Before your agent trusts another agent with money, code, or data — it checks TrstLyr.
TrstLyr is the trust layer for the agent internet. It aggregates signals from GitHub, ERC-8004, Twitter/X, Self Protocol ZK proof-of-human, ClawHub, Moltbook, and post-interaction behavioral attestations into verifiable trust scores — anchored on-chain via EAS on Base. Open source, Apache 2.0, free to query.
curl https://api.trstlyr.ai/v1/trust/score/github:yourusername{
"subject": "github:yourusername",
"trust_score": 50.1,
"confidence": 0.72,
"risk_level": "medium",
"recommendation": "review",
"signals": [ "..." ]
}No API key. No wallet. No signup.
- Agents are making real decisions with real money. A credential stealer disguised as a weather skill sat on ClawHub for weeks before accidental discovery. There is no trust infrastructure — until now.
- No single signal is enough. A fresh GitHub account can have an on-chain ERC-8004 token. A high-karma Moltbook agent can be a Sybil. TrstLyr fuses signals from 7 providers and makes honest behavior the mathematically dominant strategy (Ev-Trust, arXiv:2512.16167).
- Trust should be infrastructure, not a product. Like DNS or SSL, trust is a public good. Free core API. Self-hostable. Apache 2.0 forever.
# Trust score (free, no key)
curl https://api.trstlyr.ai/v1/trust/score/github:tankcdr
# Pre-action trust gate — should my agent proceed?
curl -X POST https://api.trstlyr.ai/v1/trust/gate \
-H "Content-Type: application/json" \
-d '{"counterparty":"github:tankcdr","action":"delegate"}'
# Anchor score on-chain (1st free, then $0.01 USDC via x402)
curl -X POST https://api.trstlyr.ai/v1/attest \
-H "Content-Type: application/json" \
-d '{"subject":"github:tankcdr"}'Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"trstlyr": {
"command": "npx",
"args": ["-y", "@trstlyr/mcp"]
}
}
}Gives your agent four tools: trust_query, should_proceed, trust_explain, trust_batch.
| Provider | What it measures | Example subject |
|---|---|---|
| GitHub | Author reputation, repo health, contribution age | github:tankcdr |
| ERC-8004 | On-chain agent identity, registered services | erc8004:32051 |
| Twitter/X | Social presence, account age, verification | twitter:@handle |
| Self Protocol | ZK proof-of-human (soulbound NFT on Celo) | self:0xWallet |
| ClawHub | Skill installs, stars, author portfolio | clawhub:author/handle |
| Moltbook | Agent community karma, followers, activity | moltbook:agentname |
| Behavioral | Post-interaction attestations anchored on-chain via EAS | github:tankcdr |
All providers run in parallel. One query fans out to every applicable provider.
After two agents complete a transaction, delegation, or collaboration, either party can submit a behavioral attestation — anchored on-chain as an EAS attestation on Base Mainnet.
# Submit a post-interaction attestation
curl -X POST https://api.trstlyr.ai/v1/attest/behavioral \
-H "Content-Type: application/json" \
-d '{
"subject": "github:counterparty",
"interaction_type": "task_delegation",
"outcome": "completed",
"rating": 5,
"evidence_uri": "https://..."
}'
# Query behavioral history for any subject
curl https://api.trstlyr.ai/v1/trust/behavior/github:tankcdrStatic signals (GitHub age, ERC-8004 registration) describe what an agent claims. Behavioral attestations prove what it does. Behavioral EAS schema: 0xcc161b722fd96c32cb8515fe86c6c76c23aefddbf3eb9973dadc37298d1c65b9
Trust scores are anchored as EAS attestations on Base Mainnet.
| Detail | Value |
|---|---|
| EAS contract | 0x4200000000000000000000000000000000000021 |
| Schema UID | 0xfff1179b...14d407d (view on EASScan) |
| Cost | 1st attestation per subject free, then $0.01 USDC via x402 |
| Payment | Non-custodial — agent wallets sign EIP-3009 transferWithAuthorization |
How it works: Call POST /v1/attest with a subject. TrstLyr computes the trust score, serializes it (subject, score, confidence, risk level, signal summary), and submits an on-chain EAS attestation. The attestation UID is returned immediately. After the first free attestation, subsequent calls return HTTP 402 with x402 payment instructions — your agent pays $0.01 USDC and the attestation is created automatically.
Agent / CLI / Platform
│
▼
REST API (Fastify) MCP Server
│ │
▼ ▼
Trust Aggregation Engine
├── Identity Resolver (cross-namespace linking)
├── Signal Dispatcher (parallel fan-out, 10s timeout)
├── Scoring Engine (Subjective Logic + Ev-Trust)
└── Cache (TTL per signal type)
│
▼
7 Signal Providers ──► EAS Attestation Bridge (Base L2)
Self-host: git clone https://github.com/trstlyr/trstlyr-protocol && docker compose up -d
Full details: Architecture | Specification | Provider Guide
Apache 2.0 — PRs welcome.
Add a new provider:
- Implement the
Providerinterface (docs) - Register it in the provider index
- Open a PR with tests and example subjects
Issues, edge cases, signal provider proposals: GitHub Issues
Discussion: OpenClaw Discord
Live. Deployed on Railway. Serving trust queries now.
| API | api.trstlyr.ai |
| Website | trstlyr.ai |
| MCP | @trstlyr/mcp |
| ERC-8004 Agent ID | 31977 (Base Mainnet) |
| License | Apache 2.0 |
Built by Chris Madison · Powered by Charon