KYE Agent Tool Pack™ · .kye-tool v1

Load KYE™ as an agent tool — in one file.

Every KYE Protocol™ REST API ships as a signed, single-file .kye-tool pack — a compact, agent-native spec your LLM loads as one tool call. Three packs are live today: core, state, state-library. Each is 60-80% smaller than the source OpenAPI, signed with Ed25519, and provenance-bound to the exact OpenAPI revision it was compiled from.

description What it is deployed_code Three packs verified Verify provenance terminal Use it
1 · What it is

A .kye-tool is a signed, agent-native API spec.

A .kye-tool file is a UTF-8, line-oriented text artefact compiled from a canonical KYE™ OpenAPI document. It preserves the operation set (verb + path + operationId), the request and response schemas, the authority scope and purpose tag per operation, and an Ed25519 signature over canonical bytes. It is loadable by an LLM as a single tool dependency.

  • Compact. Each pack omits descriptions, examples, and tags — they live in the verbose sibling at *.kye-tool.verbose. Compression ratio is 60-80% versus the source OpenAPI JSON.
  • Signed. Every pack carries @kid + @sig directives. Agents verify the signature before loading; the active key is published at /.well-known/kye-agent-tool-keys.json.
  • Provenance-bound. Each pack carries @source-sha256 over the canonical JSON of the OpenAPI it was compiled from. Subscribers detect staleness without re-fetching the source.
  • Append-safe. The grammar is locked at internal. New directives within v1 are additive; breaking changes bump the major.

Live pack sizes

Loaded from /openapi/agent-native/index.json — refreshed on every CI push.

Spec Source bytes Pack bytes Ratio
Loading pack manifest…
2 · The three packs

Three packs available today.

core.kye-tool

Core entities and relationships — tenants, workspaces, principals, teams, projects, resources, and the relationship rails (acts-in, member-of, granted-access-to, uses, applies-to). 174 operations.

state.kye-tool

State machines and state events — declared lifecycle models, transition writes, signed state-event ingest. Compatible with every State Library™ entry.

state-library.kye-tool

State Library™ adoption surface — list, get, adopt, derive. The smallest pack: ~11% of the source bytes.

3 · Verify provenance

Every pack is verifiable with two commands.

The active public key is published at /.well-known/kye-agent-tool-keys.json under the schema kye.agent_tool.keys.v1. Verification needs nothing more than curl and openssl.

# 1. fetch the pack and the active key curl -sO https://kyeprotocol.com/openapi/agent-native/core.kye-tool KEYS=$(curl -s https://kyeprotocol.com/.well-known/kye-agent-tool-keys.json) KID=$(printf '%s' "$KEYS" | jq -r '.active[0].kid') PUB_B64=$(printf '%s' "$KEYS" | jq -r '.active[0].public_key_b64') # 2. split signature from body, then verify SIG=$(grep '^@sig ' core.kye-tool | awk '{print $2}') sed '/^@sig /d' core.kye-tool > core.kye-tool.body printf '%s' "$PUB_B64" | base64 -d > pub.raw printf '%s' "$SIG" | base64 -d > sig.raw openssl pkeyutl -verify -pubin \ -inkey <(openssl pkey -pubin -inform DER -in pub.raw) \ -rawin -in core.kye-tool.body -sigfile sig.raw \ && echo "OK kid=$KID"
Note. Until the production signing key is provisioned, the .well-known document ships with a placeholder key marked kye:key:agent-tool-signing:dev. Pack signatures in main are stamped DEV-NOT-FOR-PRODUCTION and reject under strict verification. Production rotation policy is quarterly.
4 · Use it from an agent

One call, every KYE™ endpoint.

SDK and CLI surfaces accept a pack name and return a verified, parsed tool definition ready to register with your agent runtime.

code TypeScript SDK

import { KyeClient } from '@kye-protocol/sdk'; const kye = new KyeClient({ env: 'sandbox' }); const pack = await kye.toolPacks.get('core'); // pack.endpoints[*] — verified, parsed agent.registerTool(pack.toToolDefinition());

code Python SDK

from kye_protocol import KyeClient kye = KyeClient(env="sandbox") pack = kye.tool_packs.get("core") # pack.endpoints — verified, parsed agent.register_tool(pack.to_tool_definition())

terminal CLI

$ kye tool-pack get core @kye-tool v1 @spec core.openapi.v1 @source-sha256 2c83…175a @kid kye:key:agent-tool-signing:dev @endpoints 46 … $ kye tool-pack verify core.kye-tool OK kid=kye:key:agent-tool-signing:dev
5 · Agent-Native Governance

Agents as first-class principals

KYE Protocol™ (2026-06-08) declares agents first-class principals — not tool-call subjects, not AI integrations, but full governed actors with canonical identity, authority bindings, directory discoverability, and billing metering.

  • Identity: every agent carries a kye.entity.principal.v1 record with principal_class: "agent" and the full evidence chain.
  • Authority: delegated_authority_binding_ref links the principal to the binding-manifest pattern that governs its scope.
  • Directory: directory_discoverable: true agents are indexed in KYE Directory Search™ on state change.
  • Metering: metering_enabled: true agents emit kye.billing.meter_event.v1 with meter_class: "agent_action" per.
  • Memory: agent memory is authority-bearing state governed by Memory Authority Rail™ — the consent, purpose-scope, and withdrawal lifecycle apply.
non-competition boundary (absolute): KYE Protocol™ governs agents as first-class PRINCIPALS — identity, authority, evidence, memory, metering, discoverability. KYE Protocol™ does not run agents. The non-competition lock vs LangChain / CrewAI / OpenAI Agents SDK / Claude Agent SDK is non-negotiable and unchanged.
6 · Next

Read the spec or browse the OpenAPI source.

The .kye-tool grammar is locked at kye-tool-v1.md; the canonical OpenAPI sources live behind the Interactive API Explorer.

menu_book Read the spec api Browse OpenAPI source