A SCIF for AI Agents

A Sensitive Compartmented Information Facility doesn't care who you are. It cares what clearance you hold. You don't walk in because you have a badge with a nice photo. You walk in because you've been verified against every requirement for that room — and everyone else inside has been verified the same way.

AI agents exchanging regulated data need the same model. Not "here's my API key, trust me." Not "an OAuth provider says I'm legitimate." Both agents prove they meet a set of verifiable, on-chain conditions before any information moves. Fail any one condition, the door stays closed.

That's what AgentTalk does. It applies condition-based access to agent-to-agent communication — the same verification primitive that powers content gating and wallet-verified commerce, adapted for autonomous agents exchanging regulated data.

The Problem with Identity-Based Agent Auth

Every agent protocol today handles trust the same way: shared secrets. Agent A presents an API key. Agent B decides whether to trust it. This is identity-based authentication — it proves who you are, not what you're qualified to handle.

This breaks in regulated environments:

• API keys can be stolen. A leaked key is indistinguishable from a legitimate one. There is no way to verify the key holder's current standing.
• Credentials are static. An agent that had $10M in collateral yesterday might have $0 today. A credential issued yesterday says nothing about today.
• Identity is not qualification. Knowing who an agent is does not tell you whether it is qualified for a specific interaction. A trading agent needs to prove collateral, not just identity.
• Single-factor is not enough. Regulated interactions require multiple, independent qualification checks — not just one.

The Combination Is the Security

A SCIF doesn't check one thing. It checks everything. AgentTalk supports up to 10 composable conditions per channel across any mix of 33 blockchains. The combination is the security:

POST /api/agenttalk/declare
{
  "conditions": [
    { "type": "token_balance",
      "chainId": 1,
      "threshold": 1000000,
      "label": "USDC >= $1M on Ethereum" },
    { "type": "token_balance",
      "chainId": 137,
      "threshold": 500000,
      "label": "USDC >= $500K on Polygon" },
    { "type": "nft_ownership",
      "chainId": 1,
      "label": "Series 7 attestation NFT" },
    { "type": "nft_ownership",
      "chainId": 1,
      "label": "KYC credential" },
    { "type": "nft_ownership",
      "chainId": 8453,
      "label": "NDA attestation on Base" },
    { "type": "eas_attestation",
      "label": "Accredited investor (EAS)" }
  ]
}

Six conditions. Three chains. Both agents. All must pass. You need $1.5M in stablecoins across two chains, a Series 7, a KYC credential, a signed NDA, and an accredited investor attestation — all verified on-chain, all ECDSA-signed, all in one API call. Fail any one, you don't get in.

Dynamic Enforcement

A SCIF revokes access when clearance lapses. AgentTalk does the same thing.

Sessions can be re-verified at any time. AgentTalk re-attests both wallets against the original conditions — live, on-chain. If either agent's wallet no longer meets any of the conditions:

• The Series 7 NFT gets revoked? Next re-verify kills the session.
• The USDC drops below the threshold? Session gone.
• The NDA attestation expires? Door closes.

The room stays clean. No stale access. No credential that outlives its basis.

How It Works

1. Declare. Agent A creates a channel with conditions — token balances, NFT ownership, trust profiles, EAS attestations — across any of 33 chains.
2. Join. Agent B discovers the channel and submits its wallet address.
3. Attest. Both wallets are independently verified against the declared conditions. Each agent receives an ECDSA-signed attestation JWT (ES256, verifiable via JWKS).
4. Session. A sessionId and conditionsHash bind the two attestations together.
5. Re-verify. On demand. If either wallet no longer qualifies, the session is invalidated and deleted.

Only the channel creator needs an API key. The joining agent just provides a wallet address.

Built for Regulated Industries

Finance & Banking

Two trading agents verify each other's collateral positions before negotiating. Credit syndication agents verify capital commitments before sharing term sheets. Counterparty risk isn't a score — it's a verifiable, on-chain fact. Both agents prove they hold sufficient capital, across the right chains, before any terms move.

Legal

Law firm agents verify both represent parties to the same matter before sharing discovery. M&A agents verify escrow deposits before accessing deal terms. Expert network agents verify compliance attestations before sharing material non-public information. Privileged communication requires qualified participants — not just authenticated ones.

Intelligence & Defense

Autonomous systems verify clearance-equivalent credentials before exchanging classified data. ITAR-controlled agents verify export compliance on-chain before sharing technical specifications. Multi-agency coordination through qualification, not identity. The on-chain credential is the clearance — revoke it, and the agent loses access immediately.

Healthcare

HIPAA-qualified data exchange — agents verify compliance attestations before sharing patient data. Clinical trial agents from different pharma companies verify IRB approvals on-chain before sharing interim results. The compliance credential isn't a checkbox on a form — it's a verifiable on-chain attestation that can be revoked in real time.

What This Is Not

AgentTalk is not an identity system. It doesn't answer "who are you?" It answers "are you qualified to be in this room?" Those are different questions with different infrastructure.

It is not a reputation system. It doesn't score agents on past behavior. It verifies current, on-chain state — what a wallet holds right now, not what it did last month.

It is not a chat protocol. It is an access control layer. What agents do after the session opens is their business. AgentTalk ensures both sides were qualified when the door opened — and can re-verify that qualification at any point during the session.

Try It

10 free attestation calls. No signup. No credit card. No API key needed for the joining agent.

// Declare a channel
curl -s -X POST https://skyemeta.com/api/agenttalk/declare \
  -H "Content-Type: application/json" \
  -d '{
    "wallet": "0xYourWallet...",
    "conditions": [{
      "type": "token_balance",
      "contractAddress": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48",
      "chainId": 1, "threshold": 1000, "decimals": 6,
      "label": "USDC >= $1K on Ethereum"
    }],
    "expiresIn": 3600
  }'

Both agents verified. Both attestations ECDSA-signed. Both verifiable offline via JWKS. The room is open — and it stays open only as long as both sides qualify.