English · 中文 · Español · 日本語 · Português
The Digital Citizenship Protocol (DCP) defines a portable accountability layer for AI agents, allowing any verifier to evaluate:
- Who is responsible for an agent (Responsible Principal binding),
- What the agent declared it intended to do (Intent Declaration),
- What policy outcome was applied (Policy Decision),
- What verifiable evidence was produced (Audit Trail),
- How agents are managed throughout their lifecycle (Lifecycle Management),
- What happens when agents transition or are decommissioned (Digital Succession),
- How conflicts are resolved between agents and principals (Dispute Resolution),
- What rights and obligations govern agent behavior (Rights Framework), and
- How authority is delegated from humans to agents (Personal Representation).
All artifacts are cryptographically signed, hash-chained, and independently verifiable — without requiring a central authority.
This protocol was co-created by a human and an AI agent — designed for the collaboration it seeks to govern.
DCP is organized into three conceptual layers:
The minimum interoperable protocol that every implementation must support. Core defines the artifacts, their relationships, and the verification model:
- Responsible Principal Binding — links every agent to a human or legal entity that assumes accountability
- Agent Passport — the agent's portable identity, capabilities, and key material
- Intent Declaration — structured declaration of what the agent intends to do, before it acts
- Policy Outcome — the authorization decision applied to an intent
- Action Evidence — hash-chained, tamper-evident audit entries with Merkle proofs
- Bundle Manifest — the portable package that binds all artifacts together for verification
See spec/core/ for the core specification.
Extensions and specializations that build on top of the core but are not required for basic interoperability:
- Crypto Profile — algorithm selection, hybrid post-quantum signatures, crypto-agility, verifier policy (spec/profiles/crypto/)
- Agent-to-Agent (A2A) Profile — discovery, handshake, session management, transport bindings (spec/profiles/a2a/)
- Governance Profile — risk tiers, jurisdiction attestation, revocation, key recovery, governance ceremonies (spec/profiles/governance/)
Operational infrastructure that supports the protocol but is not part of the normative core:
- Verification servers, anchoring services, transparency logs, revocation registries
- These are deployment choices, not protocol requirements
| Spec | Title | Description |
|---|---|---|
| DCP-01 | Identity & Human Binding | Agent identity, operator attestation, key binding |
| DCP-02 | Intent Declaration & Policy Gating | Declared intents, security tier enforcement, policy evaluation |
| DCP-03 | Audit Chain & Transparency | Hash-chained audit entries, Merkle proofs, transparency logs |
| DCP-04 | Agent-to-Agent Communication | Authenticated inter-agent messaging, delegation, trust chains |
| DCP-05 | Agent Lifecycle Management | Commission, monitor, decline, and decommission agents with state machine enforcement |
| DCP-06 | Digital Succession & Inheritance | Digital testaments, memory transfer, successor designation |
| DCP-07 | Conflict Resolution & Dispute Arbitration | Disputes, escalation levels, arbitration, jurisprudence |
| DCP-08 | Rights & Obligations Framework | Rights declarations, obligation records, violation reporting |
| DCP-09 | Personal Representation & Delegation | Delegation mandates, awareness thresholds, principal mirrors |
| DCP-AI v2.0 | Post-Quantum Normative Specification | Complete v2.0 spec with hybrid PQ crypto, 4-tier security model |
See also: Core specification | Profiles overview
npx @dcp-ai/cli initThe interactive wizard (@dcp-ai/cli) walks you through identity creation, key generation, intent declaration, and bundle signing.
A lower-level reference CLI is also available as dcp (from the root dcp-ai package) for scripting and CI/CD pipelines:
npx dcp-ai verify my-bundle.signed.jsonnpm install @dcp-ai/sdkimport { BundleBuilder, KeyManager } from '@dcp-ai/sdk';
const keys = await KeyManager.generate({ algorithm: 'hybrid' });
const bundle = await new BundleBuilder()
.setIdentity({ name: 'my-agent', operator: 'org:example' })
.addIntent({ action: 'query', resource: 'public-api', tier: 'routine' })
.sign(keys)
.build();| Tier | Verification Mode | Use Case |
|---|---|---|
| Routine | Self-declared identity | Public data reads, informational queries |
| Standard | Operator-attested identity + Ed25519 signature | API access, standard agent operations |
| Elevated | Multi-party attestation + hybrid PQ signatures | Financial transactions, PII access, cross-org delegation |
| Maximum | Hardware-bound keys + full PQ suite + anchored audit | Government systems, critical infrastructure, regulated industries |
graph TB
subgraph sdks["SDKs (5 languages)"]
TS["TypeScript SDK"]
PY["Python SDK"]
GO["Go SDK"]
RS["Rust SDK"]
WA["WASM Module"]
end
subgraph integrations["Integrations (11)"]
EX["Express Middleware"]
FA["FastAPI Middleware"]
LC["LangChain"]
OA["OpenAI"]
CR["CrewAI"]
AGNO["Agno (agno-dcp)"]
OC["OpenClaw Plugin"]
W3C["W3C DID/VC Bridge"]
A2A["Google A2A Bridge"]
MCP["Anthropic MCP Bridge"]
AG["AutoGen Bridge"]
end
subgraph tools["Tooling"]
CLI["CLI Wizard"]
PG["Playground"]
TPL["Templates"]
end
subgraph services["Infrastructure Services"]
VER["Verification Server"]
ANC["Anchoring Service"]
TL["Transparency Log"]
REV["Revocation Service"]
end
subgraph infra["Deployment"]
SOL["Smart Contract L2"]
GH["GitHub Actions"]
DK["Docker Compose"]
end
TS --> EX
TS --> OC
TS --> W3C
TS --> A2A
TS --> MCP
TS --> AG
PY --> FA
PY --> LC
PY --> OA
PY --> CR
RS --> WA
CLI --> TS
PG --> WA
TPL --> LC
TPL --> CR
TPL --> OA
TPL --> EX
EX --> VER
FA --> VER
VER --> ANC
VER --> TL
VER --> REV
ANC --> SOL
DK --> VER
DK --> ANC
DK --> TL
DK --> REV
GH --> VER
Create, sign, and verify Citizenship Bundles in your preferred language. All SDKs support DCP v2.0 and post-quantum hybrid cryptography.
| SDK | Package | Features | Docs |
|---|---|---|---|
| TypeScript | @dcp-ai/sdk |
BundleBuilder, hybrid PQ crypto, JSON Schema validation, Vitest | sdks/typescript/ |
| Python | dcp-ai |
Pydantic v2 models, CLI (Typer), PQ extras, optional plugins | sdks/python/ |
| Go | github.com/dcp-ai-protocol/dcp-ai/sdks/go/v2 |
Native types, hybrid signatures, full verification pipeline | sdks/go/ |
| Rust | dcp-ai |
serde, ed25519-dalek + pqcrypto, optional WASM feature | sdks/rust/ |
| WASM | @dcp-ai/wasm |
Browser verification, PQ crypto in WebAssembly, compiled from Rust | sdks/wasm/ |
Drop-in DCP governance for popular AI and web frameworks.
| Integration | Package | Pattern | Docs |
|---|---|---|---|
| Express |  |
dcpVerify() middleware, req.dcpAgent |
integrations/express/ |
| FastAPI |  |
DCPVerifyMiddleware, Depends(require_dcp) |
integrations/fastapi/ |
| LangChain |  |
DCPAgentWrapper, DCPTool, DCPCallback |
integrations/langchain/ |
| OpenAI |  |
DCPOpenAIClient, DCP_TOOLS function calling |
integrations/openai/ |
| CrewAI |  |
DCPCrewAgent, DCPCrew multi-agent governance |
integrations/crewai/ |
| Agno |  |
DCPAgent, DCPTeam, DCPWorkflow wrappers (separate package) |
agno-dcp repo |
| OpenClaw |  |
Plugin + SKILL.md, 6 agent tools | integrations/openclaw/ |
| W3C DID/VC |  |
DID Document ↔ DCP identity bridge, VC issuance | integrations/w3c-did/ |
| Google A2A |  |
A2A Agent Card ↔ DCP identity, task governance | integrations/google-a2a/ |
| Anthropic MCP |  |
MCP Tool ↔ DCP intent mapping, server middleware | integrations/anthropic-mcp/ |
| AutoGen |  |
AutoGen Agent ↔ DCP wrapper, group chat governance | integrations/autogen/ |
Ready-to-use project templates for common frameworks. Each template includes DCP identity, intent policies, and audit logging pre-configured.
| Template | Description | Command |
|---|---|---|
| LangChain | RAG agent with DCP governance | npx @dcp-ai/cli init --template langchain |
| CrewAI | Multi-agent crew with per-agent DCP identities | npx @dcp-ai/cli init --template crewai |
| OpenAI | Function-calling agent with DCP tool governance | npx @dcp-ai/cli init --template openai |
| Express | API server with DCP verification middleware | npx @dcp-ai/cli init --template express |
See templates/ for full source.
An interactive web-based playground for exploring DCP concepts — create identities, declare intents, sign bundles, and verify signatures directly in the browser using the WASM SDK.
# Open in browser
open playground/index.htmlSee playground/ for details.
Backend services for anchoring, transparency, and revocation. These are operational components — not part of the normative core protocol.
| Service | Port | Description | Docs |
|---|---|---|---|
| Verification | 3000 | HTTP API for verifying Signed Bundles | server/ |
| Anchoring | 3001 | Anchor bundle hashes to L2 blockchains | services/anchor/ |
| Transparency Log | 3002 | CT-style Merkle log with inclusion proofs | services/transparency-log/ |
| Revocation | 3003 | Agent revocation registry + .well-known |
services/revocation/ |
Deploy all services with one command:
cd docker && docker compose up -d| Document | Description |
|---|---|
| DCP-01 | Identity & Human Binding |
| DCP-02 | Intent Declaration & Policy Gating |
| DCP-03 | Audit Chain & Transparency |
| DCP-04 | Agent-to-Agent Communication |
| DCP-05 | Agent Lifecycle Management |
| DCP-06 | Digital Succession & Inheritance |
| DCP-07 | Conflict Resolution & Dispute Arbitration |
| DCP-08 | Rights & Obligations Framework |
| DCP-09 | Personal Representation & Delegation |
| DCP-AI v2.0 | Post-Quantum Normative Specification |
| BUNDLE | Citizenship Bundle format |
| VERIFICATION | Verification procedures & checklist |
| DCP Core | Core protocol editorial specification |
| Guide | Description |
|---|---|
| QUICKSTART | General quick start guide |
| QUICKSTART_LANGCHAIN | LangChain integration walkthrough |
| QUICKSTART_CREWAI | CrewAI multi-agent setup |
| QUICKSTART_OPENAI | OpenAI function-calling integration |
| QUICKSTART_EXPRESS | Express middleware setup |
| Document | Description |
|---|---|
| OpenAPI Spec | REST API (OpenAPI 3.1) |
| Protocol Buffers | gRPC service definitions |
| API README | API overview and usage |
| Document | Description |
|---|---|
| TECHNICAL_ARCHITECTURE | System architecture for global-scale deployment |
| SECURITY_MODEL | Threat model, attack vectors, protection layers |
| STORAGE_AND_ANCHORING | P2P storage, optional blockchain anchoring |
| Guide | Description |
|---|---|
| AGENT_CREATION_AND_CERTIFICATION | P2P agent creation flow, DCP certification |
| OPERATOR_GUIDE | Running a verification service |
| MIGRATION_V1_V2 | Migrating from DCP v1.0 to v2.0 |
| Document | Description |
|---|---|
| NIST_CONFORMITY | NIST post-quantum cryptography conformance |
| ROADMAP | Project evolution roadmap |
| Document | Description |
|---|---|
| EARLY_ADOPTERS | Early adopter program and case studies |
| CONTRIBUTING | Contribution guidelines |
| GOVERNANCE | Project governance model |
| Document | Description |
|---|---|
| GENESIS_PAPER | Founding whitepaper |
DCP v2.0 employs a hybrid cryptographic architecture for quantum-resistant security. Algorithm selection and crypto-agility are governed by the Crypto Profile.
| Algorithm | Standard | Purpose |
|---|---|---|
| Ed25519 | RFC 8032 | Classical digital signatures |
| ML-DSA-65 | FIPS 204 | Post-quantum digital signatures (Dilithium) |
| ML-KEM-768 | FIPS 203 | Post-quantum key encapsulation mechanism (Kyber) |
| SLH-DSA-192f | FIPS 205 | Hash-based backup signatures (SPHINCS+) |
| X25519 + ML-KEM-768 | Hybrid | Combined classical + PQ key exchange |
| SHA-256 + SHA3-256 | FIPS 180-4 / FIPS 202 | Dual hash chains for audit integrity |
dcp-ai-genesis/
├── spec/ # Normative specifications (DCP-01 through DCP-09, v2.0)
│ ├── core/ # DCP Core editorial specification
│ └── profiles/ # Profile specifications (crypto, a2a, governance)
├── schemas/ # JSON Schemas (draft 2020-12, v2 includes DCP-05–09)
├── tools/ # Validation, conformance, crypto + Merkle helpers
├── tests/ # Conformance tests and fixtures
├── bin/dcp.js # Reference CLI
├── cli/ # Interactive CLI wizard (@dcp-ai/cli)
├── sdks/
│ ├── typescript/ # TypeScript SDK (@dcp-ai/sdk)
│ ├── python/ # Python SDK (dcp-ai)
│ ├── go/ # Go SDK
│ ├── rust/ # Rust SDK (dcp-ai)
│ └── wasm/ # WASM module (@dcp-ai/wasm)
├── integrations/
│ ├── express/ # Express middleware
│ ├── fastapi/ # FastAPI middleware
│ ├── langchain/ # LangChain integration
│ ├── openai/ # OpenAI integration
│ ├── crewai/ # CrewAI integration
│ ├── openclaw/ # OpenClaw plugin
│ ├── w3c-did/ # W3C DID/VC bridge
│ ├── google-a2a/ # Google A2A bridge
│ ├── anthropic-mcp/ # Anthropic MCP bridge
│ └── autogen/ # Microsoft AutoGen bridge
├── templates/ # Framework templates (langchain, crewai, openai, express)
├── playground/ # Web-based interactive playground
├── server/ # Reference verification server
├── services/
│ ├── anchor/ # Blockchain anchoring service
│ ├── transparency-log/ # CT-style Merkle transparency log
│ └── revocation/ # Agent revocation registry
├── contracts/ethereum/ # DCPAnchor.sol for EVM L2
├── docker/ # Docker Compose + multi-stage Dockerfile
├── api/ # OpenAPI 3.1 + Protocol Buffers (gRPC)
├── docs/ # All documentation
└── .github/ # CI/CD workflows + reusable GitHub Actions
# Install dependencies
npm install
# Run tests
npm test
# Run protocol conformance suite
npm run conformance
# Start verification server (port 3000)
npm run serverWe welcome contributions from both humans and AI agents.
- Read the Contributing Guide for development workflow and standards.
- See Governance for decision-making processes and roles.
If you use DCP-AI in your research, please cite both the paper (the conceptual framework) and the software release (the specific implementation you used).
Paper
Naranjo Emparanza, D. (2026). Agents Don't Need a Better Brain — They Need a World: Toward a Digital Citizenship Protocol for Autonomous AI Systems. Zenodo. https://doi.org/10.5281/zenodo.19040913
Software (v2.0.2)
Naranjo Emparanza, D. (2026). DCP-AI v2.0.2 — Digital Citizenship Protocol for AI Agents (Reference Implementation). Zenodo. https://doi.org/10.5281/zenodo.19656026
See CITATION.cff for a machine-readable format.
"This protocol was co-created by a human and an AI agent — the first protocol designed for AI digital citizenship, built by the very collaboration it seeks to govern."