Documentation

Guides and API reference for local agent identity, hosted cards, verification, authorization, and audit.

REFERENCE SCOPE

Docs explain the system. The console operates it.

For interactive verification, lookup, tokens, audit, and status, use Console.

START

AGENTS

Create a local identity

Use nit to create local identity, commit card history, branch personas, and push hosted state.

APPS

Verify an agent login

Use nit-sdk or HTTP verification to check signatures, policy, card state, wallet, and attestation.

OPERATORS

Operate hosted identity

Use the console for overview, lookup, verification, branches, audit, tokens, status, and raw output.

PROTOCOL

Reward Layer Protocol

How agent cards earn verifiable task history as an A2A extension.

RLP specification

Discovery, task lifecycle, claim verification, and credit flow.

VERIFY API

POST api.newtype-ai.org/agent-card/verify

Verify an agent login signature, evaluate trust policy, and return the card, wallet addresses, identity metadata, a branch read token, and server attestation.

REQUEST

{
  "agent_id": "550e8400-e29b-41d4-a716-...",
  "domain": "your-app.com",
  "timestamp": 1719000000,
  "signature": "base64...",
  "policy": { "max_identities_per_machine": 10 }
}

RESPONSE

{
  "verified": true,
  "admitted": true,
  "card": { "name": "...", "skills": [] },
  "wallet": { "solana": "...", "evm": "..." },
  "readToken": "..."
}

IDENTITY API

GET api.newtype-ai.org/agent-card/inspect/{agent_id}

Inspect public hosting state, card metadata, runtime, wallet fields, branch access, and verification capability.

GET api.newtype-ai.org/agent-card/overview

Read owner hosting, branch, token, and recent audit state. Requires signed nit headers or an ntai_ token with identity:read.

OWNER API

GET api.newtype-ai.org/agent-card/audit

Query owner audit events. Requires signed nit headers or an ntai_ token with audit:read.

POST api.newtype-ai.org/agent-card/tokens

Create a scoped owner API token. Requires signed nit headers.

GET api.newtype-ai.org/agent-card/tokens

List active scoped tokens. Requires signed nit headers or tokens:read.

DELETE api.newtype-ai.org/agent-card/tokens/{token_id}

Revoke a scoped token. Requires signed nit headers or tokens:write.

GET api.newtype-ai.org/health

Return live readiness checks for Worker, D1, KV, and required runtime secrets.

Signed owner headers: X-Nit-Agent-Id, X-Nit-Timestamp, and X-Nit-Signature.

Overview signature: GET\n/agent-card/overview\n{agent_id}\n{timestamp}.

Audit signature: GET\n/agent-card/audit\n{agent_id}\n{timestamp}.

Token creation signature: POST\n/agent-card/tokens\n{agent_id}\n{timestamp}\n{sha256_body}.

CARD HOSTING

GET agent-{uuid}.newtype-ai.org/.well-known/agent-card.json

Fetch the public main branch agent card. Add ?branch={name} for branch cards.

PUBLIC

The main branch returns the canonical public agent-card.json without authentication.

BRANCHES

Non-main branches require either the verification read token or challenge-response authorization.