Glossary
Plain-language definitions for every term used in AgentaOS.Core Concepts
Threshold Signing
A way to sign transactions where multiple parties must cooperate. No single party can sign alone. Agenta uses 2-of-3 threshold signing: three shares exist, any two can produce a valid signature. The key property: the full private key is never assembled. Not during key creation. Not during signing. Not ever. Learn moreMPC (Multi-Party Computation)
A cryptographic technique where multiple parties jointly compute a result without revealing their private inputs. In Agenta, MPC means two share holders cooperate to produce a signature without either one learning the other’s share.Share
One piece of the split private key. Agenta creates three shares during key setup. Each share is stored separately (agent filesystem, server Vault, encrypted user blob). No single share is the private key. No single share can sign anything.ECDSA
Elliptic Curve Digital Signature Algorithm. The standard signing algorithm used by Ethereum, Bitcoin, and most blockchains. AgentaOS produces standard ECDSA signatures that are indistinguishable from any other Ethereum account.CGGMP24
The threshold signing protocol used by Agenta. Named after its creators (Canetti, Gennaro, Goldfeder, Makriyannis, Peled). It splits ECDSA key generation and signing into a multi-party protocol where no party ever sees the full key. Learn moreDKG (Distributed Key Generation)
The one-time ceremony that creates shares. Three parties each generate their piece of the key simultaneously. No trusted dealer distributes shares. No party ever sees the full key. Completes in about 10 seconds.Agenta Components
Signer
An identity in AgentaOS. Each signer has its own Ethereum address, its own three shares, and its own guardrails. A signer can be an AI agent, a bot, a script, or a team member.Guardrails
Rules enforced before every transaction gets signed. Spending limits, daily caps, contract allowlists, blocked addresses, rate limits, and time windows. If any rule blocks, the server refuses to co-sign. Learn moreServer Share
The share stored in HashiCorp Vault on the AgentaOS server. Participates in signing with either the signer share or user share. Wiped from memory after every signing operation.Signer Share
The share stored on the agent’s filesystem, encrypted with AES-256-GCM and a passphrase-derived key (scrypt KDF). Used by the CLI and SDK for autonomous signing.User Share
The share encrypted with the user’s passkey (Touch ID, Face ID, or security key). Stored on the server as an opaque blob the server cannot decrypt. Used for manual dashboard signing.Infrastructure
Vault
HashiCorp Vault. The secret storage backend where server shares live. Provides encryption at rest, access control, and audit logging. Agenta uses the KV v2 secrets engine.KMS Provider
The abstraction layer for secret storage. Agenta ships with two providers: Vault KV v2 (production) and local-file AES-256-GCM (development).Passkey (WebAuthn)
A hardware-backed authentication credential. Touch ID, Face ID, Windows Hello, or a security key. Agenta uses passkeys for dashboard login and for encrypting the user share. No passwords. No seed phrases.PRF (Pseudo-Random Function)
A WebAuthn extension that produces a deterministic secret from a passkey authentication. Agenta uses the PRF output to derive the encryption key for the user share. The PRF output never leaves the browser.Signing Paths
Signer + Server
The primary signing path. The agent’s share and the server’s share cooperate over HTTPS. Guardrails are enforced. Used for autonomous bot operations.User + Server
The dashboard override path. The user’s passkey-encrypted share and the server’s share cooperate via browser WebAssembly. Used for manual transactions.Signer + User
The offline recovery path. The agent’s share and the user’s share cooperate directly. No server involved. No guardrails. Emergency use only. Learn moreAPI
API Key
A secret token for authenticating signer requests to the AgentaOS server. Stored as a SHA-256 hash on the server. The plaintext exists only on the agent’s machine.JWT Session
A JSON Web Token issued after passkey authentication. Used by the dashboard for API calls. Stored as an HTTP-only cookie. Expires after the configured session timeout.Signing Session
A stateful multi-round interaction between two share holders. Created at/sign/session, progresses through /sign/round, completes at /sign/complete. The session is ephemeral and exists only for the duration of one signing operation.