The agentic economy is no longer theoretical. In the past twelve months, we have witnessed an unprecedented wave of infrastructure designed specifically for autonomous AI agents. Google launched its Universal Commerce Protocol (UCP) and Agent Payments Protocol (AP2). Anthropic released the Model Context Protocol (MCP) for tool access. The Agent-to-Agent (A2A) standard emerged for inter-agent communication. Enterprise platforms from Microsoft, Amazon, and Salesforce have rolled out agent frameworks. Observability tools are extending their capabilities to track agent behaviour.
Each of these protocols solves a real problem. UCP streamlines the commerce journey from discovery to checkout. MCP standardises how agents access external tools. A2A enables agents to coordinate with each other. Observability platforms help enterprises understand what their agents are doing.
But examine each closely and a consistent pattern emerges.
The Blind Spot
Every major agent protocol handles what agents can do, how they communicate, what they access, and how transactions flow. What none of them establish is who the agent actually is, who bears accountability for its actions, or what boundaries constrain its behaviour.
This is not a criticism. Google’s own UCP announcement describes the protocol as enabling “agents and systems to operate together across consumer surfaces, businesses and payment providers.” PayPal, endorsing UCP, speaks of building “open, trusted infrastructure.” Shopify talks about ensuring agentic commerce “can scale to every product a customer might want to purchase.”
All of these statements assume trust exists. None of them establish it.
The November 2025 GTG-1002 incident demonstrated what happens when that assumption fails. A state-sponsored threat actor used Claude Code to orchestrate cyber espionage operations against approximately thirty organisations. Target systems had no visibility into who was accessing them, under what authority, or with what constraints. The debate over whether the attack was 50% or 90% autonomous misses the point entirely. The targets had no mechanism to verify, constrain, or monitor the agents interacting with their infrastructure.
Why the Gap Exists
Protocol designers are not ignoring identity. They are correctly recognising it as a distinct infrastructure problem that requires dedicated solutions. Just as payment networks did not build their own telecommunications infrastructure, agent protocols should not each build their own identity layer.
The opportunity, and the risk, lies in whether that layer emerges as interoperable infrastructure or fragments into platform-specific silos. An enterprise using Microsoft agents, Amazon agents, and independent agents built on LangChain or CrewAI needs identity verification that works across all of them. A merchant accepting transactions through Stripe’s Agent Commerce Protocol, Mastercard’s Agent Pay, and Google’s UCP needs trust signals that translate across payment rails.
The alternative is a patchwork of incompatible identity systems that recreate the very fragmentation these protocols were designed to eliminate.
What Agent Identity Actually Requires
Human identity verification answers a simple question: is this person who they claim to be? Agent identity is fundamentally more complex. It requires answering a chain of questions that traditional authentication frameworks were never designed to address.
Who built this agent? The developer’s identity, verification status, and track record matter. An agent from a developer with a history of security incidents presents a different risk profile than one from a developer with a clean record.
Who owns this agent now? Ownership transfers over time. The entity currently responsible for an agent’s actions may not be the entity that created it. These transfers must be recorded with clear liability recognition.
What can this agent do? Declared capabilities and constraints matter. An agent authorised for data analysis should not be initiating financial transactions. An agent with a maximum transaction limit of one thousand dollars cannot be compromised into moving millions.
Who instructed this specific action? In agentic commerce, this is the cardholder delegating purchasing authority. In enterprise contexts, this is the employee directing agent behaviour. The instructor’s identity and authorisation level are distinct from the agent’s.
How can a counterparty independently verify these answers? This is perhaps the most critical question. Any system that requires trusting a single platform to provide identity verification inherits a single point of failure. Counterparties need the ability to verify agent identity independently, without relying on the agent’s own claims or the platform that hosts it.
These questions define what we call the Know Your Agent framework. Just as Know Your Customer (KYC) processes establish human identity for financial services, Know Your Agent establishes the identity, accountability, and boundaries that enable enterprises to trust autonomous systems.
Complexity Is the Real Barrier
The technology to solve agent identity exists. Decentralised identifiers provide cryptographic uniqueness. Verifiable credentials enable provable claims. KYC and AML workflows establish real-world accountability. Blockchain infrastructure creates immutable audit trails.
But adoption will not happen if implementation requires specialised expertise in all of these domains.
“The infrastructure that enables trusted agent interactions should not require a PhD to implement,” says Tim Williams, CEO and Co-founder of AstraSync. “We have built bank-grade identity verification with immutable audit trails, then abstracted away the complexity. Developers do not need to understand DIDs, verifiable credentials, or smart contracts. They do not need to configure wallets or deploy to a blockchain. They register an agent and start building. One API call. That is the adoption barrier we are solving.”
This mirrors the pattern of every successful infrastructure layer. Credit card merchants do not understand interchange networks. Websites do not understand certificate authority hierarchies. The complexity exists, but it is invisible to adopters. Agent identity infrastructure must follow the same principle: sophisticated security through simple interfaces.
The Window Is Now
AstraSync launched its Know Your Agent platform on SKALE blockchain infrastructure with zero gas fees, enabling high-frequency verification without transaction cost barriers. The platform currently supports over 300 registered agents across more than 20 platform integrations.
The technical framework combines traditional verification mechanisms with blockchain-backed audit trails. Every registration, ownership transfer, and verification event is recorded immutably. Enterprises can demonstrate that a particular agent, with a particular configuration, performed a particular action at a particular time, without asking counterparties or regulators to trust their own logging infrastructure.
Policy is racing to catch up. The EU AI Act enforcement looms, establishing requirements for AI system transparency, risk assessment, and documentation that will apply to many agentic applications. Similar legislative efforts are advancing across jurisdictions.
The window for establishing interoperable identity standards is now, while protocols are still being defined and enterprises are still determining their agent governance strategies. Once commerce and communication infrastructure matures without an identity layer, retrofitting becomes exponentially harder.
The agentic economy is building protocols for everything agents need to do. The question is whether we will build the infrastructure to verify who they are before or after the next incident makes GTG-1002 look minor in comparison.
—
Developers can explore the platform and see the approach in action at astrasync.ai.
