Expand description
§SIGIL — Sovereign Identity-Gated Interaction Layer
An open protocol for securing AI agent-to-tool interactions.
SIGIL defines traits (interfaces) for:
- Identity — binding users to trust levels
- Scanning — detecting sensitive content before it enters agent context
- Vault — encrypted storage for intercepted secrets
- Audit — tamper-evident logging of all security events
- Policy — permission and rate-limiting enforcement
Implement these traits with your own backends (regex, HSM, LDAP, etc.) to add SIGIL-compliant security to any agent system.
§Quick Start
use sigil_protocol::{SensitivityScanner, AuditLogger, IdentityProvider, SecurityPolicy};
// Implement these traits with your own backendsRe-exports§
pub use audit::AuditEvent;pub use audit::AuditEventType;pub use audit::AuditLogger;pub use identity::IdentityBinding;pub use identity::IdentityProvider;pub use identity::TrustLevel;pub use policy::RiskLevel;pub use policy::SecurityPolicy;pub use scanner::SensitivityScanner;pub use sigil_envelope::SigilEnvelope;pub use sigil_envelope::SigilKeypair;pub use sigil_envelope::Verdict;pub use vault::VaultEntry;pub use vault::VaultProvider;
Modules§
- audit
- Audit — tamper-evident logging of all security events.
- identity
- Identity — binding users to trust levels.
- mcp_
server - Reference SIGIL MCP Server.
- policy
- Policy — permission and rate-limiting enforcement.
- registry
- Remote pattern fetching from the SIGIL community registry.
- scanner
- Sensitivity scanning — detect sensitive content before it enters agent context.
- sigil_
envelope - SIGIL Envelope — per-message DID-bound cryptographic signing.
- vault
- Vault — encrypted storage for intercepted secrets.