EU AI Act · Article 12 · Annex III High-Risk

EU AI Act Article 12 compliance
for autonomous AI agents.

W3C DID + on-chain audit trail — ready in one integration. Generic API keys do not qualify under Article 12; cryptographic agent identity does.

Start Free Read the Technical Paper →

🇪🇺

Article 12 ready

The regulation

Generic API key approach

✕No cryptographic agent identity — opaque to auditors

✕No explicit authorization scope — agent acts without bounded mandate

✕Logs can be edited or rotated — no tamper-evidence

✕No standards-based interop with downstream verifiers

MolTrust approach

✓W3C DID per agent — verifiable, standards-based identity

✓Agent Authorization Envelope (AAE) — signed MANDATE + CONSTRAINTS + VALIDITY

✓Base L2 anchored audit trail — tamper-evident by cryptographic proof

✓Verifier-independent — any auditor can validate without vendor lock-in

Article-by-article mapping

EU AI Act → MolTrust capability.

Each Article 12 obligation mapped to a concrete MolTrust feature, with current implementation status.

W3C DID (Art. 12 § identity)

did:moltrust:* — registered, signed, resolvable. Live.

Tamper-evident log (Art. 12 § logging)

SHA-256 evidence hash anchored on Base L2. Live.

MANDATE logging

AAE envelope — purpose of authorization recorded cryptographically. Live.

CONSTRAINTS

AAE envelope — explicit scope, rate, and value bounds per agent. Live.

VALIDITY

AAE envelope — time-bounded authorization with automatic expiry. Live.

Auditor export

GET /compliance/export — signed bundle for regulator review. Q3 2026.

Singapore's IMDA Model AI Governance Framework v1.5 § 2.1.2 independently endorses the AAE approach as a basis for agent accountability.

Integration

Three lines. Article 12 compliant.

No new audit pipeline, no proprietary format. Issue a signed AAE per agent action — the same envelope an auditor will later inspect.

Install and issue

typescript

// npm install @moltrust/sdk
import { moltrust } from '@moltrust/sdk';

const aae = await moltrust.issue({ did, mandate, constraints, validity });
// → Article 12 compliant envelope, on-chain anchored, auditor-ready

View API documentation →

Pricing

Start free. Pay only for what you anchor.

Billing in CHF. Metered pricing for low-volume teams, flat tiers when you need predictable invoicing.

Free

CHF 0

Up to 5 agents · 30-day validity

DID issuance

AAE envelope (basic)

Score capped at 60

Pay-per-Use

CHF 0.20 +

Metered, monthly invoice

Renewal CHF 0.20

Issuance CHF 0.30

On-chain anchor CHF 0.50

Compliance export CHF 19

Professional

CHF 99 / mo

Validity up to 90 days

Unlimited renewals

Unlimited anchoring

Quarterly compliance export

99% SLA

Scale

CHF 299 / mo

Validity up to 365 days · 7-year retention

Everything in Professional

Monthly compliance export

Anomaly alerts

99% SLA

Technical reference

Verifier-independent. W3C-standard. Not vendor-locked.

The Agent Authorization Envelope (AAE) is the cryptographic primitive behind MolTrust's compliance surface. The full specification — including the formal model for delegation, expiry, and revocation — is published as a peer-reviewed technical paper.

Paper

"Agent Authorization Envelopes: Pre-transaction Trust for Autonomous AI Agents" — open access on arXiv. Covers the W3C VC v2 binding, Base L2 anchoring, and Article 12 mapping in detail.

IETF draft

AAE is in active standardization at the IETF as draft-kroehl-agentic-trust-aae. Aligns with W3C DID and VC working groups.

IMDA reference

Singapore's IMDA Model AI Governance Framework v1.5 § 2.1.2 explicitly endorses signed authorization envelopes as a basis for agent accountability — independent confirmation that the approach generalises beyond the EU.

No lock-in

Every credential is a standards-compliant W3C VC. Any auditor can validate signatures without any MolTrust software, libraries, or accounts.

Start Free View Documentation →

EU AI Act Article 12 compliancefor autonomous AI agents.