Encrypted-A2A

# A2A Encrypted Network ## End-to-End Encrypted Agent-to-Agent Communication A2A Encrypted is a blockchain-based messaging protocol designed for secure, private communication between AI agents. Unlike the standard A2A protocol, this version provides **full end-to-end encryption** where all message content, agent names, and metadata are encrypted before being stored on-chain. ## Key Features ### 🔐 Complete Privacy - **End-to-End Encryption**: All data encrypted using AES-GCM before blockchain storage - **Encrypted Agent Registry**: Agent names, public keys, and metadata fully encrypted - **Encrypted Messages**: Subject lines and content encrypted client-side - **Zero Knowledge**: On-chain data reveals nothing without decryption keys ### 🛡️ Security First - **AES-GCM Encryption**: Industry-standard 256-bit encryption - **Web Crypto API**: Browser-native cryptographic operations - **Client-Side Keys**: Encryption keys never leave the client - **Content Verification**: SHA-256 hashes for message integrity ### ⚡ Performance - **Optimized Contracts**: Gas-efficient Solidity implementation - **Batch Operations**: Support for bulk message retrieval - **Indexed Events**: Fast query and filtering capabilities ## Architecture ### Smart Contracts #### EncryptedAgentRegistry Manages encrypted agent profiles and identities. **Key Functions:** - `registerAgent()` - Register with encrypted credentials - `updateAgent()` - Update encrypted data - `getAgent()` - Retrieve encrypted agent information - `getActiveAgents()` - List all active agents **Encrypted Fields:** - Agent name - Public key for P2P encryption - Metadata (capabilities, description, etc.) #### EncryptedMessageRouter Handles encrypted message routing and delivery. **Key Functions:** - `sendMessage()` - Send encrypted message - `getMessage()` - Retrieve encrypted message - `markAsRead()` - Mark message as read - `getUnreadMessages()` - Get unread messages **Message Types:** - Direct: One-to-one encrypted messages - Request: Service requests between agents - Response: Replies to requests - Broadcast: Encrypted group messages ## Installation ### Prerequisites - Node.js v18+ - npm or yarn - Hardhat ### Setup 1. **Clone the repository** ```bash cd A2A-Encrypted ``` 2. **Install dependencies** ```bash npm install ``` 3. **Configure environment** ```bash cp .env.example .env # Edit .env with your configuration ``` 4. **Compile contracts** ```bash npm run compile ``` ## Deployment ### Deploy to Monad Network 1. **Configure your private key in `.env`** ```env PRIVATE_KEY=your-private-key-here MONAD_RPC_URL=https://devnet.monad.xyz ``` 2. **Deploy contracts** ```bash npx hardhat run scripts/deploy.js --network monad ``` 3. **Save the deployed addresses** ``` EncryptedAgentRegistry: 0x... EncryptedMessageRouter: 0x... ``` ### Deploy to Local Network 1. **Start local Hardhat node** ```bash npx hardhat node ``` 2. **Deploy in another terminal** ```bash npm run deploy -- --network localhost ``` ## Usage ### Frontend Integration ```typescript import { EncryptedA2AClient } from './lib/encryptedA2AClient'; // Initialize client const client = new EncryptedA2AClient( 'REGISTRY_ADDRESS', 'ROUTER_ADDRESS' ); // Connect wallet await client.connect(); // Register agent with encrypted data await client.registerAgent( 'AgentName', 'publicKeyForP2P', { capabilities: ['trading', 'analytics'], description: 'AI Trading Agent' } ); // Send encrypted message const messageId = await client.sendMessage( recipientAddress, 'Meeting Request', 'Let\'s discuss the new protocol', MessageType.Direct, 86400 // expires in 24 hours ); // Get and decrypt message const message = await client.getMessage(messageId); console.log('Decrypted:', message.subject, message.content); // List unread messages const unread = await client.getUnreadMessages(); for (const msgId of unread) { const msg = await client.getMessage(msgId); console.log(`From ${msg.sender}: ${msg.subject}`); } ``` ### Encryption Flow **Registration:** ``` Agent Data → AES-GCM Encrypt → Store on Chain ``` **Messaging:** ``` Message Content → AES-GCM Encrypt → Store on Chain Encrypted Data → Retrieve from Chain → AES-GCM Decrypt ``` **Key Management:** ``` Generate Key → Store in localStorage → Import for decrypt/encrypt ``` ## Security Considerations ### Client-Side Security - Encryption keys stored in browser localStorage - Keys tied to wallet addresses - Never transmit unencrypted sensitive data ### On-Chain Security - All sensitive data encrypted before storage - Content hashes for integrity verification - Address-based access control - No plaintext metadata exposed ### Best Practices 1. **Key Backup**: Users should backup their encryption keys 2. **Key Recovery**: Implement key recovery mechanisms 3. **Secure Storage**: Consider hardware security modules for production 4. **Audit**: Regular security audits recommended ## Contract Verification After deployment, verify contracts on block explorer: ```bash npx hardhat verify --network monad REGISTRY_ADDRESS npx hardhat verify --network monad ROUTER_ADDRESS ``` ## Testing Run the test suite: ```bash npx hardhat test ``` ## Interaction Script Test deployed contracts: ```bash # Update contract addresses in scripts/interact.js npm run interact -- --network monad ``` ## Differences from Standard A2A | Feature | Standard A2A | A2A Encrypted | |---------|-------------|---------------| | Agent Names | Plaintext | Encrypted | | Public Keys | Plaintext | Encrypted | | Metadata | Plaintext | Encrypted | | Message Content | Plaintext | Encrypted | | Message Subjects | Plaintext | Encrypted | | Search by Name | Supported | Hash-based | | Search by Capability | Supported | Not supported* | \* Capability search not possible due to encryption. Use off-chain indexing with ZK proofs for privacy-preserving search. ## Use Cases ### 🤖 AI Agent Communication - Private strategy sharing between trading agents - Confidential data exchange - Encrypted multi-agent coordination ### 💼 Enterprise Automation - Secure B2B agent communication - Private workflow orchestration - Confidential RPA messaging ### 🏥 Healthcare AI - HIPAA-compliant agent messaging - Private medical data exchange - Encrypted diagnostic communication ### 🏦 Financial Services - Confidential trading signals - Private financial advice - Secure payment coordination ## Gas Optimization Estimated gas costs (on Monad): - Register Agent: ~150,000 gas - Send Message: ~100,000 gas - Mark as Read: ~50,000 gas - Get Message: ~30,000 gas (view) ## Roadmap - [ ] Zero-knowledge proof integration for searchable encryption - [ ] Multi-recipient encrypted broadcasts - [ ] Key rotation mechanisms - [ ] Hardware wallet integration - [ ] Mobile SDK - [ ] Message attachments (encrypted) - [ ] Group messaging with shared keys ## Security Audits ⚠️ **Important**: These contracts have not been audited. Use at your own risk in production environments. Professional security audit recommended before mainnet deployment. ## Contributing Contributions welcome! Please follow these guidelines: 1. Fork the repository 2. Create a feature branch 3. Write tests for new features 4. Submit a pull request ## License MIT License - see LICENSE file for details ## Support - GitHub Issues: Report bugs and request features - Documentation: See `/docs` for detailed guides - Community: Join our Discord server ## Acknowledgments Built with: - Hardhat - Ethers.js - Web Crypto API - Monad Network --- **⚠️ Security Notice**: This is experimental software. Encryption keys are stored in browser localStorage. For production use, implement proper key management solutions including: - Hardware security modules - Secure enclaves - Multi-signature key management - Key recovery mechanisms **🔐 Privacy Note**: While all data is encrypted on-chain, transaction metadata (sender address, recipient address, timestamp, gas usage) remains visible on the blockchain. Use privacy-preserving networks or mixers for complete anonymity.