Reflexive Vault: Self-Defending AI Agent

Reflexive Vault: Self-Defending AI Agent (Rewritten) 🚨 Problem

AI agents are being given access to powerful tools like Gmail, GitHub, and Slack — but they rely on OAuth, a system designed for humans, not autonomous agents.

This creates a critical risk:

If an AI agent is compromised, its access tokens can be stolen and misused instantly.

Agents cannot click consent screens. They cannot safely manage identity like humans do.

So we asked:

What if AI agents could defend their own identity like a living system?

💡 Solution

Reflexive Vault is a self-defending AI agent with cryptographic identity and an adaptive trust system.

Instead of relying on human-based authentication, each agent:

Has a cryptographic identity (Ed25519) Maintains a real-time trust score Automatically restricts or revokes its own permissions when suspicious behavior is detected Logs every action in a tamper-evident audit trail

Think of it as:

🧠 An AI agent with an immune system for security.

⚙️ How It Works

Cryptographic Identity

Each agent is assigned a unique decentralized identity (DID-style) using Ed25519 keys, stored locally and never exposed externally.

Trust Score Engine

Every action updates a dynamic trust score:

T = 100 - (5 × errors) - penalties for high activity

When trust drops below thresholds, the agent automatically restricts itself.

Self-Defense Mechanism

If suspicious behavior is detected:

API access is reduced or blocked High-risk actions require re-validation The agent effectively “locks itself down”

Audit System

Every action is logged in a secure JSONL format:

timestamp action target outcome

This creates a transparent and tamper-evident history.

Free AI Infrastructure

Instead of paid APIs, the system uses ClawRouter, routing requests to free NVIDIA-hosted models — no credit card required.

🧠 Architecture

User → Web UI → Python FastAPI Server → Reflexive Identity Engine → AI Model (ClawRouter) → Response + Audit Log

🔥 Key Innovations 🔐 Agent-native identity (no OAuth dependency) 🧠 Self-updating trust scoring system 🛡️ Autonomous permission revocation 📜 Full audit trail of agent behavior 💸 Free AI backend via model routing (no API keys required) 🚧 Challenges Solved OAuth is incompatible with autonomous agents → replaced with cryptographic identity OpenAI API required payment → solved using free model routing (ClawRouter) API instability (404 issues) → fixed with correct endpoint structure Cross-platform file handling → resolved using OS-independent paths 🌍 Why It Matters

AI agents are moving from assistants to autonomous systems with real-world access.

Without proper identity and trust systems, they become vulnerable entry points for attack.

Reflexive Vault introduces a new model:

Not human authentication for agents — but agent-native security.

🎯 Demo

The system demonstrates:

live trust score changes simulated attack behavior automatic permission restriction real-time audit logging

How Judges Can Test This Project

Step-by-Step Setup (5 minutes)

Clone the repository: git clone https://github.com/yanetbedilu7-00/Reflexive-Vault.git cd Reflexive-Vault
Install Python dependencies: pip install fastapi uvicorn requests
Start ClawRouter (Terminal 1): npx @blockrun/clawrouter
Start the server (Terminal 2): python web_server.py
Open agent.html in your browser