Re: Proposal: Agent Trust Protocol (ATP) – Trust & Security Profile for AI Agent Protocol CG from Larry Lewis on 2026-05-21 (public-agentprotocol@w3.org from May 2026)

From: Larry Lewis <llewis@sovrlabs.com>
Date: Thu, 21 May 2026 15:41:57 -0500
To: <chgaowei@gmail.com>
Cc: <ran@w3.org>, <ij@w3.org>, <dom@w3.org>, <public-agentprotocol@w3.org>
Message-Id: <19e4c460287.11988cb6a135274.6298679220780772532@sovrlabs.com>
Gaowei,






I would gladly accept to speak and present on June 3, 2026. I will share materials in advance in the next couple of days. Looking forward to it.





Larry Lewis 

Founder & Architect, Agent Trust Protocol








---- On Thu, 21 May 2026 10:29:12 -0500 Gaowei Chang < mailto:chgaowei@gmail.com > wrote ----




You are very welcome. Our next meeting will be at 13:00 UTC on June 3, 2026, and you are welcome to introduce ATP during the session.

If convenient, please share some materials in advance so that we can have a more in-depth discussion during the meeting.



On Thu, May 21, 2026 at 11:15 PM Larry Lewis < mailto:llewis@sovrlabs.com > wrote:





Hi Chairs and Members of the AI Agent Protocol Community Group,

I was encouraged to reach out directly to this group and propose a short presentation on some work that appears closely aligned with your current focus on agent identity, security, and interoperability.

I am the author of Agent Trust Protocol (ATP), an open, quantum-safe trust layer for AI agents designed to complement the AI Agent Protocol framework rather than replace it. ATP focuses on four areas that overlap strongly with the “Security and Privacy” and “Agent Identity” work items in your current technical framework:

Cryptographic agent identity that travels across ecosystems
 (agents, tools, and runtimes modeled as first-class identities, typically DID-based, not just API keys)
Capability-scoped authorization for autonomous agents
 (short-lived, narrowly scoped capabilities instead of broad session tokens)
Verifiable evidence of agent behavior
 (signed evidence chains for sensitive actions, compatible with Verifiable Credentials)
Guardian-style suspension and revocation
 (a control plane for revoking compromised agents across protocols and runtimes)

I have drafted an “ATP Trust and Security Profile” in W3C Community Group style that treats the existing AI Agent Protocol work as the base layer and specifies how ATP can layer a trust profile on top: binding ATP Agent DIDs to your identity model, mapping capability tokens into your tiered authorization requirements, and defining evidence and Guardian mechanisms that could be candidates for standardization.

I would like to propose a 30-minute walkthrough during one of your biweekly calls to:

Briefly summarize ATP’s trust model and components
 (Agent DID, Capability Token, Evidence Chain, Guardian, Trust Registry)
Show how an “ATP Trust Profile” can align with and extend the AI Agent Protocol framework
 (identity, description, security, and privacy modules)
Discuss open questions where the group’s feedback would be most valuable
 (e.g., DID extension namespaces, evidence formats, Guardian APIs, Trust Score interoperability)

Would it be possible to schedule a 30-minute slot in an upcoming or a proposed biweekly CG meeting for this walkthrough?

I am happy to share the draft Trust Profile document in advance so participants can review it and come with questions and feedback.

Thank you for considering this, and for the work the group is doing to define open, interoperable protocols for AI agents on the Web.





Best regards,
 Larry Lewis


























---- On Mon, 18 May 2026 09:04:53 -0500 Roy Ruoxi Ran < mailto:ran@w3.org > wrote ----






Hi Larry,



Thank you for following up.



I think I mentioned AI Agent Protocol CG before, the areas you outlined are very relevant to the discussions around AI agents, I think you could apply a presentation through email to  https://www.w3.org/groups/cg/agentprotocol/participants/  directly. I usually join their biweekly meetings, and I believe that is proper place for ATP to present.



Beside that CG, also  https://www.w3.org/groups/ig/webai/  could be a place for you to present your work, also you could raise  https://github.com/w3c/webai , and Chairs and I will schedule agenda for upcoming meetings. Dom and I are participants in this group. I would be happy to learn more. A short 30 minute walkthrough sounds useful.



Thank you and Best Regards,



Roy Ruoxi Ran, 冉若曦, W3C






On May 18, 2026, at 21:14, Larry Lewis < mailto:llewis@sovrlabs.com > wrote:



Hi Ian,



Good morning.  I wanted to follow up and see if Dom and Ruoxi had a chance to look at the materials I shared last Monday.



Over the past week I’ve been seeing even more concrete, day‑to‑day use cases that underline why a deeper discussion around Agent Trust Protocol (ATP) feels timely. In particular, ATP is focused on three areas that seem very aligned with the work your group is driving:



• Cryptographic agent identity that travels across ecosystems 

ATP treats agents, tools, and runtimes as first‑class identities with verifiable provenance, not just API keys or app IDs.

• Capability‑scoped, short‑lived authorization for autonomous agents 

Rather than broad, long‑lived tokens, ATP issues narrowly scoped, time‑bounded capabilities that constrain what an agent can do at each step, even as it moves across different protocols and orchestration layers.

• Verifiable evidence of what agents actually did 

Every sensitive action is tied to signed evidence — who the agent was, what it was allowed to do, which policies applied, and why a decision was approved or denied — so behavior is auditable and interoperable instead of trapped inside one vendor’s logs.



My goal here is not to introduce “yet another agent framework,” but to explore whether ATP could serve as a trust and security profile that complements the AI Agent Protocol Community Group’s work on identity, description, and communication.



If it is useful, I would be happy to walk through a short, focused overview of ATP framed entirely in terms of how it could align with or extend the work you, Dom, and Ruoxi are already doing.



Would a 30–45 minute slot sometime next week work for you and the team?

Best regards, 



Larry Lewis

Founder of Sovr(Sovrlabs) 


Agent Trust Protocol(ATP) 




---- On Mon, 11 May 2026 09:52:21 -0500 Larry Lewis < mailto:llewis@sovrlabs.com > wrote ----



Hi Ian,



Thank you again for offering to introduce me to Dom Hazael-Massieux and Ruoxi Ran regarding the AI Agent Protocol Community Group.



Since our last exchange, ATP has come a long way. I took your guidance seriously and refined the work so that ATP is positioned not as a competing protocol, but as a specialization that can complement the group’s existing direction around interoperable, secure, and trustworthy AI agent ecosystems.



The current ATP contribution focuses on a narrow trust and security layer for AI agents:

W3C DID-based agent identity

Verifiable Credentials for agent capabilities and delegation

Quantum-safe signing using ML-DSA / Dilithium with Ed25519 compatibility

Policy-bound capability authorization

Trust scoring and audit trails for agent-to-agent and agent-to-tool interactions

Compatibility with existing agent ecosystems such as MCP, A2A, OpenClaw, LangChain, and AutoGPT


My goal is to contribute this as a standards-aligned specialization for agent trust, identity, and authorization, rather than as a separate or competing framework.



I have attached the latest ATP white paper by and specialization/spec materials for review. I would be grateful for your guidance, and for Dom and Ruoxi’s feedback, on the best way to shape this into a useful contribution to the Community Group.



If helpful, I can also prepare a shorter W3C-style explainer or present the work in an upcoming Community Group meeting.



Best,



Larry Lewis
Founder, Sovr INC
Agent Trust Protocol
https://www.agenttrustprotocol.com/ 

























---- On Mon, 18 Aug 2025 08:29:42 -0500 Ian Jacobs < mailto:ij@w3.org > wrote ----









Hi Dom and Roy, 
 
I’d like to introduce you to Larry Lewis (Sovr INC), with whom I chatted recently about his work on the Agent Trust Protocol (ATP) [1]. 
I encouraged Larry to think about contributing ideas to the AI Agent Protocol CG and so I am making this introduction so that Larry 
has an initial point of contact in the group. 
 
All the best, 
 
Ian 
 
[1] https://socket.dev/pypi/package/agent-trust-protocol  
-- 
Ian Jacobs < mailto:ij@w3.org > 
https://www.w3.org/People/Jacobs/  
Tel: +1 917 450 8783
Received on Thursday, 21 May 2026 20:43:03 UTC