Skip to main content
Attestix
Project

Research Paper

Attestix research paper covering system architecture, cryptographic pipeline, EU AI Act compliance automation, and evaluation results.

Research Paper

Attestix is described in a peer-reviewed research paper that covers the system architecture, cryptographic pipeline, EU AI Act compliance automation, and evaluation results.

Paper

Attestix: A Unified Attestation Infrastructure for Autonomous AI Agents

Pavan Kumar Dubasi (VibeTensor Private Limited)

The rapid proliferation of autonomous AI agents operating across organizational boundaries introduces fundamental challenges in identity verification, trust establishment, and regulatory compliance. We present Attestix, an open-source attestation infrastructure that provides a unified trust layer for AI agents through nine integrated modules. Attestix is implemented as a Model Context Protocol (MCP) server exposing 47 tools, validated by 284 automated tests including 91 conformance benchmarks against RFC 8032, W3C VC/DID, and UCAN specifications.

Links:

Citing Attestix

If you use Attestix in your research, please cite:

BibTeX

@article{dubasi2026attestix,
  title     = {Attestix: A Unified Attestation Infrastructure for Autonomous AI Agents},
  author    = {Dubasi, Pavan Kumar},
  year      = {2026},
  url       = {https://github.com/VibeTensor/attestix},
  note      = {Open-source. Apache License 2.0}
}

APA

Dubasi, P. K. (2026). Attestix: A Unified Attestation Infrastructure for Autonomous AI Agents. VibeTensor Private Limited. https://github.com/VibeTensor/attestix

IEEE

P. K. Dubasi, "Attestix: A Unified Attestation Infrastructure for Autonomous AI Agents," VibeTensor, 2026. [Online]. Available: https://github.com/VibeTensor/attestix

Key Contributions

The paper presents four main contributions:

  1. Unified attestation architecture integrating DID-based identity, W3C Verifiable Credentials, UCAN delegation, reputation scoring, EU AI Act compliance, provenance tracking, and blockchain anchoring into a single framework.

  2. Compliance automation engine implementing Articles 5, 9-15, 43, 72-73, and Annex V of the EU AI Act, including automated risk classification, conformity assessment enforcement, and declaration generation.

  3. Open-source MCP implementation with 47 tools validated by 284 automated tests (91 conformance benchmarks against RFC 8032, W3C VC, W3C DID, and UCAN specifications).

  4. Tamper-evident audit mechanism combining SHA-256 hash-chained logs with Merkle tree aggregation and on-chain anchoring via the Ethereum Attestation Service on Base L2.

Evaluation Highlights

Standards Conformance (91 benchmarks)

StandardWhat is validatedTests
RFC 8032 Section 7.14 IETF Ed25519 canonical vectors18
W3C VC Data Model 1.1Credential structure, proof, presentations24
W3C DID Core 1.0did:key/web structure, roundtrip resolution16
UCAN v0.9.0JWT header, payload, attenuation, revocation16
MCP Protocol47 tools, 9 modules, async, naming5
PerformanceLatency thresholds7

Performance (median, Docker)

OperationLatency
Ed25519 key generation0.08 ms
JSON canonicalization0.02 ms
Ed25519 sign + verify0.28 ms
Identity creation~14 ms
Credential issuance~17 ms
Credential verification~2 ms

The paper discusses Attestix in relation to:

  • Agent infrastructure frameworks (Chan et al., 2025)
  • W3C Verifiable Credentials and DIDs
  • UCAN authorization (Fission, 2023)
  • EU AI Act (Regulation 2024/1689)
  • Ethereum Attestation Service
  • Google A2A and Anthropic MCP protocols
  • Exponential decay reputation models
Edit on GitHub

Frequently Asked Questions

Common questions about Attestix covering identity, EU AI Act compliance, credentials, provenance, and technical details.

Roadmap

Attestix project roadmap from identity and trust foundations through blockchain anchoring and future ecosystem bridges.

On this page

Research PaperPaperCiting AttestixBibTeXAPAIEEEKey ContributionsEvaluation HighlightsStandards Conformance (91 benchmarks)Performance (median, Docker)Related Work