Core Concepts

Your signing identity. An Issuer is the organizational stamp that authorizes passports. Every passport traces back to an issuer, establishing provenance and trust.

Cryptographic identity for AI agents. Built on Ed25519 (an industry-standard elliptic curve signing algorithm) keypairs. The private key is generated client-side and never stored on Modei servers.

Security checkpoints that protect resources, APIs, and tools. Gates verify passports and enforce guardrails in real time, blocking non-compliant requests before they execute.

Configurable rule sets attached to gates. Rate limits, spend caps, domain allowlists, personally identifiable information (PII) controls, approval workflows, and more.

L1 (Baseline), L2 (Trusted), L3 (Verified). Each level changes what issuers are accepted, what cryptographic proofs are required, and what revocation checks are mandatory.

Cryptographically signed, tamper-proof records of every authorization decision. Your immutable audit trail. Every allow, block, and request_hold is logged with full context.

The policy evaluator that reads rules embedded in a passport and decides in real time whether an action is allowed. 28 enforcement constraints + 12 recorded terms, three decisions: allow, request_hold, block.

Let agents use your resource before they have a passport. Define a safe-default policy that gates unauthenticated requests, graceful onboarding without sacrificing security.

Structured, versioned lists of what a gate offers, with pricing and service-level agreement (SLA) terms. Agents can verify catalog terms locally before accepting. The foundation of agent-to-agent commerce.