An open standard, built in stages.
The commercial logic is simple, and we'd rather state it plainly: the standard opens so anyone can adopt and verify agent identity without lock-in. The infrastructure that operates it at scale, and the tenants built on it, are commercial. Nothing about verifying a VAID depends on paying us.
The standard, and its reference signers.
VAID is an interoperability contract, so the open scope is the contract itself, its Rust and Python reference SDKs, and an open reference mint. It is released and available under Apache-2.0.
The VAID standard
One canonicalization path – RFC 8785 JCS → SHA-256 → Ed25519 over the digest – plus the exact request payload that gets signed and the identity types it binds. The byte-level specification, written as code.
vaid-pop · vaid-client · vaid-mint
The proof-of-possession primitive, the reference client that turns a VAID and a key into the four signed headers a request carries, and the reference mint – none of them reimplement the canonicalization.
vaid-pop · vaid-mint · vaid-langchain
The Python reference signer, the reference mint, and a LangChain request-signing adapter – the same proof-of-possession contract, mirroring the Rust path exactly and locked to the same frozen conformance vector. The signer depends only on cryptography and rfc8785.
It's all public now. Source: github.com/solara-associates/vaid
cargo add vaid-pop cargo add vaid-client cargo add vaid-mint
pip install vaid-pop pip install vaid-mint pip install vaid-langchain
The repos are public. Three concrete ways to start.
Verify a signed action today
The live verification demo runs the real proof-of-possession path in your browser – RFC 8785 JCS, SHA-256 and Ed25519 – against the standard's frozen conformance vector. Tamper with the request and watch it reject. That's the whole verification contract, working, with nothing installed.
See how interop is proven
The guarantee isn't a claim about a document. Two reference SDKs, in Rust and Python, reproduce the same SHA-256 digest and the same Ed25519 signature from the same fixed inputs, with no shared runtime between them. A conforming third implementation that hits the same vector is byte-compatible by definition.
Get the code, shape what's next
Get the code. The spec, reference signers, and SDKs are public now: github.com/solara-associates/vaid. Get on the list to shape what comes next.
Direction, not a committed timeline.
The standard follows the pattern containers did. These are stages worth thinking about, not dated promises.
Spec + reference SDKs
The canonicalization standard and the Rust and Python reference signers are open under Apache-2.0 – published on crates.io and PyPI. Enough to produce and verify a VAID with no service in between.
More libraries, conformance tooling
Additional client libraries and public conformance tooling open as adoption grows, so any implementation can prove itself against the frozen vector.
Neutral governance
A path to neutral stewardship for the standard itself – the Docker → Kubernetes → CNCF pattern – so no single vendor owns it. Framed as direction, not commitment.
SYNTHERA is the trust layer for multi-agent systems: every agent gets a verifiable identity, scoped authority and a tamper-evident record, so software from different teams, vendors and frameworks can act on each other’s behalf without custom glue between every pair.
Join the first cohort shaping the VAID spec.
The repositories are public — get on the list to help shape the standard before it freezes.