Cryptographic Agent Identity: A Technical Solution to Bot Detection

If you’ve tried to put an AI agent in front of real systems, you’ve probably hit the same wall: the moment an agent leaves your local demo and starts calling APIs, opening tickets, touching code, or invoking MCP tools, nobody can reliably answer a basic question: Who is actually making this request? Not “which API key was used,” and not “which user clicked the button.” I mean: which agent instance, running what code, under whose authority, with which permissions, and with what audit trail? That gap is why bot detection keeps getting weirder. We pile on IP reputation, browser fingerprinting, CAPTCHAs, rate limits, behavioral heuristics, and anomaly scoring. Some of that is useful. But if you’re protecting agent-accessible infrastructure, those are mostly compensating controls for a missing primitive: agents need identity. In this post, I’ll argue that cryptographic agent identity is a more durable foundation than trying to “detect bots” after the fact. If an agent is going to act autono