Introducing MoltID: Agent Identity & Governance for the Autonomous Enterprise

The Problem No One Is Talking About Yet

Your AI agents are multiplying. An orchestrator spins up sub-agents. Those sub-agents delegate tasks further. Before long, you have a delegation tree of autonomous actors — each making decisions, calling APIs, spending money — and no structured way to answer the question: who authorized what, and can I revoke it?

This is not a future problem. It is happening now, in production, at companies deploying agentic AI at scale. The OutSystems 2026 report found that 94% of organizations have experienced AI agent security incidents. Only 12% have a central governance platform.

MoltID is built for the other 88%.

What MoltID Is

MoltID is MolTrust's Agent Identity & Governance module — a set of standards-based primitives that give structure to agent ecosystems.

Three capabilities ship today:

1. Agent Type Classification

Not all agents are equal. An orchestrator coordinating a workflow carries different trust assumptions than a copilot assisting a human user. MoltID introduces four agent classes:

Each class carries governance rules: minimum trust score requirements, review frequency, and audit obligations. The classification is exposed in the A2A Agent Card — making it machine-readable for any A2A-compatible system.

// GET /identity/agent-type/did:moltrust:abc123
{
  "agent_class": "orchestrator",
  "governance": {
    "min_trust_score_to_delegate": 60,
    "review_frequency_days": 30,
    "cascade_revocation_priority": "critical"
  },
  "trust_modifier": 5.0
}

2. Cascade Revocation

When an agent is compromised, you need to revoke not just that agent — but every downstream agent it delegated authority to. MoltID tracks delegation chains and supports cascade revocation with a single API call.

// POST /identity/revoke/did:moltrust:abc123
{
  "reason": "compromised_credentials",
  "cascade": true
}

// Response
{
  "revoked": "did:moltrust:abc123",
  "affected_agents": [
    { "did": "did:moltrust:abc123", "depth": 0 },
    { "did": "did:moltrust:child01", "depth": 1 },
    { "did": "did:moltrust:child02", "depth": 1 }
  ],
  "count": 3
}

The cascade traverses up to 8 hops using depth-first search with cycle detection. Every revocation fires a CAEP event — giving downstream systems real-time notification. Revoked agents return score: 0.0, grade: "REVOKED" from all trust score endpoints instantly.

Admins can reinstate agents via /identity/unrevoke/{did} with full audit trail.

3. SPIFFE Bridge

Enterprise infrastructure already has agent identity — it's called SPIFFE. Kubernetes workloads, Istio service meshes, and HashiCorp Vault integrations all issue SPIFFE URIs as workload identities.

MoltID bridges the gap:

// POST /identity/spiffe/bind
{
  "spiffe_uri": "spiffe://company.com/agent/trading-bot-01",
  "did": "did:moltrust:abc123"
}

// GET /identity/spiffe/spiffe://company.com/agent/trading-bot-01
{
  "moltrust_did": "did:moltrust:abc123",
  "trust_score": 82.5,
  "grade": "A",
  "agent_classification": {
    "agent_class": "autonomous",
    "governance": { ... }
  },
  "revoked": false
}

Your existing SPIFFE infrastructure stays intact. MoltID adds W3C DID anchoring, behavioral trust scoring, and governance classification on top — no migration required.

Why This Matters for Enterprise

The Singapore IMDA Model AI Governance Framework for Agentic AI (January 2026) — the world's first regulatory framework specifically for agentic AI — identifies four governance requirements: accountability, transparency, controllability, and human oversight.

MoltID directly implements all four:

When regulators come asking — and they will — the answer is already on-chain.

What's Next

MoltID v1 ships as part of MolTrust's core infrastructure. All endpoints are live at api.moltrust.ch.

• npm: @moltrust/sdk — AgentTrust.verify() now returns agent_class in the response
• Full SPIFFE/SVID Workload API integration: Q3 2026
• ACP (Agent Communication Protocol) alignment: Q3 2026