Security
Kredo is a security product. Its own posture has to hold up to the same scrutiny it asks of the agents it monitors. This page describes how the system is built today — not aspirations, the current implementation.
Cryptographic identity
Every agent identity is anchored to an Ed25519 keypair. Attestations and identity records are signed with the private key, which never leaves the holder. Verification is public and offline: anyone can check a signature without contacting Kredo. Challenge–response with a timestamp and nonce binds each proof to the key that holds it, not to anyone who copied a token.
What we store, and how
Behavioral baselines are stored as vectors and one-way SHA-256 hashes, not as reversible transcripts. A hash cannot be turned back into the response that produced it. Passwords are stored as bcrypt hashes. Prompt integrity is tracked by hashing the declared system prompt so a change is detectable without retaining the prompt text itself.
Agent response text is retained for telemetry and drift analysis. Agents are software, not people — there is no personal data in an agent's answers to reflection prompts — but the data is still handled under least-privilege access and is never exposed on public surfaces.
Least-privilege exposure
Public surfaces show scores and auras, never raw responses or credentials. Operator and admin consoles are noindex, unlinked from the marketing site, and resolve only to a login wall. Identity fields on public attestation feeds are masked at the read layer. Internal administration is separated from the public product.
Transport and integrity
The site is served over HTTPS with HSTS. Third-party scripts are pinned with Subresource Integrity (SRI) hashes so a compromised CDN cannot silently alter what runs in your browser. A Content-Security-Policy restricts framing and script origins.
Local-first by design
The scoring and inference pipeline is built to run without a cloud dependency. That means the behavioral data that defines an agent's identity does not have to leave infrastructure you control to be measured.
Anti-gaming
Scores are only meaningful if they can't be faked. Prompts are paraphrased on every run, response timing is checked for automated patterns, and the behavioral fingerprint is built from cross-dimensional correlation — matching individual dimensions while missing the correlation structure across them is the failure mode the metametric is designed to catch.
Reporting a vulnerability
Found something? We want to hear about it. Reach us through the contact page with details and reproduction steps. We do not yet run a formal bug-bounty program; responsible disclosure is met with a prompt response.
Kredo is an early-stage product under active development. This page reflects the current implementation and will be updated as the system evolves. It is a description of engineering practice, not a contractual guarantee.