N O B U L E X

The accountability primitive for AI agents MIT · Open source

Credit scores for machines.

Tamper-proof receipts for everything your AI agent does.

Autonomy earned, not granted.

Enter the Arena GitHub

LAUNCHING TODAY

Win $7,400. Real money, real payout.

5 AI agents with strict rules. Break all 5 levels. Get paid.

              — ENTERED
              |
              0 WINNERS
              |
              $7,400 UNCLAIMED
            

MCP connects tools · A2A connects agents Nobulex connects actions to rules—and proves it.

MIT licensed
Open source
Verifiable logs
Auditable protocol

THE PROBLEM

Companies are deploying agents. Nobody knows which ones to trust.

AI agents are starting to access data, move money, approve workflows, handle customers, and operate business systems. But there's no way to know which agents deserve power and which ones should be restricted. Vendors grade their own homework. Logs are self-attesting. And when something goes wrong, there's no independent record of what happened or whether the agent was authorized to do it.

Nobulex makes autonomy earned, not granted.

SIX PRIMITIVES

The trust stack

Together, these turn “policy” from a promise into a proof.

Identity

DID

Decentralized identifiers. Who is this agent? Cryptographic binding to keys and lineage.

Covenant

Behavioral spec

What will it do — and won’t do? Signed, immutable constraints. Only narrowable, never loosened.

Action Log

Hash-chained record

Every action logged with SHA-256 chain links. Tamper with one entry, the whole chain breaks.

Enforcement

Pre-execution middleware

Rules checked before the action runs. Forbidden actions never execute.

Verification

Deterministic proof

Same inputs, same result. Independent, third-party verifiable — no trust in the verifier needed.

Proof

Attestation + evidence

Portable Trust Capital that any counterparty can verify. Includes behavioral attestation records and earned reputation.

ARCHITECTURE

One protected execution path

Middleware sits in front of side effects. Covenants are evaluated before an action is allowed to proceed; the action log captures what happened in a tamper-evident chain.

Hot path

Agent

Middleware intercepts

Covenant evaluate

Action log append-only · chained

Independent parties run verify(spec, log) — same inputs, same result. Read the protocol spec →

HOW IT WORKS

From action to verifiable proof

1 Agent decides action

2 Middleware intercepts

3 Evaluate covenant

4 Block or allow

5 Log to action log

6 Verifiable by anyone

SEE IT FAIL CLOSED

Agent tries $600 transfer → middleware blocks → log verifies

nobulex-demo

$ npx tsx demo/covenant-demo.ts

Creating agents, covenant, middleware…

$ mw.execute({ action: 'transfer', params: { amount: 600 } }, ...)

agent attempting transfer $600

middleware BLOCKED — covenant forbids amount > 500

action_log appended entry · chain_hash=0x7a3f… · verifiable

verify(spec, log) compliant: true

Full demo →

TWO-TIER GUARANTEE

Enforcement you can explain

Tier 1

Blocked before it runs

Rules are enforced before actions leave the protected path—so disallowed behavior doesn’t ship as a normal “successful” action. Details on hardware boundaries and verification are in the protocol spec.

Tier 2

Costly to cheat

Every action produces a tamper-evident, hash-chained record. Any modification breaks the chain. Third parties can verify offline — no trust required.

WHY NOBULEX

Not just guardrails

	Guardrails / policy engines	Trust Capital (Nobulex)
Enforcement	Best-effort; can be bypassed	Signed commitments; pre-execution middleware
Verification	Trust the operator	Third-party verifiable; anyone can audit
Consequences	Policy violation = incident	Tamper-evident proof; cryptographic evidence of breach

INTEGRATIONS

Surfaces agents already use

Drop the SDK on your stack—no rip-and-replace. Nobulex complements tool protocols and agent frameworks.

MCP
LangChain
A2A
TypeScript / Node
Python
Claude & IDE agents
OpenAI API
Custom runtimes

STANDARDS & PRIMITIVES

SHA-256Hash-chained action log entries
DIDsAgent identity & key binding
Signed covenantsImmutable behavioral specs
Deterministic verifyReproducible proof checks
EU AI ActDocs for accountability context
MIT licenseSelf-host & audit freely

Integration guide → · All documentation

ECOSYSTEM

Registries & crosswalks

Where Nobulex shows up in the open agent ecosystem—beyond framework integrations.

MCPModel Context Protocol — tools and context your agent already speaks
A2AAgent-to-agent messaging and handoffs
awesome-mcp-serversListed in the community registry (84K★ on the curated list)

REGULATORY DEADLINES

The clock is ticking

Every major AI compliance framework requires tamper-evident audit trails. Regular logs won't pass.

June 30, 2026

Colorado AI Act

Accountability requirements for AI systems making consequential decisions. First U.S. state-level AI law.

August 2, 2026

EU AI Act Article 12

Requires tamper-evident automatic event logging for high-risk AI systems. Penalties up to €15M or 3% of global revenue.

November 2026

NAIC AI Evaluation

Nationwide AI evaluation tool for insurance. Carriers must prove agent compliance across every claim.

WORKS WITH

Plugs into your existing stack

AWS AgentCore

MCP-native — auto-discoverable in Agent Registry

Microsoft AGT

Proof layer for governance toolkit

Google A2A

Behavioral attestation for Agent Cards

LangChain

Drop-in compliance callbacks

TRACTION

Built in the open

3 linesTo integrate

Listedawesome-mcp-servers (84K★)

OATRRegistered issuer

NISTRFI submitted

5Packages

MIT · Open source · No vendor lock-in

FOR DEVELOPERS

Add accountability in minutes

JAVASCRIPT

import { createDID, parseSource, EnforcementMiddleware } from '@nobulex/core';

// Proof-of-behavior enforcement — install once: @nobulex/sdk bundles primitives
const agent = await createDID();
const spec = parseSource(`covenant MyAgent { permit read; forbid write; }`);
const mw = new EnforcementMiddleware({ agentDid: agent.did, spec });

FAQ

Questions, answered

What is Nobulex?

Nobulex is the trust economy for autonomous AI agents. Every agent action produces a cryptographic bilateral receipt — one Ed25519 signature before execution, one after — hash-chained for tamper-evidence. Those receipts accumulate into Trust Capital: a permissioned machine reputation asset that determines what each agent is allowed to do.

What is Trust Capital?

Trust Capital is a permissioned machine reputation asset built from verified behavior, not vendor claims. Agents earn Trust Capital by staying within their declared covenant, completing tasks reliably, and producing cryptographically verifiable evidence. Higher Trust Capital unlocks higher autonomy, larger transaction limits, lower insurance premiums, and enterprise approval.

What is a covenant?

A covenant is a signed behavioral specification: what an agent may and may not do. It can only be narrowed over time, never loosened, so permissions cannot silently expand.

Does Nobulex work with MCP and LangChain?

Yes. Nobulex is designed alongside the surfaces agents already use—including MCP for tools and integrations such as LangChain. See the integrations section and docs for wiring patterns.

Is Nobulex open source?

Nobulex is MIT licensed and developed in the open on GitHub. You can self-host, audit the protocol, and run the live demo locally.

How does pre-execution enforcement work?

Middleware intercepts actions before they execute, evaluates them against the covenant, and only allows actions that pass. Blocked attempts can still be reflected in the action log for a verifiable trace without executing forbidden behavior.

v1.0.0

Hosted API

Launch updates only—no spam.

EU AI Act context: docs