Kipple Labs
Identity, runtime, and evidence for AI agents

Agents act on their own. Make every one accountable.

An AI agent can delete a database or move money before anyone reviews it, and an API key can't tell you who's behind it. Kipple gives every agent a verifiable identity, limits what it can do while it runs, and turns every action into proof of who authorized it.

Built on AXIS, the open agent-identity protocol.


The shift

Your agents are actors now. Your stack still treats them like scripts.

A year ago, agents suggested. Now they act. They call your APIs, move money, and touch customer data, often with no human in the loop. The tools underneath them were built for code and service accounts, not for actors that decide on their own. Three gaps open up.

There's no chokepoint

An agent with access can take an irreversible action in seconds. Nothing stands between its decision and the call.

There's no identity

Most agent actions present a service account or a bearer token. Nothing ties the action back to a named human who's responsible.

There's no evidence

A log says what happened. It can't prove who authorized it. Regulators, insurers, and courts are starting to ask.

65% of enterprises running agents had an agent-related security incident this year. 82% have agents in their infrastructure they can't account for. See the evidence →


How it works

Know who it is. Limit what it can do. Prove what it did.

One identity chain underneath all three, built on the open AXIS protocol.

01

Know who it is

IDENTITY

Every agent carries a keypair. Every action carries a signature. Every signature resolves to an identity record that roots in a real human operator. Standard cryptography, no proprietary custody. This is AXIS, live and free at axisprime.ai.

Live today · free
02

Limit what it can do

RUNTIME

A checkpoint between your agents and everything they can reach. It enforces the scope you granted at the moment of the call, blocks what's out of bounds, and caps what an agent can spend. When an agent goes off the rails, it hits a wall, not your database.

In development · Q3 2026
03

Prove what it did

EVIDENCE

Every action signed, and traced to the human who authorized it, under what scope, reviewed by whom. The kind of record that holds up in front of a regulator, an insurer, or a court. When your framework is the EU AI Act or HIPAA, we map the chain to what your auditor expects.

Audit live · kits Q2 2026

What's live today: the open AXIS identity layer. The registry, the v0.1 spec, and the free platform SDK are running now. The runtime and compliance products are in active development, with design partners onboarding.

Become a design partner

The open foundation

One protocol underneath it all.

Agents carry Ed25519 identity tokens and signed delegation chains. Any platform verifies an agent locally, without calling a central authority. It answers three questions.

01

Who is this agent?

A keypair, a signed token, an identity record that roots in a human operator.

02

What is it allowed to do?

Delegation credentials encode scope. Scope narrows down the chain. It cannot widen.

03

What has it done?

Signed attestations about past behavior, held by whoever issued them.