Loading...
private.me Docs
Get SuperAGI xLink
private.me · AI Framework Integration

SuperAGI Agents Without Credentials

Eliminate API keys and credentials for autonomous SuperAGI agents. Ed25519-based identity, XorIDA threshold sharing, enterprise compliance. Deploy CI/CD agents without credential rotation.

<1ms
Agent Creation
Zero
API Keys
100+
Concurrent Agents
~25ms
Execution
v0.1.0 SuperAGI Compatible Ed25519 DIDs XorIDA Threshold Sharing Enterprise Ready
Credential Crisis

The Problem: Credentials Everywhere

Traditional CI/CD with autonomous SuperAGI agents requires storing API keys in pipeline environments. When employees access these keys, they can be stolen or leaked, compromising your entire infrastructure.

CASCADING FAILURE
Traditional Flow: API keys stored in pipeline → Employees access keys → Keys stolen/leaked → Attacker compromises infrastructure → 500+ agents must restart simultaneously

Core Issues

Threat Traditional Approach Impact
API Key Theft Leaked keys compromise system Critical vulnerability
Token Expiry Cascade 500+ agents restart Service disruption
Credential Rotation Manual process Operational burden
Audit Trail Limited logs Compliance gap
Compliance Verification Manual reports Audit overhead
Cryptographic Identity

The Solution: Zero-Credential Agents

SuperAGI xLink eliminates credentials entirely. Agents use Ed25519-based DIDs for authentication and XorIDA threshold sharing for secure multi-step execution. No API keys, no tokens, no passwords.

XLINK APPROACH
New Flow: Agents have Ed25519 DIDs → No stored credentials → Identity can't be stolen → Cascading failures eliminated → Compliance achieved

Business Impact

🔐
Security
Eliminates Credential Sprawl
No API keys, tokens, or passwords in your infrastructure
Zero Secret Management
Reliability
Zero Cascading Failures
No token expiry events that restart hundreds of agents
High Availability
📋
Compliance
Enterprise Compliance
Audit logs, identity verification, key escrow support
SOC 2 Ready
🚀
Operations
DevOps at Scale
Deploy agents without credential rotation overhead
Fast Onboarding
15 Seconds to Production

Quick Start

Create a SuperAGI agent with xLink identity in under 15 seconds. No configuration files, no API keys, no OAuth flow.

INSTALL
# Install with npm
npm install @private.me/superagi-xlink

# Or with pnpm
pnpm add @private.me/superagi-xlink
CREATE AGENT
import { SuperAGIXLinkAgent } from '@private.me/superagi-xlink';

// Create agent (generates identity automatically)
const agent = new SuperAGIXLinkAgent({
  name: 'DeploymentAgent',
  role: 'CI/CD Deployment',
  goals: ['Build', 'Test', 'Deploy'],
});

// Initialize
await agent.initialize();
console.log(`Agent DID: ${agent.getDID()}`);

// Run autonomous task
const result = await agent.execute({
  action: 'deploy',
  environment: 'production',
});

if (result.ok) {
  console.log(`✓ Deployment complete (${result.value.stepsCompleted} steps)`);
}
THAT'S IT
No API keys. No OAuth. No configuration files. The agent generates its own Ed25519 identity and is immediately ready for production use.
Real-World Applications

Use Cases

CI/CD Pipelines

Deploy autonomous CI/CD agents without credential management.

CI/CD AGENT
const buildAgent = new SuperAGIXLinkAgent({
  name: 'CI/CD Build',
  role: 'Automated Build',
  goals: ['Checkout', 'Build', 'Test', 'Package'],
});

const result = await buildAgent.execute({
  repository: 'https://github.com/...',
  branch: 'main',
});

DevOps Orchestration

Multi-agent DevOps orchestration with automatic coordination.

MULTI-AGENT ORCHESTRATION
const orchestrator = new SuperAGIXLinkAgent({
  name: 'DevOps Orchestrator',
  role: 'Infrastructure Automation',
  goals: [
    'Monitor infrastructure',
    'Scale services',
    'Handle incidents',
  ],
});

// Agents authenticate to each other via DIDs
await agent1.send(agent2.getDID(), { task: 'deploy' });

Enterprise Compliance

Compliance agents with audit trails and regulatory requirements.

COMPLIANCE AGENT
const complianceAgent = new SuperAGIXLinkAgent({
  name: 'Compliance Agent',
  role: 'Security & Compliance',
  goals: ['Audit', 'Verify', 'Report'],
});

const result = await complianceAgent.execute({
  auditType: 'SOC2',
  domain: 'production',
});

// Audit trail available
console.log(result.value.auditLog);
Pricing

Purchase & Subscription

Start with a 3-month trial. No credit card required. Scale from tool authentication to air-gapped deployments.

Standard pricing: $5/month Basic • $10/month Middle • $15/month Enterprise

Subscription Tiers

Basic

$5/mo
• SuperAGI integration
• Tool authentication
• Agent security
• Ed25519 DIDs
• Basic audit logs

Middle

$10/mo
• Everything in Basic
• Advanced tool policies
• Custom agent controls
• XorIDA threshold sharing
• Enhanced audit trails
ENTERPRISE

Enterprise

$15/mo
• Everything in Middle
• Air-gapped deployment
• White-label branding
• Enterprise registry
• Key escrow support
• SOC 2 compliance
• Priority support
Volume Discounts: 10-30% off for 5+ ACIs
Annual Prepay: Additional 10-15% discount
Start Free Trial
3-month trial • No credit card required

Purchase API

Programmatic subscription management for automation platforms.

SUBSCRIBE VIA API
POST https://private.me/aci/checkout

{
  "product": "superagi-xlink",
  "tier": "enterprise",
  "quantity": 1,
  "customer_email": "devops@company.com"
}

// Returns Stripe Checkout URL
{
  "checkout_url": "https://checkout.stripe.com/..."
}
RFC 7807 ERRORS
Structured error responses follow RFC 7807 Problem Details standard with instance IDs and field-level validation.
Developer API

API Reference

SuperAGIXLinkAgent

Main agent class for autonomous execution with cryptographic identity.

new SuperAGIXLinkAgent(options: AgentOptions)
Create a new autonomous agent with Ed25519 DID.
CONSTRUCTOR
const agent = new SuperAGIXLinkAgent({
  name: 'MyAgent',           // Agent name
  role: 'My Role',           // Agent role
  goals: ['Goal1', 'Goal2'], // Agent goals
  maxIterations: 25,         // Max execution steps
  verbose: true,             // Enable logging
});

Methods

async initialize(): Promise<Result<void, Error>>
Initialize the agent for execution. Generates identity if not provided.
getDID(): string
Get the agent's decentralized identifier (DID).
async execute(payload: Record<string, unknown>): Promise<Result<ExecutionResult, Error>>
Execute an autonomous task. Returns execution result with steps completed and audit log.
async send(recipientDID: string, payload: Record<string, unknown>): Promise<Result<AgentMessage, Error>>
Send a signed message to another agent via DID.
getAuditLog(): Array<AuditEntry>
Get the execution audit log with timestamped entries.

SuperAGIToolkit

Toolkit for xLink-aware tools with identity provider integration.

TOOLKIT USAGE
const toolkit = new SuperAGIToolkit(identityProvider);

// Call built-in tools
const identity = await toolkit.call('get-identity', {});
const message = await toolkit.call('send-message', {
  to: 'did:key:...',
  message: { data: 'test' },
});

// Register custom tools
toolkit.register({
  name: 'my-tool',
  description: 'My custom tool',
  inputSchema: { /* ... */ },
  execute: async (input, provider) => {
    return ok(result);
  },
});

Built-in Tools

Tool Description
get-identity Get current agent identity and DID
send-message Send signed message to another agent
verify-message Verify a message signature
get-task-status Get autonomous task status
register-with-registry Register agent with enterprise registry

SuperAGIIdentityProvider

Identity provider for Ed25519-based DIDs.

IDENTITY PROVIDER
const provider = new SuperAGIIdentityProvider();

console.log(provider.getDID());      // did:key:z6Mk...
console.log(provider.getIdentity()); // { did, seed, publicKey, ... }
System Design

Architecture

Design Principles

Principle 1
Zero Credentials
Agents authenticate via cryptographic identity, not bearer tokens
Principle 2
Autonomous Execution
Built-in execution loop with automatic audit trails
Principle 3
Enterprise Ready
Compliance, audit logs, key escrow support out of the box
Principle 4
Simple API
15-second setup, no configuration files required
Principle 5
Secure by Default
XorIDA threshold sharing, HMAC verification standard
Principle 6
Framework Native
Deep SuperAGI integration with toolkit compatibility

Component Model

ARCHITECTURE LAYERS
┌─────────────────────────────────────────┐
│       SuperAGIXLinkAgent                 │
│  (Autonomous agent with xLink identity)  │
├─────────────────────────────────────────┤
│  SuperAGIIdentityProvider                │
│  (Ed25519 DID, cryptographic signing)    │
├─────────────────────────────────────────┤
│  SuperAGIToolkit                         │
│  (Identity-aware tools for agents)       │
├─────────────────────────────────────────┤
│  @private.me/xlink                       │
│  (Core identity & authentication)        │
└─────────────────────────────────────────┘

Message Flow

AGENT COMMUNICATION
Agent1: DID = did:key:z6Mk...
        ├─ initialize()
        ├─ execute(task)
        │  ├─ Run autonomous loop
        │  ├─ Create audit log
        │  └─ return ExecutionResult
        └─ send(did:key:z6Mk...@Agent2, message)
           ├─ Sign message (Ed25519)
           ├─ Create AgentMessage
           └─ return signed message

Agent2: Receive message
        ├─ Verify signature
        ├─ Extract payload
        └─ Process task
Security Model

Security

Threat Model

Threat Traditional xLink
API Key Theft Leaked keys compromise system No keys to steal
Token Expiry Cascade 500+ agents restart No tokens
Credential Rotation Manual process Cryptographic identity
Audit Trail Limited logs Ledger-based audit log
Compliance Verification Manual reports Automated verification

Cryptography

Ed25519
Digital Signatures
XorIDA
Threshold Sharing
SHA-256
HMAC Verification
256-bit
Entropy Seeds

Best Practices

SECURITY CHECKLIST
1. Never log DIDs — DIDs are identity, not secrets, but handle responsibly
2. Verify signatures — Always verify agent messages before processing
3. Use HTTPS — Transport security for message delivery
4. Rotate identities — Create new agent instances for key rotation
5. Audit everything — Monitor agent execution and message logs
Benchmarks

Performance

Operation Benchmarks

Operation Duration Notes
Agent Creation <1ms Identity generated synchronously
initialize() <1ms Prepare for execution
execute() ~25ms 25 iterations (configurable)
send() ~5ms Ed25519 signing + message creation
verify() <1ms HMAC verification

Scalability

100+
Concurrent Agents
1000+
Messages/Second
500+
Steps per Agent
TTL
Audit Log Retention
Enterprise Features

Enterprise Deployment

Air-Gapped Deployment

Deploy agents in air-gapped environments with offline identity generation and local registry.

ENTERPRISE TIER
Air-gapped support: Generate identities offline, deploy without internet access, sync audit logs later. Full enterprise registry for capability discovery.

Key Escrow Support

Optional key escrow for enterprise compliance and disaster recovery.

Compliance Features

SOC 2
Audit Trail
Ledger-based audit logs for every agent action
Type II Ready
ISO 27001
Identity Verification
Cryptographic identity for access control
Certified
GDPR
Data Minimization
No PII in agent identity or audit logs
Compliant
HIPAA
Encrypted Execution
XorIDA threshold sharing for sensitive tasks
BAA Available