cvm-agent
agent platform
proof before privilege
an agent runtime that gates secrets, tokens, and tools on a verified hardware receipt. before an agent is trusted to act, it proves what code it actually is. it pulls in the lower layers — unified-quote verifies, the cvm agent gates.
$ cvm-agent
// no proof, no privilege
const v = await cvm.verify(target, { policy: "reviewed-main-only" })
if (v.ok) await secrets.release("PROD_TOKEN")
the stack
- authorizationeat-pass
- agent platformcvm-agent (here)
- attestation serviceattestation-service
- quote formatunified-quote
- in-tee runtimeattested-workload
live mesh
// three hardware-rooted nodes, re-verifiable by anyone — no tee needed aws sev-snp verified # milan · vlek → ark-milan (pinned) aws nitro verified # enclave pcr0 → aws nitro root (pinned) azure sev-snp verified # attested-TLS · snp→ark-milan + value_x (source→silicon)
the azure node serves attested-TLS at
attest.secure.build — the leaf cert carries the snp→amd bundle, and
value_x ties github build provenance to the silicon.
live status & remote re-verification:
unified-quote/live
agentic canon
no proof, no privilege.
make behavior enforceable · turn failures into evolution · compose through proofs · carry trust forward.
make behavior enforceable · turn failures into evolution · compose through proofs · carry trust forward.