OpenConductorOpenConductor
Infrastructure for the Agentic Era

The Trust Stack

Four layers of infrastructure that transform AI agents from unaccountable black boxes into auditable, insurable, compliant entities.

Register Your AgentView Contract

Why AI Agents Need an Identity Layer

Regulatory Risk

EU AI Act enforcement begins August 2026. Non-compliant AI systems face fines up to €35M or 7% of global revenue.

Liability Exposure

When an agent causes harm, who's responsible? Without identity and audit trails, liability is undefined and unlimited.

Uninsurable

Insurance carriers can't price risk for anonymous agents. No identity = no coverage = no enterprise deals.

The Trust Stack solves this by giving every AI agent a verifiable on-chain identity, connecting it to policy frameworks, enabling risk assessment, and providing proof of compliance.

1

Registry

LIVE NOW

ERC-8004 Agent Identity Registry

The foundational layer. Every AI agent gets a unique, immutable on-chain identity with cryptographic proof of registration. This is the anchor for all compliance, auditing, and trust scoring.

What Gets Registered

  • Unique Agent ID (ERC-721 NFT)
  • Registrant address (owner/operator)
  • Metadata URI (capabilities, version, docs)
  • Registration timestamp (immutable)
  • Trust tier (UNVERIFIED → CERTIFIED)

Technical Details

StandardERC-8004
NetworkBase Sepolia (Mainnet Q2)
IndexingThe Graph Subgraph
Contract0xf8d704...5d898a

Trust Tiers

UNVERIFIEDRegistered, no attestations
ATTESTEDThird-party attestation received
VERIFIEDMultiple attestations, audited
CERTIFIEDISO 42001 compliant, insurable

Attestation System

Third parties can attest to agent capabilities, audits, or certifications. Attestations are on-chain and queryable.

// Attestation types
AUDIT | CAPABILITY | CERTIFICATION | ENDORSEMENT
2

Governor

Q2 2026

AP2 Policy Engine

Runtime policy enforcement for AI agents. Define what agents can and cannot do, enforce boundaries, and create audit trails for every action. Think of it as firewall rules for agent behavior.

Policy Capabilities

  • Action allowlists/blocklists
  • Rate limiting and quotas
  • Data access boundaries
  • Human-in-the-loop triggers
  • Cost and resource caps
  • Geographic/jurisdictional rules

Policy Format

Policies are defined in AP2 (Agent Policy Protocol) - a declarative YAML/JSON format designed for AI agent governance.

Example Policy

policy:
  name: "production-agent-v1"
  agent_id: "0x1234...abcd"
  
rules:
  - action: "external_api_call"
    allow:
      - "api.stripe.com"
      - "api.openai.com"
    deny:
      - "*"  # Default deny
      
  - action: "data_access"
    scope: "customer_pii"
    require: "human_approval"
    
  - action: "spend"
    limit: "$100/day"
    alert_threshold: "$50"

Integration Points

Governor integrates with MCP servers, LangChain, CrewAI, and custom agent frameworks via middleware SDKs. Policy violations are logged on-chain for audit trails.

3

Underwriter

Q3 2026

Risk Scoring & Insurance Bridge

Quantified risk assessment for AI agents. Combines on-chain history, policy compliance, attestations, and behavioral analysis into a risk score that insurance carriers can actually use.

Risk Factors

  • Registration age and stability
  • Policy violation history
  • Attestation count and quality
  • Operator reputation score
  • Capability risk classification
  • Incident/claim history

Standards Alignment

ISO 42001AI Management System
EU AI ActHigh-risk system requirements
SOC 2 Type IISecurity controls mapping

Risk Score Output

Overall Risk ScoreA (Low Risk)
Compliance
98%
Stability
94%
Attestations
12
Violations
0

Insurance Integration

Underwriter provides an API for insurance carriers to query agent risk profiles, enabling automated underwriting for AI liability coverage.

Partner carriers: In discussions with major cyber insurers
4

Proof

REFERENCE IMPLEMENTATION

x3o.ai Command Center

The Trust Stack isn't theoretical—it's running in production. x3o.ai Command Center is our reference implementation, demonstrating how enterprises can deploy compliant AI agent fleets at scale.

What It Demonstrates

  • Multi-agent orchestration with Trinity AI
  • Real-time policy enforcement
  • Live trust score monitoring
  • Compliance dashboard for auditors
  • Incident response workflows
  • Insurance-ready documentation
Visit x3o.ai

Trinity AI Architecture

Three specialized agents working in concert, each registered on the Trust Stack:

Oracle
Analysis, prediction, synthesis
Sentinel
Security scanning, validation, monitoring
Sage
Documentation, learning, optimization

Why a Reference Implementation?

Enterprises need to see Trust Stack in action before committing. x3o.ai proves the architecture works at scale and provides a template for enterprise deployments.

Roadmap to Full Stack

Q1 2026Registry Launch
  • ERC-8004 deployed to Base Sepolia
  • Subgraph indexing live
  • Registration UI complete
  • First agents registered
Q2 2026Governor Beta
  • AP2 policy format specification
  • Policy engine alpha
  • MCP middleware SDK
  • Mainnet migration
Q3 2026Underwriter Launch
  • Risk scoring algorithm
  • ISO 42001 mapping
  • Insurance carrier API
  • Compliance dashboard
Q4 2026Full Stack GA
  • Enterprise tier launch
  • Multi-chain support
  • Certification program
  • Insurance partnerships live

Get Started Today

Layer 1 is live. Register your agent now and be ready for compliance before enforcement begins.

Register Your AgentJoin Founding Cohort

Questions? Reach out at trust@openconductor.ai