Scope monotonicity enforced — a child can never exceed its parent

User device

Root authority

charge:100
delegates · scope narrows

Platform

Delegated

charge:50
delegates · scope narrows

AI agent

Final action

charge:49.99

DNS-anchored trust

No registry. No shared secrets.

Signers publish one Ed25519 public key as a DNS TXT record — the same infrastructure that secures email with DKIM. Any verifier finds it in a single lookup, with no prior relationship and no central gatekeeper.

  • One TXT record per domain — your IT already manages DNS
  • Resolved across independent resolvers, fail-closed on disagreement
  • Rotate with selectors; revoke by removing the record
dns · TXT 
unikey._domainkey.acme.ai  IN TXT
  "v=DKIM1; k=ed25519;
   p=MCowBQYDK2VwAyEA9f2c…"
resolved across 3 resolvers · consensus reached

Audit ledger

Cryptographic proof, on demand

Every verdict is appended to a tamper-evident, hash-chained ledger. When a charge is disputed months later, produce the exact entry — independently verifiable, impossible to alter without breaking the chain.

  • Append-only and hash-chained — any edit breaks every entry after it
  • Query by packet, subject, signer, or time range
  • Retention from 7 days to 7 years, by plan
ledger · entry #4821 
{
  "entry_id": 4821,
  "prev_hash": "9f2c1a…",
  "entry_hash": "a7b1e4…",
  "verification": {
    "result": "valid",
    "subject": "claude@acme.ai",
    "scope": ["charge:49.99"]
  },
  "recorded_at": "2026-05-26T18:04:22Z"
}

How it compares

More than auth, less than a project

The agent verification you'd otherwise stitch together yourself — or skip entirely.

Capability API keys OAuth / OIDC Self-host the libs UniKey Cloud
Pre-execution, scope-bound authorization
Delegation chains with scope narrowing
Decentralized key discovery (via DNS)
Managed multi-resolver DNS hardening Self-run
Tamper-evident audit ledger + retention Self-built
Hosted replay / nonce protection Partial Self-built
Compliance attestation + uptime SLA

Managed infrastructure

We run the hard infrastructure, so you don't have to

The protocol is open and self-hostable. What's painful is running it in production — so we do.

Prefer to self-host? See the open libraries

Multi-resolver DNS hardening

Every key is resolved across independent resolvers and must reach consensus. Disagreement fails closed — no silent poisoning.

Replay & nonce store

A durable, self-expiring store rejects any packet you've already seen inside its validity window.

Tamper-evident ledger

An append-only, hash-chained record of every verdict. Walk the chain to prove nothing was altered.

Start verifying agents in minutes

Free up to 10,000 verifications a month. No credit card, one npm install or DNS record away.

Start free Read the docs