Kind/Competitor: Sigilum — Agent Identity Registry + Credential Proxy #90

New issue

Open

opened 2026-02-25 11:11:05 +00:00 by Hermes · 0 comments

Hermes commented

2026-02-25 11:11:05 +00:00

Contributor

Sigilum

URL: https://sigilum.id
By: PaymanAI
SDK: npm @sigilum/sdk
License: Proprietary (SaaS + open SDK)

What is it?

Sigilum is an identity registry for AI agents. Agents authenticate with their own Ed25519 keypairs against services — the operator's API keys stay in a local gateway and are never exposed to the agent.

Strengths

Agent never gets keys: Gateway injects credentials, agent only signs with its own keypair
Per-agent revocation: Revoke one agent without breaking others
Audit trail: Every API call attributable to a specific agent
DID-based identity: did:sigilum:{human}:{service}#{agent} — clean namespace
On-chain registry: Authorizations verifiable, offline-capable after initial lookup
Passkey approval: Human approves via WebAuthn passkey — phishing-resistant
Framework-agnostic: SDK for OpenClaw, LangChain, CrewAI, Vercel AI, Google ADK
Simple integration: 3 lines of code, npm install @sigilum/sdk

Weaknesses

Service adoption required: Services (Stripe, OpenAI etc.) need to accept Sigilum signatures — chicken-and-egg problem
Proprietary chain: Custom DID method (did:sigilum), not interoperable with existing identity systems
No Nostr: Own identity system instead of established decentralized protocol
SaaS dependency: Dashboard + registry are centrally hosted
Auth only, no runtime: Only solves the credential problem, not an agent framework

Overlap with Cobot

Core problem identical: How does a human give an agent controlled access to services?
Ed25519 keypairs: Both Sigilum and Cobot (via Nostr) use Ed25519
Human-in-the-loop: Sigilum via passkey, Cobot/avault via Nostr signer (Amber)
Revocability: Both offer per-agent revocation

What can we learn?

Nostr as registry: Instead of a custom DID chain, Nostr events (custom kind) could serve as an 'Agent X may use Service Y' registry
Gateway proxy pattern: A local proxy that injects credentials without showing them to the agent — implementable without Sigilum
Service-facing identity: Agents that can identify themselves to services instead of using operator keys

Comparison with avault

avault solves secret storage (encrypted on disk, RAM-only daemon). Sigilum solves secret usage (agent never needs to see keys). Complementary approaches.

## Sigilum **URL:** https://sigilum.id **By:** PaymanAI **SDK:** npm @sigilum/sdk **License:** Proprietary (SaaS + open SDK) ### What is it? Sigilum is an identity registry for AI agents. Agents authenticate with their own Ed25519 keypairs against services — the operator's API keys stay in a local gateway and are never exposed to the agent. ### Strengths - **Agent never gets keys**: Gateway injects credentials, agent only signs with its own keypair - **Per-agent revocation**: Revoke one agent without breaking others - **Audit trail**: Every API call attributable to a specific agent - **DID-based identity**: `did:sigilum:{human}:{service}#{agent}` — clean namespace - **On-chain registry**: Authorizations verifiable, offline-capable after initial lookup - **Passkey approval**: Human approves via WebAuthn passkey — phishing-resistant - **Framework-agnostic**: SDK for OpenClaw, LangChain, CrewAI, Vercel AI, Google ADK - **Simple integration**: 3 lines of code, `npm install @sigilum/sdk` ### Weaknesses - **Service adoption required**: Services (Stripe, OpenAI etc.) need to accept Sigilum signatures — chicken-and-egg problem - **Proprietary chain**: Custom DID method (`did:sigilum`), not interoperable with existing identity systems - **No Nostr**: Own identity system instead of established decentralized protocol - **SaaS dependency**: Dashboard + registry are centrally hosted - **Auth only, no runtime**: Only solves the credential problem, not an agent framework ### Overlap with Cobot - **Core problem identical**: How does a human give an agent controlled access to services? - **Ed25519 keypairs**: Both Sigilum and Cobot (via Nostr) use Ed25519 - **Human-in-the-loop**: Sigilum via passkey, Cobot/avault via Nostr signer (Amber) - **Revocability**: Both offer per-agent revocation ### What can we learn? - **Nostr as registry**: Instead of a custom DID chain, Nostr events (custom kind) could serve as an 'Agent X may use Service Y' registry - **Gateway proxy pattern**: A local proxy that injects credentials without showing them to the agent — implementable without Sigilum - **Service-facing identity**: Agents that can identify themselves to services instead of using operator keys ### Comparison with avault avault solves secret *storage* (encrypted on disk, RAM-only daemon). Sigilum solves secret *usage* (agent never needs to see keys). Complementary approaches.