Keyring is a decentralized key management system (KMS) built to empower AI agents interacting with funds while ensuring security and decentralization. By leveraging EigenLayer, Keyring introduces additional security mechanisms, particularly for slashing operators who perform unauthorized operations.
For each key generated by an AI agent, a new Safe (Gnosis Safe) is automatically created. This Safe is linked to the registered key and is plugged into a Safe module (KeyringSafeModule). The module ensures that funds can only be moved when an operation is correctly signed by the Keyring network.
This is a transfer of USDC that has been signed and authorized by the Keyring network on Arbitrum.
- 🔐 Threshold ECDSA via MPC - Private keys are split among multiple nodes, ensuring no single party controls the full key.
- 🔗 Decentralized P2P Network - The Keyring network is permissionless, allowing anyone to participate and enhance security.
- ⚖️ EigenLayer Slashing Mechanism - Operators (Keyring nodes) get slashed if they authorize an operation not approved by the AI agent.
- 🤖 AI Agent Integration - Allows AI agents to create public keys and securely sign transactions using the distributed key network.
- A Threshold ECDSA node using MPC (Multi-Party Computation) to ensure no single entity can access a private key.
- The P2P network enables decentralization and security.
- Nodes act as EigenLayer AVS (Actively Validated Services) Operators, registering within EigenLayer to participate in securing the network.
- On-chain Keyring contracts handle the verification and execution of operations signed and approved by the Keyring network. The main entry point is KeyringGateway, responsible for validating the signature and the signed operation. Additionally, the KeyringSafeModule is a dedicated Safe module that gets attached to the agent's Safe, granting it controlled authorization to move funds only when operations have been correctly verified by the network.
- A simple example demonstrating how an AI agent can:
- Create a key using Keyring.
- Sign messages using the decentralized network.
- Execute operations in a secure manner.
1️⃣ An AI agent creates a key
- The private key is split among multiple Keyring nodes.
- The corresponding public key is generated and registered.
2️⃣ When signing an operation
- The AI agent requests a signature from the Keyring network.
- Nodes perform MPC-based ECDSA signing, ensuring no single node controls the key.
3️⃣ EigenLayer Security & Slashing
- Operators (Keyring nodes) stake collateral via EigenLayer.
- If a malicious node signs an unauthorized operation, it gets slashed.
- Ensures trustless security for AI agents.
- Rust (for the Keyring Node)
- Node.js & Hardhat (for smart contracts)
- Ethereum Wallet (MetaMask or CLI-based wallets)
- EigenLayer Staking Setup (for AVS Operators)
Clone the repository:
https://github.com/allemanfredi/ethglobal-keyring
cd ethglobal-keyringcd node
cargo run --release -- <peers_ips_comma_separated> <listen_addr> <rpc_listen_addr> <primes_file_name.json>cd contracts
npx hardhat compile
...cd agent-example
yarn install
yarn agent::initialize
yarn agent::transfer-usdcThis project is open-source under the MIT License.
We welcome contributions! If you want to help:
- Fork the repository.
- Create a branch (
feature/my-update). - Submit a PR 🚀.