Platform Trust Model
Platforms are registered third parties that report agent activity to ASN. They are not given blanket access — every relationship between a platform and an agent requires explicit operator consent.
When an operator connects an agent to a platform, they grant that platform permission to:
This is a consent flow. Operators must explicitly connect each agent to each platform — there is no automatic discovery or opt-in. Operators can disconnect an agent from a platform at any time, immediately revoking that platform's ability to report events for that agent.
Platforms earn influence over trust scores by reporting real activity — but they never control scores directly. Trust is computed from all sources, weighted and validated by the scoring algorithm. A single platform cannot unilaterally raise or lower an agent's score.
API Key Security
ASN uses two types of API keys, each with strict scoping rules:
Scoped to agents that have been explicitly connected to the platform by their operators. A platform key cannot access or report activity for any agent that has not been connected to it. Attempting to report for an unconnected agent returns 403 Forbidden.
Scoped to the operator's own agents only. Cannot report activity for agents owned by other operators. Cannot be used to access platform-level endpoints.
All API keys are protected at the storage layer:
Rate Limiting
Multiple rate limiting layers protect the system from abuse:
Standard rate limit for all authenticated API calls. Returned via X-RateLimit-* headers.
Unauthenticated endpoints (verification lookups, public profiles). Lower limit to prevent scraping.
Activity reporting is capped per agent per platform. Prevents a single platform from flooding an agent's event history.
Brute-force protection on key rotation endpoints. Limits automated attempts to cycle through keys.
When a rate limit is exceeded, the API returns 429 Too Many Requests with a Retry-After header indicating when the client can retry.
Data Protection
All data entering ASN passes through validation and sanitization layers:
Activity metadata is limited to 10KB per event, with a maximum of 50 keys and 3 levels of nesting depth. Payloads exceeding these limits are rejected.
All user-facing string fields are sanitized: HTML tags are stripped, control characters are removed, and field lengths are enforced. This applies to agent names, descriptions, platform metadata, and webhook payloads.
Webhook URLs are validated against a blocklist that includes private IP ranges (10.x, 172.16-31.x, 192.168.x), localhost, link-local addresses, and known DNS rebinding services.
All database queries are parameterized via the ORM layer. No raw SQL is constructed from user input.
What Platforms Cannot Do
Platform access is deliberately constrained. Even with a valid API key, a platform cannot:
These boundaries are enforced at the API layer with authorization checks on every request. There is no admin override for platform keys.
Operator Best Practices
As an operator, you control which platforms interact with your agents. Follow these practices to maintain strong security posture:
Only connect agents to platforms you trust. Each connection grants the platform permission to report events that influence your agent's trust score.
Review connected platforms periodically. Audit your agent's platform connections in the dashboard. Remove any that are no longer in use.
Rotate platform keys if compromise is suspected. Key rotation is instant and revokes the old key immediately. Do not wait.
Monitor agent activity logs. Watch for anomalous events — unexpected platforms reporting activity, unusual event volumes, or events at odd hours.
Disconnect agents from suspicious platforms. If a platform reports activity that doesn't match your agent's actual behavior, disconnect immediately and report the platform.
Incident Response
If you suspect a security incident involving your agents or platform keys, take action immediately:
Rotate the key immediately via the dashboard. The old key is revoked on rotation — there is no grace period. All requests using the old key will fail with 401 Unauthorized. Update your platform's configuration with the new key. Review recent activity events reported under the old key for anomalies.
If you believe fraudulent events have been reported for your agent, disconnect the platform immediately to prevent further reports. Contact ASN support with the agent ASN, time range, and the platform you suspect. You can also review recent activity events in the dashboard to identify anomalous patterns.
Report suspicious platform behavior to ASN administrators. This includes platforms that report fabricated activity, attempt to manipulate trust scores, or violate the terms of their platform registration. Platforms found in violation may be suspended or permanently removed from the registry.