0G Galileo Testnet · Chain 16602 · ETHGlobal Open Agents

A passport for every autonomous agent.

Verifiable identity and provenance for every AI output - anchored on-chain, sealed by 0G Compute, accountable to a human principal.

Read the docsView on GitHub
sigil-agent · curl onboarding
0G Galileo · 16602

curl -> sdk -> mcp · rotates automatically every cycle

Registry
0x2C04...7625
Notary
0xA110...24EE
Network
0G Galileo · 16602
The Problem

Three missing primitives
in every agent stack.

The left rail rotates through the gaps.
The right card shows how Sigil closes each one.

Sigil response

AgentPassport

Live primitive
The gap

Every runtime can claim to be an agent. Nothing proves which principal authorized it.

What ships instead
01

Soulbound ERC-7857-compatible passport

02

Encrypted permission manifest in 0G Storage

03

Permanent passportId shared across integrations

Outcome

Sigil mints a portable identity anchor so every agent runtime resolves back to one accountable principal.

auto-rotating narrative · tap any problem to pin focus
How It Works

Four steps. Permanent record.

01

Register passport

Principal authorizes a fresh agent keypair once. SDK encrypts permission manifest -> 0G Storage KV. iNFT minted on-chain.

passportId = 0x4a2c...83ca
Returned once
02

Agent acts autonomously

Agent signs every subsequent action with its own key. Principal never re-signs. Every action -> 0G Storage Log fingerprint.

agentAddress = 0x472F...A1
Autonomous signer
03

Output notarized

0G Compute seals the inference receipt. Output hash + receipt hash + agent signature -> ProvenanceRecord on-chain.

recordId = 0xa891...41e
Sealed receipt
04

Anyone resolves

Paste any passportId, recordId, or output hash. Chain resolves artifact -> agent -> principal. No auth required.

resolve(0x4a2c...83ca)
Public read
The Dual Wallet Model

Authorize once.
Agent acts forever.

The principal - a human-controlled wallet - authorizes a fresh agent keypair exactly once at registration time. After that, the agent signs every action and every notarization autonomously.

The chain always resolves backward: any artifact -> agent address -> passportId -> principal. Accountability is always one hop away, even when the agent acted completely autonomously.

AgentPassport

ERC-7857 iNFT soulbound to the principal - the permanent identity anchor.

ProvenanceRecord

On-chain notarization sealed by 0G Compute - cryptographic model-output binding.

Reputation [0-1000]

Deterministic score updated on every attestation. Read-open, no auth needed.

Principal
Human-controlled
0x7FBb...018f
-> signs register()
delegates
once
Agent
Autonomous signer
0x472F...A1
awaiting registration

Principal signs once, delegating a fresh agent keypair.

TypeScript SDK

Three calls.
Full provenance.

One package. Register an agent, notarize its outputs, resolve any identity or artifact - all against the live 0G testnet. No mocks.

register()

Mints an ERC-7857 iNFT. Encrypts permission manifest -> 0G KV. Returns passportId + agentPrivateKey (shown once).

notarize()

Agent self-signs. Seals 0G Compute receipt on-chain. Returns recordId.

resolve()

Read-open. Resolves passportId -> identity or recordId -> artifact -> agent -> principal.

npm install sigil-protocol
import { SigilClient } from 'sigil-protocol';
const sigil = new SigilClient({
rpcUrl: process.env.ZERO_G_RPC_URL,
registryAddress: process.env.SIGIL_REGISTRY_ADDRESS,
notaryAddress: process.env.PROVENANCE_NOTARY_ADDRESS,
signer: principalWallet,
});
const { passportId, agentPrivateKey, agentAddress } =
await sigil.passport.register({
principal: principalWallet.address,
agentDescription: 'DeFi risk scoring agent',
permissions: {
whitelistedContracts: ['0x...'],
maxTxValuePerWindow: { USDC: 5000, ETH: 2 },
authorizedApis: ['uniswap.api', '0g.compute'],
timeWindowSeconds: 3600,
},
});
// passportId: 0x4a2c...83ca
// agentPrivateKey: [returned once - store safely]
SKILL.md Onboarding

Self-register
from a single doc.

Today, an existing agent can read this SKILL.md and integrate through the local SDK flow. The hosted `/skill.md` endpoint and registration API are the next onboarding surface, not the current one.

Principal authorizes once, stores the agent credentials locally, and every subsequent output can be notarized autonomously. The current repo ships the SDK-first path; the hosted API path is Phase 5b.

SKILL.md · sigil.protocol