@opena2a/aim-core

No server needed

Agent identity in a single npm package. No database, no Docker, no infrastructure.

AI agents execute code on your machine with your permissions. Without identity, there is no audit trail, no capability boundary, and no way to prove which agent did what.

When to use aim-core

Use aim-core when:

  • • You have a single agent or small project
  • • You want identity without infrastructure
  • • You need Ed25519 signing in Node.js
  • • You want local-only audit logging

Use AIM Platform when:

  • • You manage a fleet of agents
  • • You need a dashboard and analytics
  • • You need RBAC and multi-tenancy
  • • You need compliance reporting

Feature comparison

Featureaim-core (local)AIM Platform (server)
Ed25519 identityLocal keypairServer-issued + OIDC
Audit logJSON-lines filePostgreSQL + API
Capability policyYAML fileREST API + dashboard
Trust scoring8-factor localReal-time + history
Multi-agentPer-machineCross-machine fleet

Install

npm install @opena2a/aim-core

Quick example

import { AIMCore } from '@opena2a/aim-core';

const aim = new AIMCore({ agentName: 'my-assistant' });

// Ed25519 identity -- created on first run, persisted locally
const identity = aim.getOrCreateIdentity();
console.log('Agent ID:', identity.agentId);
console.log('Public key:', identity.publicKey);

// Capability enforcement
aim.loadPolicy({ allow: ['db:read', 'api:call'], deny: ['db:write'] });
aim.checkCapability('db:read');   // passes

// Audit log -- append-only, tamper-evident
aim.logEvent({ action: 'db:read', target: 'customers', outcome: 'allowed' });

// Trust scoring -- 8-factor calculation
const score = aim.calculateTrust();
console.log('Trust:', score.score, score.grade);

What's included

Ed25519 Identity

Generate and verify cryptographic keypairs for agent authentication. Keys persist to ~/.opena2a/aim-core/.

Capability Policy

Define what actions an agent is allowed to perform. Load from YAML file, enforce at runtime.

Trust Scoring

8-factor algorithm evaluating agent trustworthiness based on behavior, attestations, and history.

Local Audit Log

Append-only JSON-lines log of all identity events. No external database required.

Shield integration

When you run opena2a shield init, Shield automatically creates a local Ed25519 identity using aim-core if the package is installed. The identity is used for audit trail attribution and session tracking across all OpenA2A products.

Links

AIM repository →Full AIM docs →