Thanks to visit codestin.com
Credit goes to www.intended.so

Skip to content

Intent Verification Infrastructure for Autonomous Agents

Verify intent before
autonomous agents act.

Every autonomous action — an agent deploying code, a bot moving money, a workflow touching customer data — passes through Intended first. Allow becomes a signed token. Deny means it never ran.

No Token · No Action

watch one mint in your browser

This page just generated an Ed25519 key pair and signed an example agent intent.

Below is the resulting Authority Token. Real cryptography, running on your hardware. No data leaves your browser — the keypair is created locally, used once, and discarded. Copy the token and verify it on jwt.io if you want.

authority token · EdDSA · Ed25519 · generated in your browser0%

Example intent: “Deploy the authentication service to production.”

Every line of the token below is what an agent would carry to the connector at the moment of execution. The signature is a real Ed25519 (EdDSA) signature computed in your browser with WebCrypto — the same algorithm the Intended authority signs with — and it’s verified here against the freshly exported public key. The whole loop takes about a millisecond in production; what you saw above is the same operation, slowed down for legibility.

actionsdlc.deploy.productiondecisionAPPROVEDalgorithmEdDSA · Ed25519verifyissued attimezoneLOCALttl300s · single-usekey holderyour browser, discardedstatusforming…

manifesto · the four principles

Nothing autonomous moves without consent.

Every consent is cryptographic.

Every consent is auditable.

Every audit is provable without us.

what we do

Verify intent before autonomous agents act.

Every action an autonomous agent attempts passes through one surface. Intent is compiled. Conformance is scored. Authority is decided. A cryptographic Authority Token is issued — or refused. Every step is preserved as immutable evidence.

01 · Intent

Captured

Natural language or tool calls compile to a typed IntentRequest.

02 · Conformance

Scored

Each intent is mapped to your declared business process.

03 · Authority

Decided

Policy + risk + conformance combine into a single verdict.

04 · Evidence

Preserved

Every decision is sealed and hash-linked. Replayable, exportable.

one engine · two editions

The same authority, wherever agents act.

One verification engine, one shared spine — asserted by test. Choose the surface your agents act on; the guarantee is identical: intent verified, authority granted or refused, and evidence preserved, before anything runs.

Enterprise

Agents acting on your software

Deploys, refunds, data access, tickets — across SaaS, APIs, and cloud. Every action authorized at the boundary before it executes.

Physical · in development

Agents acting in the world

Robots and embodied systems — the same authority model extended to the edge. In development, complementing functional-safety standards (ISO/IEC), never replacing them.

live demo · sample stream

Authority decisions, as they happen.

An illustrative stream that shows the shape of an authority decision — intent, risk score, verdict, and the resulting token. Sample data, not a live customer feed.

LIVE · authority.intended.so0 decisions in this session

an authority token, in detail

Click any segment to inspect its claims.

Authority Token · EdDSA · Ed25519 · issued LOCALtyp: JWT
..
Header · the JWS algorithm + token type
contents{ "alg": "EdDSA", "typ": "JWT", "kid": "…" }
algEdDSA · Ed25519 (pure EdDSA), per-tenant key
typJWT · authority-scoped, single-use
kidminting…
Live · single-use · 5 min ttl
Verify on jwt.io →

three claims we prove

i.

Blocked before it happened.

Unintended actions do not execute. Verification fails closed before the runtime boundary is crossed. No speculative execution. No partial effects. No recovery narrative — because nothing ran.

ii.

Every authorized action has a cryptographic receipt.

Intended actions receive a scoped, time-limited Authority Token that proves verification happened. The Token is the receipt. The receipt is the record. The record is enforceable.

iii.

Math, not trust.

Every decision is recorded in an immutable audit chain that is cryptographically signed, exportable, and replayable. If our service disappeared tomorrow, the signed evidence would still stand on its own — and per-tenant public-key (JWKS) verification is live.

what you can verify

Unintended actions are blocked before execution, not flagged after.

Autonomous actions are classified, scored against your policy, and gated by an authority token. If the intent isn’t verified, the action doesn’t run — fail-closed by design.

Verification becomes a precondition instead of a forensics exercise: nothing autonomous runs without it, and every decision leaves a signed record you can export and check yourself.

How the mechanism is designed to work — not a customer testimonial.

compliance posture
SOC 2 · in progressSBOM · published

why this is different

Policies define rules. They do not define intention.

Adjacent systems answer whether an action is permitted. Intended answers whether the action matches what was intended in this context. Policy evaluation is part of that process, but it is not the whole product.

what Intended verifies
  • What the action is intended to do
  • Whether it fits the enterprise capability context
  • Whether authority should be granted, denied, or escalated
  • Whether execution can be proven after the fact

next step

Start with the open layer. Operationalize when you are ready.

Use the Open Intent, docs, and open-source packages to integrate quickly. Move into the full platform when you need verification, authority, escalation, and audit at enterprise scale.

Codestin Search App