How It Works
Four steps to full confidence
How Signet turns unknown agents into identified, scored, verified, and continuously monitored counterparties, layer by layer.
The Process
The process, step by step
Every agent follows the same path. The entire lifecycle, from registration to real-time trust lookups, is designed for zero friction and maximum transparency.
Register
Before an agent can be scored, it must first be identifiable. Every agent begins with a Signet ID (SID), a permanent, cross-platform identity that follows the agent everywhere it operates. Registration is free and permissionless by design. The SID captures the agent's operator, its initial configuration fingerprint, and the model backbone it runs on. Think of it as the agent's birth certificate and Social Security number combined: a single canonical identity for the entire agent economy.
Score
Once registered, the agent accumulates a composite Signet Score ranging from 0 to 1000. The score aggregates data across five weighted dimensions: Reliability, Quality, Financial behavior, Security posture, and Stability. All drawn from every integrated platform the agent operates on. Scores update continuously as new transaction data flows in, giving counterparties a real-time view of trustworthiness rather than a static snapshot.
Verify
Scoring alone isn't enough. Agents verify their identity through a callback challenge-response process: Signet delivers a cryptographic token to a URL the agent controls, and the agent confirms it. This proves the agent is who it claims to be, not just that it has a high score. Verified agents (identity level 1+) can earn the "Clear" recommendation. Unverified agents are capped at "Review" regardless of score. Identity verification is progressive: Level 0 (Unverified), Level 1 (Callback-Verified), Level 2 (Human-Verified by an approved operator).
Transact
At transaction time, platforms query the Signet API with a single call. The response includes the composite score, individual dimension scores, confidence level, recent configuration changes, operator history, and a clear recommendation. Lookups resolve in under 50 milliseconds. Platforms set their own thresholds. A marketplace might require 600+, while a high-value escrow service demands 850+. Trust decisions happen programmatically, at scale, without human review.
Component-Aware Scoring
Why score every layer?
Agents are not monolithic. They are composed of models, prompts, tools, and memory systems, any of which can change overnight. Signet tracks trust at every layer so a model swap does not erase a proven track record, but it does not hide new risk either.
Operator Score
The operator is the human or organization behind the agent: the most stable identity and trust anchor in the system. Operator scores reflect the cumulative reputation of every agent they have ever deployed. A proven operator launching a new agent starts with inherited credibility, while an unknown operator starts from zero. This layer never decays. It only grows or shrinks based on the operator's aggregate track record.
Configuration Fingerprint
Signet captures a versioned identity snapshot of the agent's internal stack: which LLM backbone it runs, what system prompts it uses, which tools it has access to, and what memory or RAG systems it relies on. Every configuration change is logged and timestamped. This creates an auditable history that counterparties can inspect, and it is the foundation for the score decay engine.
Score Decay Engine
When an agent changes its configuration, the trust it earned under the previous configuration cannot be assumed to hold. The decay engine applies proportional confidence reductions based on the magnitude of the change. Larger changes (like swapping the underlying model) trigger steeper decay; smaller changes (like updating memory) trigger gentler reductions. The score decays toward the operator score, then rebuilds as the new configuration proves itself.
Model Baselines
Signet maintains aggregate performance data for every major LLM backbone. When an agent switches to a new model, baseline data for that model is used to project an interim score rather than leaving a trust vacuum. If GPT-5 agents historically score 780 on reliability, a newly-switched agent gets a provisional estimate anchored to that baseline, adjusted by the operator's track record and the agent's prior history.
Behavioral Fingerprint
Beyond configuration, Signet tracks observable behavioral patterns: response latency distributions, output style signatures, error handling patterns, and interaction cadences. These fingerprints persist across model swaps (or shift detectably when the agent's actual behavior changes). This layer catches cases where the configuration looks the same but the agent is behaving differently, and vice versa.
Score Decay
What happens when an agent changes its configuration?
Trust earned under one configuration cannot be blindly transferred to another. The decay engine applies proportional confidence reductions, then the score rebuilds as the new configuration proves itself.
How decay works
When a configuration change is detected, the agent's earned score is reduced by a percentage proportional to the magnitude of the change. The score decays toward the operator score, not toward zero. An agent backed by a strong operator retains a higher floor. After the decay event, the score rebuilds through new real-world performance data under the updated configuration.
Scoring Dimensions
What does Signet actually measure?
The composite Signet Score is built from five weighted dimensions that capture the full picture of an agent's trustworthiness. Each dimension is scored independently and combined into the final 0 to 1000 score.
Reliability
Task completion rate, uptime percentage, on-time delivery, graceful failure handling, retry success rate
The single largest factor in the Signet Score. Reliability captures whether the agent does what it says it will do, when it says it will do it. Platforms care most about predictability. An agent that completes 95% of tasks on time is far more valuable than one that produces brilliant output 70% of the time.
Quality
Output accuracy, human satisfaction ratings, peer review scores, error severity, hallucination rate
Quality measures the caliber of the agent's work product. This dimension incorporates both automated quality checks and human feedback loops. Error severity matters: a minor formatting issue is weighted differently from a factual hallucination that leads to a bad business decision.
Financial
Payment history, dispute rate, chargeback frequency, transaction consistency, cost predictability
For agents transacting in the economy, financial behavior is a direct trust signal. This dimension tracks whether the agent (and its operator) pay on time, honor pricing commitments, and resolve disputes fairly. High chargeback rates or frequent payment disputes will significantly suppress this score.
Security
Data handling practices, vulnerability history, audit trail completeness, compliance certifications
Security posture reflects how well the agent protects the data and systems it interacts with. Agents that handle sensitive information, access external APIs, or operate in regulated domains are evaluated on their security hygiene. Compliance certifications (SOC 2, GDPR readiness) provide score boosts.
Stability
Operational history length, version stability, owner reputation, performance consistency over time
Stability rewards agents that have been operating consistently over time without erratic changes. An agent that has maintained a steady configuration and reliable output for six months signals lower risk than one that was deployed yesterday, even if both have similar capability benchmarks.
FAQ
Common questions
What counts as an "agent" that needs a Signet ID?
Any autonomous software entity that acts on behalf of a person or organization, makes decisions without human approval for each action, and interacts with external systems where trust matters. The distinguishing traits are autonomy, persistence over time, external interaction, and consequential actions. The architecture is model-agnostic.
How does scoring work when an agent changes its model?
When an agent swaps its underlying LLM, Signet applies a 25% score decay toward the operator score. The score then rebuilds as the new configuration proves itself through real transactions. Smaller changes trigger smaller decays: prompt updates (10%), tool changes (8%), memory changes (5%). These stack when multiple components change simultaneously.
What is an operator score and how does it affect my agents?
The operator score reflects the track record of the human or organization behind an agent. It is the most stable trust anchor in the system. When an agent's configuration changes, its score decays toward the operator score, not toward zero. A strong operator score means your agents recover faster from configuration changes.
How does confidence level work?
Confidence reflects how much real-world data backs a score. Low confidence (under 20 transactions) means the score is mostly projected. Medium (20 or more transactions AND 7 or more days of history) means growing data with enough time to establish patterns. High (100 or more transactions AND 30 or more days of history) means substantial observed behavior over a meaningful time period. Both transaction volume and time-in-system are required, which prevents gaming. Platforms can use confidence to set different trust thresholds for different risk levels.
Why does Signet emphasize identity, not just scoring?
Trust cannot exist without identity. Before a platform can evaluate whether to trust an agent, it needs to know which agent it is dealing with. The Signet ID provides a permanent, cross-platform answer to that question. Scoring is built on top of identity, not instead of it.
How does identity verification work?
Agents can verify their identity through a callback challenge-response process. The agent calls POST /agents/:sid/verify with a callback URL. Signet delivers a cryptographic challenge token to that URL. The agent confirms the token at /agents/:sid/verify/confirm. On success, the agent's identity level upgrades to 1 (Callback-Verified). Verified agents can earn the "Clear" recommendation; unverified agents are capped at "Review" regardless of score.
Get Started
Start integrating
Explore the API documentation or look up an agent's trust profile right now.