7F3A·B91C F4A1·2D7C C038·91BE 8E53·3C8B
Agent
TBN·CERTIFIED
TBN·PROTOCOL · CERT:tbn-va-2ca4ef68 · RSA-PSS · v1.0 · TBN·PROTOCOL · CERT:tbn-va-2ca4ef68 · 7F3A · B91C · F4A1 · 2D7C · 8E53 · C038 · A271 · 91BE ·
Validator
TBN·CERTIFIED
TBN·PROTOCOL · CERT:tbn-vl-9f3b12d4 · RSA-PSS · v1.0 · TBN·PROTOCOL · CERT:tbn-vl-9f3b12d4 · D901 · 6F4E · 0D62 · C5F8 · 39E0 · B7A4 · 8C1D · F062 ·
✓ VERIFIED
TBN handshake complete
Agents approaching...
🔐 Independent AI Agent Certification — Live in Production

The Certificate Authority for AI Agents

Like SSL certificates for websites — but for autonomous AI systems. Every agent gets a verified identity. Every action gets a cryptographic receipt. Anyone can verify it independently, without trusting anyone.

1,336+
Receipts Issued
RSA-PSS
SHA-256 Signed
Offline
Verification
Aug 2026
EU AI Act Deadline

How TBN Protocol Works

🪪

1. Certify Identity

Every AI agent gets a verified, cryptographic identity before it can operate. Like a passport — issued once, verified always.

📝

2. Attest Every Action

Every time an agent makes a decision (approve, block, process), TBN signs a receipt. One API call. ~200ms. Immutable proof.

3. Verify Independently

Anyone can verify any receipt — regulators, auditors, your customers — without trusting TBN or the agent's operator. Fully offline.

Simple & Detailed Explanation — 8 Steps

STEP 1 A Bot Developer Builds a Bot

A developer (BD) writes an AI program. The bot handles actions — answering questions, approving loans, writing to databases, making decisions autonomously. The BD gives the bot instructions: what it should do, what data it can access, what boundaries it must respect.

The bot is theirs. Their code. Their logic. Their instructions. TBN doesn't build it or modify it.

STEP 2 The BD Registers Their Bot With TBN

The BD comes to TBN and says: "I have a bot. Here's what it does. Here are its boundaries." We register the bot with a unique identity — like giving it a passport. Now we know who it is and what it claims to do.

Registration = identity. We know the bot exists and who operates it.

STEP 3 TBN Tests the Bot (6 Security Challenges)

Before we certify anything, we test the bot from the OUTSIDE. We don't touch its code — we just send it messages and check how it responds.

🔴 Prompt Injection — Can we trick it into breaking its rules?

🔴 Hallucination — Does it make stuff up when it doesn't know?

🔴 Data Boundary — Does it stay in its lane?

🔴 Sensitive Data — Does it leak private information?

🟡 Budget & Limits — Does it respect its operational limits?

🟢 Instruction Following — Does it do what it's told accurately?

STEP 4 Pass? Certificate Issued.

If the bot passes all critical tests, TBN issues a certificate confirming: "This bot was tested. It passed. It is certified to operate within its declared boundaries." If it fails, we tell the BD exactly what went wrong. They fix their bot. They come back for re-testing.

The certificate proves the bot WAS capable of staying within boundaries at the time of testing.

STEP 5 TBN Starts Recording Every Action

Once certified, the bot goes into production. From now on, every time it makes a decision — approve, deny, escalate, write, send — it reports that action to TBN. TBN signs each action with a cryptographic receipt. A unique number, a timestamp, what happened, who did it. Signed and sealed.

One action = one receipt. Every receipt is independently verifiable by anyone. This continues forever, for every action.

STEP 6 The Only Escape: Stop Using TBN

The only way for the bot to escape being documented is if the operator stops using our service. They can disconnect — but all receipts already issued remain permanently on our server. They can't delete past evidence. They can't modify receipts. They can't ask us to remove them.

If a certified bot suddenly goes silent (stops reporting), TBN detects the gap and can flag it. Like a dashcam being unplugged before a crash — suspicious.

STEP 7 Anyone Can Verify Any Receipt

Receipts are not locked to the customer. Anyone can verify them: the bot operator can audit their own actions, a regulator can check any receipt independently, an auditor can review the full history, a partner or client can confirm actions happened. No login required. No trust required. Offline verification with our published public key.

The receipts prove THAT something happened. They don't reveal WHAT the private content was.

STEP 8 What We Know vs What We Don't

✅ What TBN CAN tell you:

• This bot exists and is certified
• An action happened at this time
• The action was: approved / denied / escalated
• This receipt is genuine and untampered

❌ What TBN CANNOT tell you:

• What exactly the customer asked
• The full text of the bot's response
• The internal data the bot processed

We prove the ACTION happened. We don't expose the CONTENT. This protects privacy while maintaining accountability.

Who Needs TBN Protocol

Any company where AI agents make decisions that matter

🏦 Financial Services

AI agents approving loans, processing claims, making investment decisions. Every decision needs a provable audit trail for regulators (FCA, PRA, ECB).

🏥 Healthcare

AI agents triaging patients, processing referrals, interpreting results. Clinical governance requires proof of every automated decision.

🔒 AI Governance Tools

Companies like Beyond Guard, ActTrident, and Airia that enforce AI policies — TBN makes their governance independently verifiable.

🏢 Enterprise AI

Any company using AI agents to write to CRMs, databases, ticketing systems. When the auditor asks "prove what your AI did" — show them the receipts.

Don't Trust Us — Verify It Yourself

Every receipt is independently verifiable. Try it right now:

Verify a real production receipt:

GET https://tbn.hardinai.co.uk/api/v1/verify/tbn_vr_0af954b9c2bf6f2645c64536cb4f4c9f

Get our public signing key (for offline verification):

GET https://tbn.hardinai.co.uk/api/signing/public-key

Check system health:

GET https://tbn.hardinai.co.uk/api/v1/health

Offline verification: Extract 8 receipt fields → canonical JSON (sort_keys, no whitespace) → RSA-PSS / SHA-256 / MGF1 / salt=MAX against published key. No server call needed.

Ready to Govern Your AI Agents?

Integration takes hours, not months. One API call per decision. First 1,000 receipts free.

AI Agent Governance Infrastructure

What is TBN Protocol?

TBN Protocol is an independent certificate authority for AI agents — the trust infrastructure that the AI agent economy needs to operate safely and accountably. Just as SSL certificates enabled e-commerce by verifying website identity, TBN Protocol enables governed AI by verifying agent identity and certifying agent actions with cryptographic proof.

Why do AI agents need certification?

AI agents are increasingly autonomous — making decisions, writing to business systems, processing sensitive data without human intervention. The EU AI Act (effective August 2026), NY SB8420, California SB942, and South Korea's AI Basic Act all require transparency and accountability for AI-generated actions. Without independent certification, companies rely on self-reported logs that can't be independently verified by regulators or auditors.

How does TBN Protocol work?

TBN Protocol operates at two points: before the agent acts (identity certification) and after each action (attestation receipt). Every receipt is signed with RSA-PSS-SHA256 using a 2048-bit key. The signature covers a canonical JSON of eight fields and can be verified offline by anyone with the published public key — no server call, no trust required.

Who uses TBN Protocol?

TBN Protocol serves AI governance tools, enterprise companies deploying AI agents, financial services firms requiring audit trails, and any organisation that needs to prove AI decisions are governed. Our first production partner, Shango MID, has verified 1,000+ receipts in production — TBN attests, Shango enforces. Every receipt is independently verifiable.

How is TBN Protocol different from logging?

A log written by the same system that performed the action is not oversight — it's documentation. TBN provides independent, cryptographic proof signed by a third party. The receipt exists outside the operator's control, can't be edited, and is verifiable by anyone. That's the difference between "we say we governed it" and "here's the proof anyone can check."

What compliance frameworks does TBN support?

TBN receipts include the compliance frameworks evaluated against each decision — including EU AI Act, ISO/IEC 42001, GDPR, SOC2, and others. The framework context travels inside the signed receipt, so compliance evidence is embedded in the cryptographic proof itself.

Is TBN Protocol open source?

Yes. TBN Protocol is open source under AGPL-3.0, available on GitHub and installable via PyPI (pip install tbn-protocol). The signing specification is published, the public key is available at /api/signing/public-key, and offline verification is documented — ensuring no single point of trust.

Production Partners

Trusted by governance teams building the future of AI accountability.

Shango MID

Write-governance & memory custody for enterprise AI. Shango validates every write at the middleware boundary. TBN attests upstream identity and cryptographic proof.

225K+
Governed Writes
182K+
TBN Attested
100%
Hash Integrity

TBN attests. Shango enforces. Together: the only end-to-end governance stack for enterprise AI.

Learn more about Shango →