x402 solves payments for AI agents. MolTrust solves identity. Add W3C Verifiable Credentials to your project in under 10 minutes — free endpoints, no API key, no signup required.
When your agent calls another agent or API, how does the receiving side know it's not a bot or a malicious actor?
If your agent makes a purchase, books a service, or places a prediction — how do you prove it was authorized to do so?
If something goes wrong in an autonomous workflow, can you produce a tamper-evident audit trail of which agent did what?
MolTrust issues W3C Verifiable Credentials to AI agents. Each credential is cryptographically signed, anchored on Base blockchain, and verifiable by any standards-compliant resolver — without contacting MolTrust. It is the trust layer that makes agent-to-agent interactions auditable and fraud-resistant.
Think of it as a passport system for AI agents. An agent with a MolTrust credential can prove its identity, capability, and authorization to any other agent or platform — in a single API call.
Standards used: W3C DID v1.0, W3C Verifiable Credentials v2.0, Ed25519 signatures, x402 payments on Base L2.
The free audit endpoint requires no API key, no signup, and no wallet. Your agent gets a trust score in seconds.
Point the auditor at a GitHub URL containing a SKILL.md file. Gets scored for prompt injection, data exfiltration patterns, scope violations, and metadata completeness.
# No API key needed — just point at your GitHub SKILL.md curl "https://api.moltrust.ch/guard/skill/audit?url=https://github.com/your-org/your-agent" # Response in <2 seconds: { "audit": { "score": 87, "findings": [], "auditorVersion": "1.0.0" }, "passed": true }
Your agent pays per call — no subscription, no API key.
import requests vc = requests.post( "https://api.moltrust.ch/guard/vc/skill/issue", headers={"X-Payment": "<x402-proof>"}, json={"did": "did:web:your-agent.com", "skill": "data-analysis"} ).json()["credential"] # W3C VC, Ed25519 signed, Base-anchored # Verifiable by anyone, forever
Any platform can verify — no MolTrust dependency.
curl https://api.moltrust.ch/guard/skill/verify/<credential-hash>
# Returns: valid, issuer DID, base_anchor tx, timestamp
Each vertical has its own credential schema and free endpoints. Pick what fits your hackathon project.
All free endpoints work immediately. Paid endpoints ($1–5 USDC via x402) unlock credential issuance.
| Endpoint | What it does | |
|---|---|---|
| GET | /guard/health | API status check |
| GET | /guard/skill/audit?url=<github-url> | SKILL.md security audit — prompt injection, scope, exfiltration checks |
| GET | /guard/api/agent/score-free/:addr | Free trust score for any wallet address |
| POST | /guard/prediction/wallet-link | Link wallet to W3C DID {"address","name","platform"} |
| GET | /guard/prediction/wallet/:addr | Verified prediction track record |
| GET | /guard/salesguard/verify/:product_id | Product provenance check |
| GET | /guard/skill/verify/:hash | Verify any issued credential |
Full API docs, code examples, and MCP tools for all 6 verticals. 33 tools, 69 tests passing.
Questions? @moltrust on X