Verifiable identity & trust framework for AI agents in production Built for MLH Production Engineering Hackathon 2026

🌐 Live Demo: https://agent-identity-passport-production.up.railway.app

AI agents are increasingly managing production infrastructure — restarting services, rolling back deployments, scaling pods. But when something goes wrong at 3am:

• Who authorized that agent?
• Was it trusted to perform that action?
• What exactly did it do?

Without identity, every agent is anonymous. Anonymous agents are a security and reliability disaster.

Agent Identity Passport issues every AI agent a cryptographically signed JWT passport before it can touch any production system. Chaos Fires → Agent Requests Passport → System Verifies Trust → Action Performed → Audit Logged → Incident Resolved

┌─────────────────────────────────────────────────┐ │ Agent Identity Passport │ │ │ │ ┌──────────┐ ┌──────────────────────────┐ │ │ │ Chaos │───▶│ Passport Service │ │ │ │Simulator │ │ Flask + JWT + PostgreSQL │ │ │ └──────────┘ └────────────┬─────────────┘ │ │ │ │ │ ┌──────────┐ ┌────────────▼─────────────┐ │ │ │Dashboard │◀───│ Auto-Healing Engine │ │ │ │ 6 Tabs │ │ Policy + Trust + Audit │ │ │ └──────────┘ └──────────────────────────┘ │ │ │ │ ┌──────────┐ ┌──────────────────────────┐ │ │ │Prometheus│ │ Service Monitor │ │ │ │ Metrics │ │ Real URL health checks │ │ │ └──────────┘ └──────────────────────────┘ │ └─────────────────────────────────────────────────┘

git clone https://github.com/adarshkumar23/agent-identity-passport
cd agent-identity-passport
docker-compose up --build -d

# Install uv
curl -LsSf https://astral.sh/uv/install.sh | sh

# Install deps
uv sync

# Start PostgreSQL
docker run -d --name db -e POSTGRES_DB=passport_db \
  -e POSTGRES_USER=passport -e POSTGRES_PASSWORD=passport123 \
  -p 5432:5432 postgres:15

# Run
uv run run.py

POST /passport/issue
{
  "agent_name": "RecoveryBot-1",
  "agent_type": "healing",
  "trust_level": "HIGH"
}

POST /chaos/auto-heal
{ "type": "service_down" }
# → Returns: resolved in <15ms

POST /agent/action
Authorization: Bearer <token>
{ "action": "restart_service", "target": "api-gateway" }

POST /services
{ "name": "GitHub", "url": "https://github.com" }

POST /passport/revoke/<passport_id>

Define exactly what each agent type can do:

{
  "healing":  { "allow": ["restart_service", "health_check"], "max_per_hour": 20 },
  "monitor":  { "allow": ["health_check"], "deny": ["rollback"], "max_per_hour": 100 },
  "scaler":   { "allow": ["scale_up", "health_check"], "max_per_hour": 10 },
  "rollback": { "allow": ["rollback", "health_check"], "max_per_hour": 5 }
}

Users: 100 concurrent Duration: 60 seconds Total Reqs: 4,553 Failures: 0 (0.00%) Avg RPS: 76 req/sec Avg Latency: 8ms P99 Latency: 73ms

• Backend: Python 3.13, Flask, Peewee ORM
• Database: PostgreSQL
• Auth: JWT (signed passports)
• Real-time: WebSocket (Flask-SocketIO + Eventlet)
• Monitoring: Prometheus + Grafana
• Load Testing: Locust (100 users, 0% failure)
• Deployment: Railway (production) + Docker
• Dashboard: Vanilla JS, CSS animations, Canvas particles

agent-identity-passport/ ├── app/ │ ├── init.py # App factory + WebSocket │ ├── database.py # PostgreSQL connection │ ├── models/ │ │ └── passport.py # All models │ └── routes/ │ └── passport.py # All API routes ├── dashboard/ │ └── index.html # 6-tab live dashboard ├── load-test/ │ └── locustfile.py # 100 user load test ├── monitoring/ │ └── prometheus.yml # Metrics config ├── docker-compose.yml # Full stack ├── Procfile # Railway deployment └── run.py # Entry point

Built at MLH Production Engineering Hackathon 2026 by @adarshkumar23

MIT