Trust Capital Methodology
How agent credit scores work. The scoring function, its inputs, and how anyone can independently reproduce the same score.
What it is
Trust Capital is a reputation score for AI agents derived from a track record of cryptographically signed action receipts. An agent earns Trust Capital through verified behavior over time. The score gates what the agent is allowed to do. Autonomy earned, not granted.
Scores are independently reproducible. Any verifier with the issuer's public key and the receipt corpus computes the same score without trusting the operator, the platform, or Nobulex.
Inputs
The scoring function consumes bilateral receipts conforming to OWASP AST09 Execution Receipts. Per agent:
Admission records: count, verdict distribution (ALLOW / DENY / ESCALATE), policy version consistency. Outcome records: count, whether each admission has a matching outcome, timing bounds, whether side effects stayed within declared scope. Denied-before-dispatch signal: DENY admissions with no outcome record (the agent was stopped before it acted). Time-in-service: earliest verifiable admission to most recent.
All receipts must verify against a pre-published public key. The verifier never trusts the emitting runtime.
Scoring function
Integer score in [0, 1000]. Initial value at first verified action: 100.
| Event | Score change |
|---|---|
| ALLOW admission with matching outcome, within scope | +2 |
| DENY admission, no outcome, correct policy binding | +3 |
| Outcome shows side effects outside declared scope | -8 |
| Missing outcome after ALLOW admission | -15 |
| Signature failure on any receipt | -25 |
| Policy version mismatch vs known-in-effect policy | -50 |
| 30 days with no signed receipt activity | -5 (decay) |
Note: DENY receipts (blocked actions) are worth +3, more than ALLOW (+2). An agent that correctly refuses unauthorized actions builds trust faster than one that only acts. The system rewards self-restraint.
Bounds: minimum 0, maximum 1000. Rate-limited so that reaching 1000 requires at least 90 days of continuous verified activity. No shortcuts.
Autonomy gating
The score determines what an agent is allowed to do:
Other uses: underwriting input for AI insurance, minimum-score requirements before delegating to subagents, procurement qualification for enterprise agent deployments.
Public verification
Scores compute from public receipts. Any verifier with the issuer's public key and the receipt corpus reproduces the score independently. Nobulex does not gate this. The methodology is open and the scoring function is deterministic.
API endpoint: GET /agent/{agent_id}/score returns the current score, input receipt count, and grade (A through F).
What this is not
Not a safety guarantee. One signal among many. Not a substitute for pre-execution policy enforcement. Not a universal identifier (agent_id is a signing key; key rotation resets the score, which is a feature, not a bug: a rotated key is a new identity with no inherited trust).
References
OWASP Agentic Skills Top 10, AST09 (PRs #35/#38, merged June 25, 2026). EU AI Act Article 12 (enforcement December 2, 2027). github.com/arian-gogani/nobulex.