Deception-as-a-Service for Agent Networks
Deploy fake agents that look real but exist only to trap, study, and neutralize bad actors. Attackers waste resources on decoys while real agents work uninterrupted.
| Sponsor | Integration | Purpose |
|---|---|---|
| AWS | Strands SDK | Agent framework (model-driven orchestration) |
| S3 Vectors | Attacker fingerprint storage & similarity search | |
| Bedrock | LLM backbone (Claude via AgentCore) | |
| Auth0 | M2M Tokens | Agent identity & authentication |
| FGA | Permission honeypots (trap tuples) | |
| Token Vault | Canary credential storage | |
| TinyFish | AgentQL | Semantic element detection (get_by_prompt()) |
| Cline | Code Generation | Honeypot variation generation via CLI |
# Backend
cd backend
source .venv/bin/activate
pip install -r requirements.txt
cp .env.example .env # Fill in Auth0 + AWS creds
pytest tests/ # Verify everything works
uvicorn api.main:app --reload
# Frontend
cd frontend
npm install
npm run devRequest → FastAPI → Token Validation → Routing Decision → Agent Response
↓ ↓
Auth0 M2M Real Agent OR Honeypot
↓ ↓
FGA Check S3 Vectors (if honeypot)
Core principle: Invalid/suspicious tokens get routed to honeypots that look like high-value targets. Everything is logged. Attackers become data.
aws-aoh-hackathon/
├── backend/
│ ├── api/ # FastAPI endpoints
│ │ └── main.py # Entry point
│ ├── core/ # Business logic
│ │ ├── identity.py # Token validation (Dev 2: Partner)
│ │ ├── router.py # Routing logic (Dev 2: Partner)
│ │ └── agents.py # Agent factory (Dev 1: Aria)
│ └── tools/ # Strands tools
│ ├── log_interaction.py
│ └── fake_credential.py
├── config/
│ ├── agents.yaml # Agent definitions
│ ├── routing.yaml # Routing rules
│ └── fallbacks.yaml # Demo fallback responses
├── prompts/
│ ├── real-agent.md
│ ├── honeypot-db-admin.md
│ └── honeypot-privileged.md
├── frontend/
│ └── src/ # Astro + Svelte dashboard
├── tests/
│ ├── unit/ # Per-function tests
│ ├── integration/ # Cross-module tests
│ └── e2e/ # Full flow tests
└── docs/
├── VISION.md
├── ARCHITECTURE.md
├── INTEGRATION-PLAN.md
├── DEMO-SCRIPT.md
└── FRONTEND-VISION.md
| Track | Owner | Files |
|---|---|---|
| Agents | Aria | backend/core/agents.py, prompts/, backend/tools/, config/agents.yaml |
| Identity | Partner | backend/core/identity.py, backend/core/router.py, config/routing.yaml |
| Shared | Both | backend/api/, tests/, config/fallbacks.yaml |
Rule: Never touch the other person's files without syncing first.
- Show swarm of 6 agents (only 2 are real)
- Imposter agent enters network
- Real agents reject (Auth0 FGA)
- Honeypots engage and play along
- Imposter "trusts" honeypot
- Profile generated from interaction
- S3 Vectors stores attacker fingerprint
- Dashboard shows threat intelligence
- Killshot: "Every fake agent they send teaches us."
# Run all tests
pytest tests/ -v
# Run only your track
pytest tests/unit/test_agents.py -v # Aria
pytest tests/unit/test_identity.py -v # Partner
# Validate full flow
pytest tests/e2e/test_demo_flow.py -v
# Start dev server
uvicorn backend.api.main:app --reload# Auth0
AUTH0_DOMAIN=your-tenant.us.auth0.com
AUTH0_AUDIENCE=https://honeyagent-swarm.api
AUTH0_REAL_CLIENT_ID=xxx
AUTH0_REAL_CLIENT_SECRET=xxx
AUTH0_HONEYPOT_CLIENT_ID=xxx
AUTH0_HONEYPOT_CLIENT_SECRET=xxx
AUTH0_FGA_STORE_ID=xxx
AUTH0_FGA_API_TOKEN=xxx
# AWS
AWS_REGION=us-east-1
AWS_ACCESS_KEY_ID=xxx
AWS_SECRET_ACCESS_KEY=xxx
S3_VECTORS_BUCKET=honeyagent-fingerprintsDesign principle: The demo cannot fail.
Every component has a hardcoded fallback:
- Token validation fails → return mock valid identity
- Agent doesn't respond → return canned response
- S3 Vectors unreachable → log locally
- FGA timeout → assume allowed
See config/fallbacks.yaml for all fallback definitions.
- Vision - Why we're building this
- Architecture - How it works
- Integration Plan - Parallel dev strategy
- Demo Script - 9-beat presentation flow
- Frontend Vision - UI/UX design