Python: samples: hdp_provenance - cryptographic delegation audit trail for agent-framework agents#5727
Open
asiridalugoda wants to merge 4 commits intomicrosoft:mainfrom
Open
Conversation
…r agent-framework agents
github-actions
Bot
changed the title
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a new Python security sample demonstrating how to attach and verify an HDP (Human Delegation Provenance) cryptographic delegation chain for an agent_framework.Agent via a single middleware configuration call.
Changes:
- Introduces
hdp_provenance.pysample that configuresHdpMiddleware, runs an agent, exports the resulting token, and verifies the delegation chain offline. - Includes local key-loading logic and a one-time key generation snippet for Ed25519.
Author
|
Thanks for the review. Fixed in the latest commit:
|
Author
|
@moonbox3 thanks for the tags. I've updated the readme and closed copilot comments. 👍 |
Adds inline tamper-detection check: mutate a hop signature and show verify_chain returns valid=False at the first corrupt hop. Documents max_hops failure semantics and strict-vs-audit mode as annotated comments. Addresses review feedback from PR discussion.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds
python/samples/02-agents/security/hdp_provenance.py- a minimal (~50 line)sample showing how to attach HDP (Human Delegation Provenance) to any agent-framework
Agentwith a singlemiddleware.configure(agent)call.HDP creates a tamper-evident Ed25519 chain from the authorising human to every downstream
agent action. The chain is verifiable fully offline - no network call, no central registry.
What's included
One file, no changes to existing samples:
python/samples/02-agents/security/hdp_provenance.pyWhy this matters for agent-framework users
Multi-agent systems have no standard way to prove that a downstream action was authorised
by a specific human. HDP fills that gap: a compact, self-contained token that any verifier
can validate with just a public key.
This integration was first validated with AutoGen:
community confirmed agents across frameworks cannot distinguish legitimate from injected messages
No HDP internals included
The entire HDP implementation lives behind
pip install hdp-agent-framework. The samplecontains zero crypto, zero token format detail - only the integration surface.
Test plan
pip install "agent-framework-core" "hdp-agent-framework" python-dotenvpython hdp_provenance.py- verifyHDP chain valid: Truein outputReferences
hdp-agent-frameworkon PyPI