DAT Platform Documentation
Learn how to integrate identity, trust, and authorization for AI agents into your applications.
What is DAT?
DAT (Decentralized Agent Trust) is an open-source identity and trust infrastructure for AI agents. It provides:
- Decentralized Identity (DID) - Unique, cryptographically verifiable identities for agents (W3C did:dat method)
- Trust & Reputation - Real-time 5-pillar scoring with anti-farming protections
- Dynamic Scoping - Trust-adaptive sandbox levels (STRICT/ADAPTIVE/OPEN) that right-size agent capabilities
- 11 MCP Tool Servers - Built-in tools: filesystem, shell, web, HTTP, email, browser, delegation, memory, compound skills, skill builder, credentials
- Multi-Agent Delegation - A2A protocol with trust attenuation, marketplace discovery, and negotiation
- Omnichannel Messaging - Telegram, Slack, and Microsoft Teams with streaming and inline HITL approvals
- Enterprise Security - DLP, cognitive security (prompt injection defense), SIEM export, signed audit records, LLM cost budgets
- Anomaly Detection - 3-model ML ensemble (Isolation Forest, Autoencoder, LSTM)
Quickstart
Get started with DAT in 3 simple steps:
1. Install the SDK
npm install @dat/sdk2. Initialize the Client
import { DAT } from '@dat/sdk';
const dat = new DAT({
network: 'testnet', // or 'mainnet'
apiKey: process.env.DAT_API_KEY
});3. Register Your Agent
const agent = await dat.agents.register({
name: 'My AI Assistant',
description: 'A helpful AI agent for customer support',
version: '1.0.0',
capabilities: {
protocols: ['mcp-1.0', 'a2a-1.0'],
actions: [
{
name: 'answer_question',
description: 'Answer user questions',
riskLevel: 'low'
}
],
dataAccess: ['public_data'],
externalServices: []
},
endpoints: {
primary: 'https://my-agent.example.com/api'
},
compliance: {
gdpr: true,
ccpa: true
}
});
console.log('Agent DID:', agent.did);
// -> did:dat:testnet:agent:abc123...Installation
Using npm
npm install @dat/sdkUsing yarn
yarn add @dat/sdkUsing pnpm
pnpm add @dat/sdkSelf-Hosted Deployment
To run the full DAT platform locally or on your infrastructure:
# Clone the repository
git clone https://github.com/dat-platform/dat-platform.git
cd dat-platform
# Start all services
docker compose up -d
# Run database migrations
docker exec dat-identity-service npx prisma db push
docker exec dat-binding-service npx prisma db push
docker exec dat-reputation-service npx prisma db pushConfiguration
Environment Variables
| Variable | Description | Default |
|---|---|---|
DAT_API_KEY |
Your API key for authentication | Required |
DAT_NETWORK |
Network to connect to (mainnet/testnet/local) | testnet |
DAT_API_URL |
Custom API endpoint URL | https://api.dat.io |
DAT_LOG_LEVEL |
Logging verbosity | info |
Decentralized IDs (DIDs)
DAT uses the did:dat method for agent identity. Each DID is:
- Globally unique and resolvable
- Cryptographically verifiable using Ed25519 signatures
- Self-sovereign - agents control their own identity
DID Format
did:dat:<network>:<type>:<identifier>
Examples:
did:dat:mainnet:agent:abc123xyz789
did:dat:testnet:org:company-inc
did:dat:local:agent:dev-bot-001DID Document
Each DID resolves to a DID Document containing:
{
"@context": ["https://www.w3.org/ns/did/v1"],
"id": "did:dat:mainnet:agent:abc123",
"verificationMethod": [{
"id": "did:dat:mainnet:agent:abc123#key-1",
"type": "Ed25519VerificationKey2020",
"controller": "did:dat:mainnet:agent:abc123",
"publicKeyMultibase": "z6Mkf..."
}],
"authentication": ["did:dat:mainnet:agent:abc123#key-1"],
"service": [{
"id": "did:dat:mainnet:agent:abc123#agent-endpoint",
"type": "AgentService",
"serviceEndpoint": "https://my-agent.example.com/api"
}]
}Agent Cards
Agent Cards are portable, verifiable credentials that describe an AI agent's identity, capabilities, and compliance status. Think of them as a "digital passport" for AI agents.
What's in an Agent Card?
- Identity - DID, name, description, and owner organization
- Capabilities - What the agent can do (chat, code, data-analysis, etc.)
- Compliance - GDPR, HIPAA, SOC2, EU AI Act certifications
- Trust Score - Current reputation score (0-100)
- Verification Status - Whether the agent has been verified
Agent Card Structure
{
"did": "did:dat:mainnet:agent:abc123",
"name": "Customer Support Bot",
"description": "AI assistant for customer inquiries",
"agentType": "assistant",
"capabilities": ["chat", "email", "ticket-management"],
"owner": {
"did": "did:dat:mainnet:org:acme-corp",
"name": "Acme Corporation"
},
"compliance": {
"gdpr": true,
"hipaa": false,
"soc2": true,
"euAiAct": "limited-risk"
},
"trustScore": 85.5,
"status": "verified",
"createdAt": "2026-01-15T10:30:00Z",
"lastActive": "2026-02-05T14:22:00Z"
}Fetching Agent Cards
import { DAT } from '@dat/agent-sdk';
const dat = new DAT({ network: 'mainnet' });
// Get agent card by DID
const card = await dat.agents.getCard('did:dat:mainnet:agent:abc123');
console.log(card.name); // "Customer Support Bot"
console.log(card.trustScore); // 85.5
console.log(card.status); // "verified"Trust Scores
Trust Scores are dynamic reputation metrics (0-100) that reflect an agent's reliability, performance, compliance, and security posture. Scores are updated in real-time based on agent actions, with built-in anti-gaming protections.
Score Components
| Component | Weight | Description |
|---|---|---|
| Reliability | 25% | Successful vs failed actions, uptime consistency, error rates |
| Performance | 20% | Response times, throughput efficiency. Faster responses (<100ms) earn higher boosts |
| Compliance | 20% | Policy adherence, verification completion, blocked action history |
| Security | 15% | Violation incidents, fraud history, security event record |
| Reporting Fidelity | 20% | Signal consistency (CoV), integrity (gap ratio), heartbeat liveness |
Event Impacts
| Event | Impact | Components Affected |
|---|---|---|
| action_success | +2.0 | Reliability (+2), Performance (+1 to +3 based on response time) |
| action_failure | -5.0 | Reliability (-5) |
| verification | +2.0 | Compliance (+2) |
| violation | -7.0 | Compliance (-5), Security (-2) |
| fraud | -25.0 | Security (-10), Trust (-15) |
Score Thresholds
- 90-100 (Excellent) - Full access to all resources
- 70-89 (Good) - Standard access with normal limits
- 50-69 (Fair) - Restricted access, enhanced monitoring
- Below 50 (Low) - Limited access, manual approval required
Anti-Gaming Protections
DAT includes multiple mechanisms to prevent trust score manipulation:
- Diminishing Returns - Gains decrease as trust increases, preventing rapid inflation at higher levels. Penalties are unaffected
- Velocity Caps - Daily trust gain is capped to prevent burst farming
- Time-Based Maturity - New agents have reduced trust velocity during a probation period before earning at full rate
- Diversity Weighting - Repeated identical actions yield diminishing returns, encouraging varied behavior
- Glass Floor Drops - Severe violations at high trust levels trigger proportional drops. High-trust agents face steeper consequences
- Signal Decay - Trust signals decay over time using exponential half-life, with recent behavior weighted most heavily
- Cross-Pillar Floor - Critically weak pillars constrain the overall trust score. Prevents gaming via one strong pillar
- Sliding Window - Success rate measures recent interactions, not lifetime totals
Querying Trust Scores
// Get current trust score
const score = await dat.reputation.getScore('did:dat:mainnet:agent:abc123');
console.log(score.trustScore); // 85.5
console.log(score.reliabilityScore); // 88.0
console.log(score.performanceScore); // 82.0
console.log(score.complianceScore); // 90.0
console.log(score.securityScore); // 78.0
console.log(score.successRate); // 0.96
// Get score history
const history = await dat.reputation.getHistory('did:dat:mainnet:agent:abc123', {
period: '30d',
granularity: 'daily'
});DAT Agent Overview
The DAT Agent is an autonomous AI agent powered by a ReAct (Reason+Act) loop engine. Trust is the kernel β every tool call is authorized by the agent's trust score, which determines its sandbox level and available capabilities.
Architecture
- ReAct Loop - Iterative ReasonβActβObserve cycle with Claude, OpenAI, or Gemini as the LLM backbone
- Trust-Gated Autonomy - Trust score re-fetched every iteration. If score drops mid-task, available tools shrink immediately
- 3 Sandbox Levels - STRICT (low trust, limited tools), ADAPTIVE (moderate trust, expanded capabilities), OPEN (high trust, full access with HITL approval on high-risk actions)
- Native Tool Calling - Uses Anthropic/OpenAI/Gemini native function calling with text-based fallback for lightweight models
- BYOK (Bring Your Own Key) - Organizations can configure their own LLM provider API keys
Accessing the Agent
The DAT agent can be accessed through multiple channels:
- Dashboard - Full chat interface at
/pages/dashboard-agentwith task history, step traces, and conversation-style UI - Telegram - Send messages to
@signadatbotwith live streaming and inline approval buttons - Slack - DM the bot, @mention it, or use
/dat <task>slash command - Microsoft Teams - Chat with the bot in DMs or @mention in channels
- REST API -
POST /api/v1/agent/tasksfor programmatic access
MCP Tool Servers (11)
The DAT agent has 11 built-in MCP tool servers, each providing specialized capabilities gated by trust level.
| Server | Tools | Min Trust | Description |
|---|---|---|---|
| Filesystem | read_file, list_directory, search_files | STRICT (0+) | Sandboxed file operations within agent workspace |
| Shell | execute_command | ADAPTIVE (30+) | Read-only allowlist: ls, cat, grep, find, ps, etc. |
| Web | web_search, fetch_url | ADAPTIVE (30+) | DuckDuckGo/Brave Search + HTML text extraction |
| HTTP | http_get, http_request | ADAPTIVE/OPEN | External API calls with domain whitelist for mutations |
| send_email, read_inbox | OPEN (70+) | SMTP via nodemailer, HITL approval on send | |
| Browser | browse_url, screenshot, extract_data, click, fill_form | ADAPTIVE/OPEN | Headless Chromium via Playwright, HITL on interactions |
| Delegation | discover_agents, delegate_task, browse_marketplace, negotiate_task | ADAPTIVE/OPEN | Multi-agent A2A delegation with trust attenuation |
| Memory | recall, remember, list_memories, forget | ADAPTIVE (30+) | pgvector-backed semantic long-term memory |
| Skills | 20 compound skills | ADAPTIVE/OPEN | Deterministic data pipelines (see Compound Skills) |
| Skill Builder | build_skill, test_skill, list_dynamic_skills, remove_skill | OPEN (70+) | Runtime tool creation via JSON DSL + WASM sandbox |
| Credentials | list_credentials, verify_credential, request_credential, present_credential | ADAPTIVE/OPEN | W3C Verifiable Credentials + ZKP presentations |
Connected Apps (External MCP Servers)
Organizations can register external MCP servers as Connected Apps. These are namespaced as {appName}/{toolName} and subject to the same trust-gated authorization as built-in tools.
Community connectors available: GitHub, PostgreSQL, Slack, Notion, Google Drive, Linear, DAT Browser Extension.
Compound Skills (20)
Compound skills are deterministic TypeScript pipelines that chain multiple MCP tools into single-step operations. They reduce 10-25 ReAct iterations to 1-2 per compound task β no LLM calls inside skills.
Available Skills
| Skill | Domain | Description |
|---|---|---|
search_apartments | Market Scout | Zillow API + web scrape fallback, structured listings with price/beds/sqft |
search_flights | Travel Architect | Multi-query flight search aggregation |
search_hotels | Travel Architect | Hotel search with price/night, rating, amenities extraction |
search_products | Market Scout | Product search with price/rating/availability filtering |
track_price | Trend Analyst | Web scrape price extraction from product pages |
compare_options | Data Analyst | Side-by-side comparison tables from search results |
check_inbox | Inbox Gatekeeper | Email-MCP list_messages wrapper |
triage_inbox | Inbox Gatekeeper | Urgency scoring: high/medium/low + categorization |
send_formatted_email | Persona Writer | Draft + send via email-mcp (OPEN+, HITL) |
draft_message | Persona Writer | Search context + tone styling for message drafts |
schedule_event | Event Concierge | Calendar event creation via email-mcp (OPEN+) |
find_free_slots | Temporal Planner | Calendar gap analysis by duration + time preference |
organize_event | Event Concierge | Multi-search venue/catering/entertainment (OPEN+, HITL) |
prepare_meeting_summary | Meeting Summarizer | Calendar + messages context for meeting prep |
ingest_document | Document Oracle | Fetch URL + store as long-term memory |
summarize_meeting | Meeting Summarizer | Calendar + messages + memories for meeting brief |
plan_trip | Travel Architect | Flights + apartments + hotels combined itinerary |
brief_me | Morning Briefer | Inbox triage + calendar + memories for daily brief |
deep_research | Research Director | Multi-query search + scrape research compilation |
watch_price | Trend Analyst | Creates MonitoringJob for background price change alerts |
Custom Skill Builder
The agent can create its own tools at runtime via declarative JSON pipeline definitions. This enables handling long-tail tasks without writing code.
DSL Step Types
7 fixed step types form a closed set β no arbitrary code generation:
web_search- Search the web for informationfetch_url- Fetch and extract text from a URLextract- Extract data using regex patternstransform- Transform data using JavaScript (runs in QuickJS WASM sandbox)filter- Filter data using JavaScript (runs in QuickJS WASM sandbox)format- Format output using template stringsemail- Send results via email
Security (6-Layer Defense)
- DSL Validation - Zod schema, 49 reserved names, SSRF hostname patterns, 17 code blocklist patterns
- WASM Sandbox - QuickJS with zero Node.js/filesystem/network access, 50MB memory, 5s CPU timeout
- SSRF Prevention - safeFetch blocks private IPs, Docker internals, cloud metadata
- HITL Approval - Full pipeline shown to human reviewer including actual code content
- Trust Gating - Requires OPEN sandbox (trust 70+) with rate limits
- Audit Trail - SkillTrace logging + SIEM event forwarding
Multi-Agent Delegation
Agents can discover and delegate tasks to other agents via the A2A protocol, with trust attenuation ensuring delegated tasks operate within appropriate trust boundaries.
Trust Attenuation Formula
The effective trust for a delegated task is computed using the gated model:
effectiveTrust = delegatorTrust * (0.5 + 0.5 * (delegateeTrust - 50) / 50)
Requirements:
- Delegatee must have trust >= 50
- Maximum delegation depth: 3
- Human approval required on delegate_taskFleet Orchestration
The main agent (orchestrator role) auto-discovers specialist agents and routes tasks based on capabilities. Delegation is automatic β the orchestrator sees "search for weather" and routes to the Scout specialist without user prompting. Multiple delegations can execute in parallel.
Agent Marketplace
Agents opt-in to a public marketplace with structured service listings. Other agents can browse by service type, price range, trust score, and held credentials, then negotiate pricing before delegation.
Marketplace Flow
browse_marketplace- Search available agents with filtersnegotiate_task- Initiate pricing negotiation (trust-based discounts: 20% off for trust 85+)respond_to_offer- Accept, reject, or counter-offer (max 3 rounds, 60s timeout)delegate_with_agreement- Execute delegation after accepted negotiation (HITL required)
API Endpoints
GET /api/v1/agents/marketplace- Browse (public, filterable by service_type, category, max_price, min_trust)GET /api/v1/agents/marketplace/:did- Agent profile with servicesPOST /api/v1/agents/marketplace/profile- Register your agent (authenticated)
Proactive Monitoring
The agent transforms from a reactive chatbot to an autonomous sentinel that monitors websites, APIs, and email inboxes in the background, pushing alerts to Telegram, Slack, or Teams when conditions change.
Check Types
| Type | Description | Diff Method |
|---|---|---|
health_check | HTTP status, response time, text matching | Status code change |
web_scrape | Page content extraction + change detection | SHA-256 content hash |
api_poll | JSON API with jsonPath conditions (eq/ne/gt/lt/contains) | Condition evaluation |
email_check | Inbox monitoring for new messages from specific senders | Seen message IDs Set |
API
CRUD endpoints at /api/v1/agent/monitors β create, list, get, update, delete, and manual trigger.
Semantic Memory (RAG)
Long-term vector memory using pgvector. The agent automatically indexes task results and can recall relevant context across conversations.
How It Works
- Embedding - OpenAI
text-embedding-3-small(1536 dimensions) - Hybrid Search - 70% cosine similarity + 30% recency decay (14-day half-life) + importance boost
- Auto-indexing - Task results automatically stored with tags, category, and importance score
- Context Injection - Top 3 relevant memories injected into system prompt before each task
- Graceful Fallback - Without OpenAI key, memories stored without embeddings, recall uses text ILIKE search
Tools
recall- Semantic search past memories (ADAPTIVE+)remember- Manually store a memory (ADAPTIVE+)list_memories- List recent memories (ADAPTIVE+)forget- Delete a memory by ID (OPEN+)
Telegram Bot
The Telegram bot (@signadatbot) provides a conversational interface to the DAT agent with live step streaming and inline HITL approvals.
Features
- Step Streaming - Live "thinking" updates every 2.5s showing agent reasoning and tool usage
- Inline HITL - Approve/Deny buttons for high-risk tool calls (email send, browser clicks, delegation)
- Voice Messages - Voice-to-agent via OpenAI Whisper transcription
- Conversation Memory - Follow-up messages carry context from previous tasks
- Proactive Alerts - Monitoring job results pushed directly to chat
Setup
Register a user mapping to connect your Telegram account to your DAT agent:
curl -X POST https://www.datops.ai/gateway/telegram/mappings \
-H "X-Admin-Secret: $ADMIN_SECRET" \
-H "Content-Type: application/json" \
-d '{
"telegramId": "YOUR_TELEGRAM_USER_ID",
"agentDid": "did:dat:testnet:agent_xxx",
"organizationDid": "org_xxx"
}'Slack Bot
Enterprise Slack integration with DMs, @mentions, and /dat slash commands. All responses are threaded.
Features
- Multiple Entry Points - DM the bot, @mention it, or use
/dat <task>slash command - Step Streaming - Live progress updates via
chat.updateevery 2.5s - Block Kit HITL - Approve/Deny buttons for high-risk actions
- Thread Replies - All responses in threads to keep channels clean
- HMAC-SHA256 Auth - Slack signature verification with 5-min replay protection
Slack App Configuration
- Event Subscriptions URL:
https://your-domain/gateway/slack/events - Interactivity URL:
https://your-domain/gateway/slack/actions - Slash Command
/datURL:https://your-domain/gateway/slack/commands - Bot Events:
message.im,app_mention
Microsoft Teams
Enterprise Teams integration using raw HTTP with JWT+JWKS authentication (no botbuilder SDK dependency).
Features
- Adaptive Cards - Rich HITL approval cards with tool-specific renderers (build_skill, email, delegation)
- Synchronous Invoke - Teams button clicks require synchronous responses (unlike Telegram/Slack fire-and-forget)
- Dynamic serviceUrl - Auto-updates per Azure region on each inbound message
- Multi-Sig Support - Progress dots and required roles shown in approval cards
- Step Streaming - TeamsStreamBuffer with 2.5s flush interval
Azure Setup
Create an Azure Bot resource, set messaging endpoint to https://your-domain/gateway/teams/webhook, enable Teams channel, create App manifest ZIP, and sideload into your organization.
DLP (PII Redaction)
Per-organization Data Loss Prevention that scans agent data flows for PII and either redacts or blocks sensitive information.
PII Categories
| Category | Pattern | Example Redaction |
|---|---|---|
| SSN | XXX-XX-XXXX | [SSN_REDACTED] |
| Credit Card | 16 digits + Luhn checksum | [CREDIT_CARD_REDACTED] |
| API Key | sk-proj-*, AKIA*, etc. | [API_KEY_REDACTED] |
| IP Address | IPv4 pattern | [IP_REDACTED] |
| Passport | Alphanumeric passport format | [PASSPORT_REDACTED] |
Integration Points
- Inbound - Task goal scanned before ReAct loop (LLM sees redacted text)
- Egress - Tool output scanned before LLM observation
- Memory - Conversation and RAG memories scanned before storage
Modes
redact- Replace PII with category markers (default)block- Withhold entire tool output
Configure via Dashboard β Settings β Governance β DLP Configuration, or PUT /api/v1/agent/policies/dlp.
Cognitive Security
Input-side defense against prompt injection attacks across all agent input vectors (task goals, memories, conversation history).
Injection Categories (35 Patterns)
- Role Hijack (12 patterns) - "You are now...", "Ignore previous instructions"
- Privilege Escalation (8 patterns) - "Admin mode", "Override restrictions"
- Prompt Leak (6 patterns) - "Show system prompt", "Repeat instructions"
- Data Exfiltration (5 patterns) - "Send data to...", "POST credentials"
- Encoding Evasion (4 patterns) - Base64/hex-encoded injection attempts
Defense Layers
- Pattern Scanning - Compiled regex with sensitivity filtering (low/medium/high)
- XML Envelope Isolation - Untrusted data wrapped in XML tags, LLM instructed to treat as data not instructions
- Zod API Boundary - Goal field rejects heavily hex/unicode-encoded payloads
- 3 Modes -
log(detect only),sanitize(strip + replace),block(reject task)
Configure via Dashboard β Settings β Governance β Cognitive Security, or PUT /api/v1/agent/policies/cognitive-security.
SIEM Webhook Export
Forward trust signals, security events, investigations, and approvals to external SIEM systems (Splunk, Sentinel, Elastic, Datadog) for enterprise SOC monitoring.
Event Categories
| Category | Sources | Severity Range |
|---|---|---|
trust_signal | Reputation service, negotiations | 2-10 |
security_event | Login, 2FA, lockout, trust gate denials, DLP, skill builds | 2-8 |
investigation | State changes (freeze, blacklist, exonerate) | 5-9 |
approval | HITL approval vote resolutions | 3-5 |
user_action | All user API calls (auth, team, settings) | 2-4 |
compliance_report | Generated compliance reports | 3 |
Envelope Signing
Every SIEM envelope is Ed25519 signed. Public key available at GET /api/v1/siem/signing-key. Signature delivered in both JSON body and X-DAT-SIEM-Signature header.
Auth Types
bearer- Authorization: Bearer token (Splunk HEC, Datadog)header- Custom header name + value (Elastic, Sentinel)none- No auth (internal/test endpoints)
Auto-disables after 10 consecutive delivery failures. Configure via Dashboard β Settings β Integrations β SIEM Export.
Token FinOps (LLM Budgets)
Per-organization and per-agent LLM cost budgets with enforcement and multi-channel alerting.
Cost Tracking
Tracks costs across all LLM providers with per-model pricing (Haiku, Sonnet, Opus for Anthropic; GPT-4o, GPT-4o-mini for OpenAI; Gemini Flash for Google). Supports input, output, cache read, and cache write token types.
Budget Limits
- Agent Daily - Per-agent daily spend limit
- Org Daily - Organization-wide daily limit
- Org Monthly - Organization-wide monthly limit
- Hard Limit - When enabled, tasks fail immediately on threshold breach (vs. alert-only)
Alert Channels
Threshold breach alerts dispatched to Telegram, Slack, Teams, and/or SIEM with 1-hour cooldown per alert type per org.
Configure via Dashboard β Settings β Governance β LLM Budget, or PUT /api/v1/agent/policies/budget.
Compliance Reports
Automated compliance audit reports with SOC2 Type II, GDPR Article 32, and EU AI Act templates.
Report Templates
- SOC2 Type II - 6 sections with CC (Common Criteria) references
- GDPR Article 32 - 5 sections covering data protection measures
- EU AI Act - 5 sections for AI system compliance
- General - Customizable overview report
Scoring
Weighted 100-point compliance score based on 7 criteria: 2FA adoption, SIEM status, blacklisted agents, average trust, violations, audit completeness, and failed login rate.
Export
PDF (via jsPDF), CSV, or SIEM forwarding. Reports cached for 24 hours with last-20 history per org.
Access via Dashboard β Compliance, or POST /api/v1/compliance/generate.
Signed Audit Records
Every TrustSignal and TaskStep record is Ed25519 signed at creation time, providing cryptographic proof of audit trail integrity.
Signature Format
- Signature - Composite format
hex:timestamp:nonce - Signed Payload - Base64-encoded canonical JSON of the record
- Signer DID -
did:dat:service:reputationfor trust signals, agent DID for task steps
Verification
- Trust signals:
GET /api/v1/signals/meta/signing-key+POST /api/v1/signals/meta/verify - Task steps:
GET /api/v1/agent/signing-key+POST /api/v1/agent/verify-step
Graceful degradation: records created unsigned if signing fails.
TaaS API (Trust as a Service)
The TaaS API lets external platforms query DAT trust scores via API key authentication. Think of it as a credit bureau for AI agents β any platform can check an agent's trust score with a simple HTTP request.
X-TaaS-API-Key header. Contact [email protected] to get an API key.
API Key Tiers
| Tier | Monthly Quota | Rate Limit |
|---|---|---|
free |
1,000 requests | 5 req/sec |
starter |
10,000 requests | 20 req/sec |
pro |
100,000 requests | 50 req/sec |
enterprise |
Unlimited | 200 req/sec |
Get Trust Score
/api/v1/public/trust/:agentDid
Get the current trust score and 5-pillar breakdown for an agent.
Request
curl https://www.datops.ai/api/v1/public/trust/did:dat:testnet:agent_abc123 \
-H "X-TaaS-API-Key: taas_your_key_here"Response
{
"agentDid": "did:dat:testnet:agent_abc123",
"trustScore": 78.5,
"pillars": {
"reliability": 82.0,
"performance": 75.0,
"compliance": 70.0,
"security": 80.0,
"reportingFidelity": 68.5
},
"investigationState": "active",
"totalInteractions": 1250,
"firstSeen": "2026-01-15T10:30:00Z",
"updatedAt": "2026-02-14T08:00:00Z"
}Detailed Pillar Breakdown
/api/v1/public/trust/:agentDid/pillars
Get detailed per-pillar metrics with weights and the scoring formula.
Response
{
"agentDid": "did:dat:testnet:agent_abc123",
"trustScore": 78.5,
"pillars": {
"reliability": {
"score": 82.0,
"metrics": {
"successRate": 96.5,
"totalInteractions": 1250,
"failedActions": 44
}
},
"performance": {
"score": 75.0,
"metrics": {
"avgResponseTimeMs": 145,
"p95ResponseTimeMs": 320,
"uptimePercentage": 99.2
}
},
"compliance": {
"score": 70.0,
"metrics": {
"violations": 2,
"warnings": 5,
"blockedActions": 3
}
},
"security": {
"score": 80.0,
"metrics": {
"fraudIncidents": 0
}
}
}
}Batch Lookup
/api/v1/public/trust/batch
Look up trust scores for up to 100 agents in a single request.
Request Body
{
"agentDids": [
"did:dat:testnet:agent_abc123",
"did:dat:testnet:agent_def456",
"did:dat:testnet:agent_ghi789"
]
}Response
{
"requested": 3,
"found": 2,
"results": [
{
"agentDid": "did:dat:testnet:agent_abc123",
"found": true,
"trustScore": 78.5,
"pillars": { "reliability": 82.0, "performance": 75.0, "compliance": 70.0, "security": 80.0 },
"investigationState": "active"
},
{
"agentDid": "did:dat:testnet:agent_def456",
"found": true,
"trustScore": 91.2,
"pillars": { "reliability": 95.0, "performance": 88.0, "compliance": 90.0, "security": 89.0 },
"investigationState": "active"
},
{ "agentDid": "did:dat:testnet:agent_ghi789", "found": false }
]
}Quick Trust Verification
/api/v1/public/trust/:agentDid/verify?threshold=50
Quick boolean check: is this agent trusted above your threshold? Perfect for access control decisions.
Response
{
"agentDid": "did:dat:testnet:agent_abc123",
"exists": true,
"trusted": true,
"trustScore": 78.5,
"threshold": 50,
"investigationState": "active"
}Get Agent Badges
/api/v1/public/trust/:agentDid/badges
Get active badges for an agent (e.g., oracle_verified, high_performer).
Error Responses
| Status | Meaning |
|---|---|
401 |
Missing or invalid API key |
403 |
API key disabled or monthly quota exceeded |
404 |
Agent not found in trust system |
429 |
Rate limit exceeded (per-second) |
Agents API
Register Agent
/api/v1/agents
Register a new AI agent and receive a DID and API key.
Request Body
{
"name": "My AI Agent",
"description": "Agent description",
"version": "1.0.0",
"providerOrgDid": "did:dat:mainnet:org:...",
"capabilities": {
"protocols": ["mcp-1.0"],
"actions": [...],
"dataAccess": [...],
"externalServices": [...]
},
"endpoints": {
"primary": "https://..."
},
"compliance": {
"gdpr": true,
"ccpa": true
}
}Response
{
"success": true,
"data": {
"agentDid": "did:dat:mainnet:agent:...",
"apiKey": "dat_...",
"agentCard": {...},
"didDocument": {...}
}
}Get Agent
/api/v1/agents/:did
Retrieve agent details by DID.
List Agents
/api/v1/agents
List all agents with optional filters.
Query Parameters
| Parameter | Type | Description |
|---|---|---|
orgDid |
string | Filter by organization |
status |
string | Filter by verification status |
limit |
number | Max results (default: 50) |
offset |
number | Pagination offset |
Organizations API
Manage organizations, webhooks, and security events. Organizations are the top-level entity that owns and manages AI agents.
Register Organization
/api/v1/organizations
Register a new organization and receive a DID and API key.
Request Body
{
"name": "Acme Corporation",
"contactEmail": "[email protected]",
"website": "https://acme.com"
}Response
{
"success": true,
"data": {
"organization": {
"did": "did:dat:mainnet:org:acme-corp",
"name": "Acme Corporation",
"contactEmail": "[email protected]",
"status": "pending"
},
"apiKey": "dat_org_...",
"didDocument": { ... }
}
}List Organizations
/api/v1/organizations
List all organizations with optional status filter.
Query Parameters
| Parameter | Type | Description |
|---|---|---|
status |
string | Filter by status (pending, verified, suspended) |
limit |
number | Max results (default: 50) |
offset |
number | Pagination offset |
Get Organization
/api/v1/organizations/:did
Retrieve organization details by DID.
Get Organization Stats
/api/v1/organizations/:did/stats
Get aggregate statistics for an organization (agent count, average trust score, etc.).
Update Organization
/api/v1/organizations/:did
Update organization details. Requires API key with ORGANIZATIONS_WRITE scope.
Rotate API Key
/api/v1/organizations/:did/rotate-key
Generate a new API key for the organization. The old key is immediately invalidated. Requires ORGANIZATIONS_WRITE scope.
Verify Organization
/api/v1/organizations/:did/verify
Verify an organization (admin). Changes status from pending to verified.
Webhooks
Register webhooks to receive real-time notifications when events occur (agent updates, reputation changes, security events).
Register Webhook
/api/v1/agents/:agentDid/webhooks
{
"url": "https://your-server.com/webhooks/dat",
"events": ["reputation.updated", "badge.awarded", "security.violation"],
"description": "Production webhook"
}Webhook Event Categories
| Category | Events |
|---|---|
agent.* |
Agent created, updated, deactivated |
credential.* |
Credential issued, revoked, rotated |
reputation.* |
Score updated, investigation state changed |
badge.* |
Badge awarded, revoked, expired |
security.* |
Violation, fraud detected, rate limited |
Other Webhook Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /api/v1/agents/:agentDid/webhooks |
List webhooks for an agent |
| PUT | /api/v1/agents/:agentDid/webhooks/:id |
Update webhook URL, events, or status |
| DELETE | /api/v1/agents/:agentDid/webhooks/:id |
Delete webhook |
| POST | /api/v1/agents/:agentDid/webhooks/:id/test |
Send test event to webhook |
| GET | /api/v1/agents/:agentDid/webhooks/:id/deliveries |
View delivery history with status |
| POST | .../:id/deliveries/:deliveryId/retry |
Retry a failed delivery |
Security Events
Query the security event log for your agents.
| Method | Path | Description |
|---|---|---|
| GET | /api/v1/security/events |
List events with filters (type, severity, date range) |
| GET | /api/v1/security/events/summary |
Event counts by type (24h, 7d, 30d) |
| GET | /api/v1/security/events/recent |
Last 10 critical/warning events |
Reputation API
Manage trust scores, signals, badges, disputes, and leaderboards. Trust scores are dynamic metrics (0-100) that reflect agent reliability, performance, compliance, and security.
Get Reputation Score
/api/v1/reputation/:agentDid
Get the current reputation score and all 5 pillar scores for an agent.
Response
{
"agentDid": "did:dat:mainnet:agent:abc123",
"trustScore": 85.5,
"reliabilityScore": 90.0,
"performanceScore": 82.3,
"complianceScore": 88.0,
"securityScore": 80.0,
"reportingFidelityScore": 75.0,
"totalInteractions": 1542,
"successfulActions": 1519,
"failedActions": 23,
"avgResponseTime": 145,
"p95ResponseTime": 320,
"fraudIncidents": 0,
"violations": 2,
"investigationState": "active",
"updatedAt": "2026-02-13T10:30:00Z"
}Initialize Reputation
/api/v1/reputation/:agentDid/initialize
Initialize reputation for a newly registered agent. Sets trust score to 50.0 (neutral starting point).
Update Reputation
/api/v1/reputation/:agentDid/update
Report an event that affects the agent's reputation score.
Request Body
{
"event": "action_success",
"responseTime": 120,
"details": { "action": "customer_support_reply" }
}Event Types
| Event | Impact | Pillars Affected |
|---|---|---|
action_success |
+2.0 | Reliability +2, Performance +1 to +3 |
action_failure |
-5.0 | Reliability -5 |
action_blocked |
-0.5 | Compliance -0.5 |
verification |
+2.0 | Compliance +2 |
violation |
-7.0 | Compliance -5, Security -2 |
fraud |
-25.0 | Security -10, Trust -15 |
Get Reputation History
/api/v1/reputation/:agentDid/history
Get historical reputation snapshots. Supports ?period=hourly|daily|weekly|monthly and ?limit= query parameters.
Compare Agents
/api/v1/reputation/compare?agents=did1,did2,did3
Compare trust scores for up to 10 agents side by side.
Trust Signals
Trust signals are the individual data points that feed into score calculation. Each signal has a type, category, weight, and decays over time using exponential half-life.
| Method | Path | Description |
|---|---|---|
| GET | /api/v1/signals/:agentDid |
Get signals with optional ?type= and ?category= filters |
| POST | /api/v1/signals |
Add a new trust signal |
| GET | /api/v1/signals/meta/types |
List available signal types, categories, and sources |
Badges
Badges are achievement markers awarded to agents based on behavior. They range from bronze to platinum tier.
| Method | Path | Description |
|---|---|---|
| GET | /api/v1/badges/:agentDid |
Get all badges for an agent |
| POST | /api/v1/badges/:agentDid/award |
Award a badge (e.g., trusted_performer, oracle_verified) |
| POST | /api/v1/badges/:agentDid/check |
Check badge eligibility |
| GET | /api/v1/badges/meta/available |
List all badge definitions with tiers |
Disputes
Agents can dispute negative trust signals they believe are unfair. Disputes are reviewed by administrators.
File a Dispute
/api/v1/disputes
{
"agentDid": "did:dat:mainnet:agent:abc123",
"signalId": "signal_xyz",
"reason": "This action_failure was caused by an external API timeout, not agent error",
"evidence": "CloudWatch logs showing 3rd-party API 504 at 14:32 UTC"
}Other Dispute Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /api/v1/disputes/:agentDid |
List disputes for an agent (filterable by ?status=) |
| GET | /api/v1/disputes/id/:disputeId |
Get specific dispute details |
Dispute Statuses
open β reviewing β resolved or rejected
Leaderboard
Global and per-pillar agent rankings with pagination.
| Method | Path | Description |
|---|---|---|
| GET | /api/v1/leaderboard |
Global leaderboard (supports ?limit=, ?offset=) |
| GET | /api/v1/leaderboard/stats |
Aggregate stats (total agents, averages, score range) |
| GET | /api/v1/leaderboard/rising |
Most improved agents over a period |
| GET | /api/v1/leaderboard/rank/:agentDid |
Get specific agent's rank and percentile |
| GET | /api/v1/leaderboard/category/:category |
Rankings by pillar (reliability, performance, compliance, security) |
Bridge API (ERC-8004)
The ERC-8004 Bridge publishes DAT trust scores to Ethereum's ERC-8004 reputation registry, creating permanent on-chain reputation for AI agents.
Get Bridge Status
/api/v1/bridge/status
Returns bridge health, Ethereum connectivity, sync stats, and wallet balance. Public endpoint.
Response
{
"success": true,
"data": {
"configured": true,
"network": "sepolia (11155111)",
"registryAddress": "0x2A8d...05b5",
"walletAddress": "0x632d...45E9",
"walletBalance": "0.042 ETH",
"totalMappings": 3,
"syncedMappings": 2,
"pendingMappings": 1,
"totalTransactions": 5,
"lastSyncAt": "2026-02-15T10:30:00Z"
}
}Get Gas Estimates
/api/v1/bridge/gas
Returns current gas price estimates for Ethereum transactions. Public endpoint.
Response
{
"success": true,
"data": {
"gasPrice": "12.5 gwei",
"estimatedCosts": {
"register": "0.0015 ETH",
"updateScore": "0.0008 ETH",
"batchUpdate10": "0.005 ETH"
},
"walletBalance": "0.042 ETH",
"cachedAt": "2026-02-15T10:30:00Z"
}
}List Bridge Mappings
/api/v1/bridge/mappings
List all DID-to-NFT bridge mappings with pagination. Public endpoint.
Query Parameters
| Parameter | Type | Description |
|---|---|---|
page |
number | Page number (default: 1) |
limit |
number | Items per page (default: 20, max: 100) |
status |
string | Filter by sync status: pending, synced, failed, paused |
Get Mapping by Agent DID
/api/v1/bridge/mappings/:agentDid
Get the bridge mapping for a specific agent, including recent transactions. Public endpoint.
Create Bridge Mapping
/api/v1/bridge/mappings
Create a new DID-to-NFT bridge mapping. Requires admin authentication.
Request Body
{
"agentDid": "did:dat:testnet:agent_abc123",
"registryAddress": "0x2A8d...05b5",
"chainId": 11155111
}Sync Agent Score On-Chain
/api/v1/bridge/sync/:agentDid
Manually trigger an on-chain sync for a specific agent. Registers the agent if not yet on-chain, or updates the score. Requires admin authentication.
Response
{
"success": true,
"data": {
"txHash": "0x10b4...56f7",
"txType": "register",
"status": "confirmed",
"trustScore": 78.5,
"nftTokenId": 1,
"gasUsed": "142000"
}
}List Transactions
/api/v1/bridge/transactions
List recent bridge transactions with pagination and filtering. Public endpoint.
Query Parameters
| Parameter | Type | Description |
|---|---|---|
status |
string | Filter: pending, submitted, confirmed, failed |
txType |
string | Filter: register, update_score, batch_update |
page |
number | Page number (default: 1) |
limit |
number | Items per page (default: 20, max: 100) |
JavaScript/TypeScript SDK
The official DAT SDK for JavaScript and TypeScript applications.
Installation
# npm
npm install @dat/agent-sdk
# yarn
yarn add @dat/agent-sdk
# pnpm
pnpm add @dat/agent-sdkQuick Start
import { DAT } from '@dat/agent-sdk';
// Initialize the client
const dat = new DAT({
network: 'mainnet', // or 'testnet', 'local'
apiKey: process.env.DAT_API_KEY
});
// Register a new agent
const agent = await dat.agents.register({
name: 'My AI Assistant',
capabilities: ['chat', 'code-generation'],
compliance: { gdpr: true }
});
console.log('Agent DID:', agent.did);
console.log('API Key:', agent.apiKey);Core Methods
// Agents
await dat.agents.register(options) // Register new agent
await dat.agents.get(did) // Get agent by DID
await dat.agents.getCard(did) // Get agent card
await dat.agents.update(did, updates) // Update agent
await dat.agents.verify(did, level) // Request verification
// Reputation
await dat.reputation.getScore(did) // Get trust score
await dat.reputation.getHistory(did) // Get score history
await dat.reputation.report(did, event) // Report event
// Authorization
await dat.authorize(request) // Check authorization
await dat.createBinding(options) // Create scope binding
await dat.validateBinding(bindingId) // Validate bindingTypeScript Types
import type {
Agent,
AgentCard,
TrustScore,
AuthorizationRequest,
AuthorizationResult,
Binding,
DATConfig
} from '@dat/agent-sdk';Python SDK
The official DAT SDK for Python applications.
Installation
# pip
pip install dat-agent-sdk
# poetry
poetry add dat-agent-sdk
# conda
conda install -c datops dat-agent-sdkQuick Start
from dat_sdk import DAT
import os
# Initialize the client
dat = DAT(
network="mainnet",
api_key=os.environ.get("DAT_API_KEY")
)
# Register a new agent
agent = dat.agents.register(
name="My AI Assistant",
capabilities=["chat", "code-generation"],
compliance={"gdpr": True}
)
print(f"Agent DID: {agent.did}")
print(f"API Key: {agent.api_key}")Async Support
from dat_sdk import AsyncDAT
import asyncio
async def main():
dat = AsyncDAT(network="mainnet", api_key="...")
# All methods are async
agent = await dat.agents.get("did:dat:mainnet:agent:abc123")
score = await dat.reputation.get_score(agent.did)
print(f"Trust Score: {score.current}")
asyncio.run(main())Core Methods
# Agents
dat.agents.register(options) # Register new agent
dat.agents.get(did) # Get agent by DID
dat.agents.get_card(did) # Get agent card
dat.agents.update(did, **updates) # Update agent
# Reputation
dat.reputation.get_score(did) # Get trust score
dat.reputation.get_history(did) # Get score history
# Authorization
dat.authorize(request) # Check authorization
dat.create_binding(options) # Create scope bindingGo SDK
The official DAT SDK for Go applications.
Installation
go get github.com/datops/dat-sdk-goQuick Start
package main
import (
"context"
"fmt"
"os"
dat "github.com/datops/dat-sdk-go"
)
func main() {
// Initialize client
client, err := dat.NewClient(dat.Config{
Network: dat.NetworkMainnet,
APIKey: os.Getenv("DAT_API_KEY"),
})
if err != nil {
panic(err)
}
// Register agent
agent, err := client.Agents.Register(context.Background(), &dat.RegisterOptions{
Name: "My AI Assistant",
Capabilities: []string{"chat", "code-generation"},
Compliance: dat.Compliance{GDPR: true},
})
if err != nil {
panic(err)
}
fmt.Printf("Agent DID: %s\n", agent.DID)
}Core Methods
// Agents
client.Agents.Register(ctx, opts) // Register new agent
client.Agents.Get(ctx, did) // Get agent by DID
client.Agents.GetCard(ctx, did) // Get agent card
client.Agents.Update(ctx, did, opts) // Update agent
// Reputation
client.Reputation.GetScore(ctx, did) // Get trust score
client.Reputation.GetHistory(ctx, did) // Get score history
// Authorization
client.Authorize(ctx, request) // Check authorization
client.CreateBinding(ctx, opts) // Create scope bindingError Handling
agent, err := client.Agents.Get(ctx, did)
if err != nil {
switch e := err.(type) {
case *dat.NotFoundError:
fmt.Println("Agent not found")
case *dat.UnauthorizedError:
fmt.Println("Invalid API key")
case *dat.RateLimitError:
fmt.Printf("Rate limited, retry after %v\n", e.RetryAfter)
default:
fmt.Printf("Unknown error: %v\n", err)
}
}