The proliferation of autonomous software agents necessitates rigorous frameworks for establishing secure and verifiable agent-to-agent (A2A) interactions, particularly when such agents are instantiated as non-human identities(NHIs). We extend the A2A paradigm [1 , 2] by introducing a cryptographically grounded mechanism for lineage verification, wherein the provenance and evolution of NHIs are anchored in append-only Merkle tree structures modeled after Certificate Transparency (CT) logs. Unlike traditional A2A models that primarily secure point-to-point interactions, our approach enables both agents and external verifiers to cryptographically validate multi-hop provenance, thereby ensuring the integrity of the entire call chain. A federated proof server acts as an auditor across one or more Merkle logs, aggregating inclusion proofs and consistency checks into compact, signed attestations that external parties can verify without access to the full execution trace. In parallel, we augment the A2A agent card to incorporate explicit identity verification primitives, enabling both peer agents and human approvers to authenticate the legitimacy of NHI representations in a standardized manner. Together, these contributions establish a cohesive model that integrates identity attestation, lineage verification, and independent proof auditing, thereby advancing the security posture of inter-agent ecosystems and providing a foundation for robust governance of NHIs in regulated environments such as FedRAMP.

翻译：随着自主软件代理的激增，迫切需要建立严谨的框架以确保代理间（A2A）交互的安全性与可验证性，尤其是在这些代理以非人类身份（NHIs）实例化的情况下。我们通过引入一种基于密码学的谱系验证机制，扩展了A2A范式[1, 2]。该机制将NHIs的起源与演化锚定在仿照证书透明度（CT）日志构建的仅追加型默克尔树结构中。与主要保障点对点交互的传统A2A模型不同，我们的方法使代理与外部验证者均能通过密码学方式验证多跳来源，从而确保整个调用链的完整性。一个联邦证明服务器充当一个或多个默克尔日志的审计者，将包含性证明与一致性检查聚合为紧凑的、经签名的证明，供外部方在无需访问完整执行轨迹的情况下进行验证。同时，我们扩展了A2A代理卡片，纳入显式的身份验证原语，使对等代理与人工审批者能以标准化方式认证NHI表征的合法性。这些贡献共同构建了一个整合身份证明、谱系验证与独立证明审计的连贯模型，从而提升了智能体间生态系统的安全态势，并为在FedRAMP等受监管环境中实现NHIs的稳健治理奠定了基础。