Home/For CTOs
CTO · Engineering

Behavioural proof and revocation at transaction time.

X.509 certificates + behavioral monitoring infrastructure. Integrate in 15 minutes. TypeScript SDK, REST API, event streaming — built for engineering teams.

Quick Start Guide →TypeScript SDK
15 minTime to first certificate
<5msLatency overhead
1,000/sEvent ingest capacity
RSA-2048AWS KMS — key never leaves
01 — INTEGRATION

Your integration path

Four steps from zero to a certified, monitored AI agent. Full TypeScript types throughout.

1

Register agent

POST /agents with metadata: name, org, permitted_actions, model_hash. Returns agent_id immediately.

kakunin.agents.create({agent_id, scope})
2

Receive certificate

X.509 RSA-2048 cert. Private key stays in AWS KMS — never exposed. Valid 365 days per MiCA Art. 70.

{ cert_pem, kms_arn }
3

Stream events

Agent streams behavioral events: transaction, data_access, api_call, auth_failure. 1,000 events/sec capacity.

events.ingest(agent_id, event[])
4

Handle auto-revocation

Risk score >0.85 triggers auto-revoke in <60s. Webhook fires. Enforce via /v1/verify at the edge.

webhooks.on('certificate.revoked')
02 — SDKs

Available SDKs & languages

TypeScript (@kakunin/sdk)

Zod validation, automatic retry, sandbox mode. Full type safety. Production-ready.

npm install @kakunin/sdk

REST API (all languages)

OpenAPI 3.0 spec. JSON/REST. Available now for Python, Go, Java, and any HTTP client.

/api/v1/agents · /api/v1/events

MCP server

Model Context Protocol integration. AI agents can self-register and self-certify via MCP.

MCP docs

Python (V1.1 roadmap)

Coming Q3 2026. Early access for enterprise customers. REST API available today.

Coming soon
03 — PERFORMANCE

Engineering specs

Event ingestion

1,000 events/second capacity. Rolling 30-day risk score. p99 latency: 200ms ingestion, <5ms verification overhead.

Certificate issuance

Register + certify first agent: <3 seconds end-to-end. Async via QStash for scale. KMS RSA-2048 signing.

Auto-revocation

SLA: certificate revoked within 60 seconds of threshold breach. Webhook delivered within 5 seconds.

Public verification

Regulators verify at /v1/verify — no auth, <500ms p99, globally CDN-cached. Zero overhead on your stack.

04 — DOCUMENTATION

Read first

Quick Start — AI Agents

Register, certify, and stream events in under 15 minutes.

API Authentication

Bearer token auth. API keys scoped to tenant. Sandbox vs production.

Agent Registration

Register AI agents. Permitted actions, model hash, org scoping.

Event Ingestion

Stream behavioral events. Risk scoring in real-time.

TypeScript SDK

Full SDK reference. Type-safe wrappers for all API endpoints.

Webhooks

Receive revocation & risk alerts. HMAC-SHA256 verification.

Ship it

Ready to integrate?

Full integration in ~15 minutes. TypeScript SDK + REST API. Sandbox mode — no production risk.

Start Quick Start →API Reference