The Trust Boundary for AI Agents

Agent Identity &
Key Security
for the Agentic World

The agent holds no keys. They live in a post-quantum virtual HSM — never read, never copied, never backed up. The agent asks; the boundary decides. So a compromised agent has nothing to leak. Nothing worth stealing ever lives inside the agent.

Post-Quantum vHSM
Scoped Sub-Identity
Compliance Engine
0+
Orgs Hit by One Stolen Agent Token
0%
Of Breaches Involve the Human Element
$0B+
Lost to Bridges Built on Human Signers
The Gap

Keys Can Be Stolen — And Can't Be Traced

  • A key held as a secret — client secret, bearer token, OAuth refresh token, wallet seed — is an extractable secret, copied into backups too.
  • The agent can be turned — phishing or prompt injection makes it leak data or authorize an action without ever stealing the key.
  • Recovery is the soft target — help-desk and reset flows bypass even phishing-resistant MFA; AI voice and video defeat the human check.
  • One stolen agent token in the Drift / Salesforce breach exposed data across 700+ organizations.
The Answer

Unreadable Keys, Scoped Identities, Supervised Actions

  • Unreadable keys, held never stored — keys live in a post-quantum virtual HSM, never backed up. No copy to steal or restore.
  • Scoped & traceable — the agent acts under a scoped, time-bound, revocable sub-identity that descends from a human owner. A stolen credential expires fast.
  • The compliance engine — an external, distributed engine supervises every login, read, write and transfer, without ever seeing the data.
  • Drop-in — presents as an external OIDC / OAuth identity provider. Salesforce, Entra and AWS AgentCore accept it at the door.

One principle, three pillars — plus the Gateway.

Keys is the first pillar: held in a post-quantum virtual HSM, never read, never copied, never backed up. It works alongside Data & PII (tokenized before it reaches the agent) and Recovery (by cryptographic attestation), all bound together by the Gateway. The AI agent requests a signature — it never holds the key. The boundary signs and checks every login and supervises every read, write and transfer, never the content.

The agent has no key to leak — it asks, the boundary decides. Nothing to steal. Nothing to phish. Nothing to reset.

Three Pilots. Three Categories. All Live.

The flagship proof: crypto and treasury, the most unforgiving test of the trust boundary for AI agents.

Live Pilot

Florida Family Office

Replacing Anchorage Digital custody — eliminating third-party counterparty risk while keeping institutional controls.

Live Pilot

Spain-Based Fund

Replacing Safe (Gnosis) EVM multi-sig — adding compliance, recovery and cross-chain reach beyond EVM.

Live Pilot

Game Studio

Securing autonomous in-game agents — AI NPCs hold and transact in-game assets with no per-agent key management.

Bulletproof Under Attack

Compromise the Agent

The compliance engine evaluates every request independently before a signature exists. Out-of-policy is BLOCKED; high-value is DELEGATED to a quorum.

Distributed by Design

Key storage Held, never stored
Keys backed up 0
Enclave Post-Quantum vHSM
Deterministic checks ~200ms
Drop-in provider OIDC / OAuth

Leadership

OP

Ofir Paz

CEO

2 exits (MSFT, NSPR) · Security background

LS

Levi Schechter

VP R&D

Ex-Amdocs · Large-scale platforms

SA

Dr. Sara Alon Paz

BD

1 exit · Enterprise sales

NT

Nico Tacminzis

PMO

Program & delivery leadership

Nothing to Steal. Nothing to Phish. Nothing to Reset.

Nothing to steal. Nothing to phish. Nothing to reset. Just protection — at any scale, across every system your agents touch.

Contact Us info@wikey.io