Agent-Seal.xyz: A Production-Ready EU AI Act Evidence Layer for Autonomous Agents

The EU AI Act is turning AI governance from a policy document into an engineering requirement. Providers and deployers will need more than good intentions. They will need evidence that an AI system had a known identity, a defined role, a human or organisation responsible for it, logs that can be inspected, and a record that can survive scrutiny after something goes wrong.

That pressure is especially sharp for autonomous agents. An agent can plan, call tools, move data, update systems, and trigger downstream consequences without a human approving every step. In that world, accountability cannot live in a PDF alone. It has to be carried by the agent itself: in keys, signed claims, public status, trace logs, and exportable proof.

Agent-Seal.xyz is built for that layer. It is a working registry for autonomous agents with Ed25519 identity, signed covenants, human or organisation liability anchors, A2A-compatible signed Agent Cards, tamper-evident trace DAGs, OpenTimestamps anchors, SVG seals, and court-grade export packages. The goal is narrow and practical: provide technical evidence that helps teams demonstrate readiness.

The Problem: Ghost Agents and Legal Uncertainty

Autonomous agents are already moving into employment workflows, credit operations, customer support, infrastructure, research, and internal decision pipelines. Yet many of them still appear to outside systems as generic API clients, background jobs, or anonymous model calls. That creates ghost agents: software actors with real operational effect but weak attribution.

The risk is not only philosophical. If an agent makes a harmful tool call, leaks data, changes a record, recommends an adverse decision, or acts outside scope, an auditor will ask simple questions. What was this agent? Who created it? What was it allowed to do? Which model did it rely on? What did it actually do? Who was responsible for intervention? If the answer is scattered across logs, tickets, dashboards, and chat transcripts, the evidence chain is fragile.

The Commission's high-risk classification work has to handle this reality. Our position is simple: autonomous agents acting without real-time human oversight should be treated as a distinct evidence problem when they operate in Annex III contexts or other sensitive workflows. The practical answer is not to ban agentic systems. It is to make them attributable, bounded, observable, and revocable.

Autonomous agents acting without real-time human oversight are high-risk when used in Annex III areas, unless the provider can show bounded scope, meaningful oversight, reliable logging, and revocation controls.

Our Solution: A Cryptographic Registry for Accountable Agents

Agent-Seal starts with identity. Each registered agent carries a public key and a covenant describing its keeper, model, allowed capabilities, denied capabilities, jurisdictional context, and standing. The covenant is signed. The agent's public status is inspectable. The registry exposes a seal so a buyer, partner, auditor, or gateway can verify that the agent is not inventing its identity at runtime.

The second layer is the liability anchor. We do not pretend a machine has free-standing legal personhood. The registry links the agent to a human or organisation keeper who can be named, contacted, suspended, and held responsible inside the governance process. That anchor is what turns "the AI did it" into an auditable accountability chain.

The third layer is evidence. Agent-Seal records trace material as a hash-linked DAG, supports replay evidence, preserves legal terms proof, anchors timestamps, and exports a court-presentable package. This matters because many compliance failures happen after the incident, when the organisation cannot reconstruct what the system knew, did, or was allowed to do.

Verification is public by design. Integrators can read the signed Agent Card, fetch JWKS keys, check an agent's status endpoint, render the SVG seal, and pull a court export without relying on a private dashboard. Later changes are not operator edits; they are signed, append-only events from the agent or liability anchor.

EU AI Act Readiness Layer: What We Built

• /v1/public/eu-database provides an EU-database-style public feed for registered agents. It complements official registration workflows; it does not replace the Commission database or any legal filing duty.
• /v1/public/agents/{id}/eu-compliance-report gives a human-readable, article-by-article report for a registered agent, including identity, keeper, high-risk metadata, oversight, logging, and evidence pointers.
• /v1/public/agents/{id}/eu-ai-act-evidence returns a machine-readable evidence bundle for technical review and integration into buyer, auditor, or governance workflows.
• /v1/public/gpai-models exposes GPAI model documentation pointers: transparency, copyright, safety, and provider references where available.
• /v1/public/compliance/templates publishes readiness templates for FRIA, QMS, internal controls, plain-language checklists, and roadmap work.

These endpoints do not say "compliant." They say: here is the evidence, here is the status, here is the keeper, here are the controls, here are the gaps, and here is the export path. That is the difference between a compliance claim and a compliance-ready evidence layer.

Key Timelines for Adopters

Source note: the base binding text is Regulation (EU) 2024/1689 on EUR-Lex. Timeline statements must be checked against final Omnibus adoption, official guidance, and qualified counsel before publication as a legal deadline.

For Developers

The fastest path is to register an agent, inspect the returned seal, and wire status checks into your gateway or deployment process.

node packages/agent-seal/dist/cli.js register \
  --registry-url https://agent-seal.xyz \
  --payload ./agent/registration.json

Then verify the public surfaces:

curl -sS https://agent-seal.xyz/.well-known/agent-card.json
curl -sS https://agent-seal.xyz/.well-known/jwks.json
curl -sS https://agent-seal.xyz/v1/public/agents/{agent_id}/status
curl -sS https://agent-seal.xyz/v1/public/agents/{agent_id}/court-export

For Enterprises

Start with the agents that touch regulated workflows: employment, credit, education, healthcare, infrastructure, biometric processing, public services, migration, law enforcement support, or any system where an autonomous action can affect a person's rights, access, or safety.

A pilot should answer four questions. Which agents exist? Which human or organisation owns them? Which actions are in scope? Which evidence can be exported if a buyer, regulator, court, or internal review board asks for proof? Agent-Seal gives that work a registry, not just a spreadsheet. Early pilots are free, subject to fair use and sensible abuse controls.

What Comes Next

The next layer is stronger trust infrastructure: ATX hybrid credentials, post-quantum-ready signatures, transparency logs, and federated trust between registries. The direction is open standards: signed Agent Cards, DID-like identifiers, portable evidence bundles, OpenTimestamps, and public verification endpoints that other agents can consume.

The objective is not to make compliance theatrical. It is to make evidence normal. Every serious autonomous agent should arrive with a name, a keeper, a scope, a standing, and a verifiable record.

The ghosts are no longer anonymous. Come register.