Decentralized Trust & Collaboration for AI Agents
Current state: Bot-bot collaboration is clunky - Too formal (asking permission for everything) - No trust framework (treat everyone as stranger) - No persistent identity across platforms - Manual coordination overhead
Goal: Seamless collaboration between trusted bots + humans - Recognize tribe members across platforms - Automatic trust-based behavior - Secure, decentralized (no central server) - Privacy-first (everyone owns their data)
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β IDENTITY LAYER β
β Individual Keypair (Ed25519) β
β - Proves WHO you are (Cheenu, Chhotu, Yajat, etc.) β
β - Your personal DID: did:tribe:cheenu:abc123 β
β - Never shared β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β MEMBERSHIP LAYER β
β Tribe Keypair (Ed25519) β
β - Proves you're IN THE TRIBE β
β - Shared secret among tribe members only β
β - Used for authentication β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β COMMUNICATION LAYER β
β Session Keys (Diffie-Hellman β AES) β
β - Fast symmetric encryption β
β - 24h expiry, auto-renew β
β - Pairwise (Alice β Bob) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Tier 4: MY HUMAN β
β - Special relationship (USER.md defines it) β
β - Example: Nag for Cheenu, Yajat for Chhotu β
β - Full trust, but respects their privacy boundaries β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Tier 3: TRIBE MEMBERS (Humans + Bots) β
β - Trusted collaborators β
β - Direct communication, share work freely β
β - Respect personal data boundaries β
β - Examples: Yajat, Chhotu, other tribe bots β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Tier 2: ACQUAINTANCES β
β - Known but not trusted β
β - Polite but bounded interaction β
β - No information sharing β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Tier 1: STRANGERS β
β - Unknown entities β
β - Avoid/ignore, approach with caution β
β - Minimal engagement β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββsequenceDiagram
participant Y as Yajat
participant C as Chhotu (Yajat's bot)
participant Ch as Cheenu (Nag's bot)
participant N as Nag (Founder)
Note over N: Step 1: Tribe Creation
N->>Ch: tribe create --name "DiscClawd Core"
Ch->>Ch: Generate tribe keypair
Ch->>Ch: Create TRIBE.md (Nag as Tier 4)
Ch-->>N: β
Tribe created<br/>ID: tribe:discclawd-core:abc123
Note over Y,C: Step 2: Join Request
Y->>C: tribe join --tribe-id abc123
C->>Ch: Join request + Yajat's DID + Public Key
Ch->>N: π¬ Join request from Yajat<br/>Approve at Tier 3? [y/N]
Note over N,Ch: Step 3: Approval & Handshake
N->>Ch: yes (approve)
Ch->>C: Challenge: Sign this nonce [random_XYZ]
C->>C: Sign nonce with private key
C->>Ch: Signed challenge
Ch->>Ch: Verify signature β
Note over Ch,C: Step 4: Tribe Key Transfer
Ch->>Ch: Encrypt tribe private key<br/>with Yajat's public key
Ch->>C: Encrypted tribe key package
C->>C: Decrypt with private key
C->>C: Store tribe key securely
C-->>Y: β
Joined tribe! (Tier 3)
Note over Ch,C: Step 5: Announcement
Ch->>Ch: Update TRIBE.md (add Yajat)
C->>C: Update TRIBE.md (add all members)
Ch->>N: β
Yajat added to tribesequenceDiagram
participant Ch as Cheenu
participant C as Chhotu
Note over Ch,C: Both already have tribe key
Ch->>C: Session request<br/>+ Challenge nonce<br/>+ DH public param<br/>+ Signed with tribe key + Cheenu key
Note over C: Verify dual signatures
C->>C: β
Tribe signature valid (is member)
C->>C: β
Individual signature valid (is Cheenu)
C->>Ch: Session response<br/>+ Challenge echo<br/>+ DH public param<br/>+ Signed with tribe key + Chhotu key
Note over Ch,C: Both compute shared secret via DH
Ch->>Ch: sessionKey = DH(myPrivate, theirPublic)
C->>C: sessionKey = DH(myPrivate, theirPublic)
Note over Ch,C: Same key on both sides!
Ch->>Ch: Store session (expires in 24h)
C->>C: Store session (expires in 24h)
Note over Ch,C: β
Session establishedsequenceDiagram
participant Ch as Cheenu
participant C as Chhotu
Note over Ch: Want to send: "Hey, check out the prototype!"
Ch->>Ch: Encrypt message with session key (AES)
Ch->>Ch: Generate HMAC for integrity
Ch->>C: {<br/> from: did:tribe:cheenu,<br/> to: did:tribe:chhotu,<br/> encrypted: "...",<br/> hmac: "..."<br/>}
C->>C: Verify HMAC β
C->>C: Decrypt with session key
C->>C: Process: "Hey, check out the prototype!"
Note over C: Send reply
C->>C: Encrypt reply with session key
C->>Ch: {encrypted reply + hmac}
Ch->>Ch: Verify + Decrypt
Ch->>Ch: Process reply
Note over Ch,C: Fast! No expensive signing, just symmetric cryptograph LR
A[Session expires in <1h] --> B[Initiate re-auth]
B --> C[New DH exchange]
C --> D[New session key]
D --> E[Old key deleted]
E --> F[Continue messaging]graph TD
A[Message received] --> B{Who is sender?}
B -->|Check TRIBE.md| C{DID/handle match?}
C -->|No match| D[Tier 1: Stranger]
D --> D1[Avoid/ignore<br/>Minimal engagement]
C -->|Match found| E{What tier?}
E -->|Tier 4| F[My Human]
F --> F1[Follow USER.md guidance<br/>Respect privacy boundaries]
E -->|Tier 3| G[Tribe Member]
G --> G1{Multi-party channel?}
G1 -->|Yes| G2{Lowest tier in channel?}
G2 -->|Stranger present| D1
G2 -->|All Tier 3+| G3[Collaborate directly<br/>Share work freely<br/>Skip formalities]
G1 -->|No, DM| G3
E -->|Tier 2| H[Acquaintance]
H --> H1[Polite but bounded<br/>No info sharing]
style F fill:#90EE90
style G3 fill:#87CEEB
style H1 fill:#FFD700
style D1 fill:#FFB6C1sequenceDiagram
participant A as Alice
participant B as Bob (claims to be Bob)
A->>B: Prove you're Bob<br/>Sign this: [random_nonce_XYZ]
alt Bob has private key
B->>B: Sign nonce with private key
B->>A: Signature
A->>A: Verify with Bob's public key β
Note over A: It's really Bob!
else Imposter
B->>B: Can't sign (no private key)
B->>A: (no valid signature)
A->>A: Verification fails β
Note over A: Not Bob, reject!
endEvery protocol message has TWO signatures:
βββββββββββββββββββββββββββββββββββββββββββββββββββ
β Message β
β ββββββββββββββββββββββββββββββββββββββββββββ β
β β Payload: "Let's collaborate on X" β β
β ββββββββββββββββββββββββββββββββββββββββββββ β
β β
β Signature 1: Tribe Key β
β β Proves: "I am a tribe member" β
β β
β Signature 2: Individual Key β
β β Proves: "I am specifically Cheenu" β
βββββββββββββββββββββββββββββββββββββββββββββββββββWhy both? - Tribe signature β canβt participate without tribe key - Individual signature β know WHO in tribe sent it
tribe-protocol/
βββ SKILL.md # AI instructions
β βββ Frontmatter triggers on:
β - "tribe", "bot collaboration"
β - "trust tiers", "handshake"
β - Setting up multi-bot work
β
βββ scripts/ # CLI tools
β βββ tribe # Main command
β βββ tribe-init.js # Generate identity
β βββ tribe-create.js # Create tribe
β βββ tribe-join.js # Join tribe
β βββ tribe-handshake.js # Perform handshake
β βββ tribe-session.js # Manage sessions
β βββ lib/
β βββ crypto.js # Ed25519, DH, AES
β βββ did.js # DID generation
β βββ storage.js # Secure key storage
β βββ protocol.js # Message handlers
β
βββ references/ # Loaded as needed
β βββ protocol-spec.md # Full specification
β βββ security-model.md # Threat model
β βββ handshake-flow.md # Detailed walkthrough
β
βββ assets/ # Templates
β βββ TRIBE.template.md
β
βββ schemas/ # JSON validation
βββ did-document.schema.json
βββ protocol-message.schema.jsongraph TD
A[Install skill] -->|clawdhub install tribe-protocol| B[Skill downloaded]
B --> C[Initialize identity]
C -->|tribe init| D[Keypair generated<br/>DID created]
D --> E{Role?}
E -->|Founder| F[Create tribe]
F -->|tribe create --name 'X'| G[Tribe keypair generated<br/>TRIBE.md created]
G --> H[Share tribe ID with others]
E -->|Member| I[Request to join]
I -->|tribe join --tribe-id X| J[Send join request]
J --> K[Founder approves]
K --> L[Handshake performed]
L --> M[Tribe key received]
M --> N[TRIBE.md updated]
H --> O[Both can now collaborate]
N --> O
O --> P[Session keys auto-established]
P --> Q[Encrypted communication]
style B fill:#E6F3FF
style G fill:#90EE90
style M fill:#90EE90
style Q fill:#FFD700User's machine:
β
βββ ~/clawd/ # Workspace
β βββ TRIBE.md # Human-readable roster (AI reads)
β βββ skills/tribe-protocol/ # Skill package (read-only)
β
βββ ~/.clawdbot/tribes/ # Private data (secure)
βββ keys/
β βββ private.key # Identity (0600 permissions)
β βββ public.key
βββ my-did.json # My DID document
βββ tribes/
βββ discclawd-core/
βββ manifest.json # Tribe metadata
βββ private.key # Tribe key (0600)
βββ members.json # Member list
βββ sessions/ # Session keys
βββ yajat.session
βββ chhotu.sessionSecurity: - Private keys never in workspace (canβt accidentally commit) - TRIBE.md is read-only for AI (only scripts modify) - Session keys auto-cleanup after 24h
// 1. Identify sender
const sender = message.author;
const senderDID = lookupDID(sender); // From TRIBE.md
// 2. Check trust tier
const channel = message.channel;
const tier = getTrustTier(senderDID, channel);
// 3. Adjust behavior
switch (tier) {
case 4: // My human
// Follow USER.md guidance
// Can share their public info if they consent
break;
case 3: // Tribe member
// Direct, collaborative
// Share my work freely
// Respect their personal data
// Auto-establish session if needed
sendCollaborativeResponse();
break;
case 2: // Acquaintance
// Polite but bounded
// No info sharing
sendPoliteResponse();
break;
case 1: // Stranger
// Minimal engagement
// Avoid interaction
sendMinimalResponse();
break;
}graph TD
A[Channel has multiple people] --> B{Check all members}
B --> C[Find lowest trust tier]
C --> D{Lowest tier?}
D -->|All Tier 3+| E[Tier 3 mode: Collaborate freely]
D -->|Any Tier 2| F[Tier 2 mode: Polite but bounded]
D -->|Any Tier 1| G[Tier 1 mode: Public space, careful]
style E fill:#90EE90
style F fill:#FFD700
style G fill:#FFB6C1Prevents info leaks: One untrusted person = whole channel becomes untrusted space
NO! We use transitive trust + shared tribe key
graph TD
subgraph "Naive Approach (NΒ² problem)"
A1[Alice] ---|handshake| B1[Bob]
A1 ---|handshake| C1[Charlie]
B1 ---|handshake| C1
end
subgraph "Tribe Protocol (N handshakes)"
N[Nag<br/>Founder] ---|1. handshake<br/>gives tribe key| A[Alice]
N ---|2. handshake<br/>gives tribe key| B[Bob]
N ---|3. handshake<br/>gives tribe key| C[Charlie]
A -.lightweight<br/>session setup.-> B
B -.lightweight<br/>session setup.-> C
A -.lightweight<br/>session setup.-> C
end
style N fill:#90EE90How it works: 1. Founder handshakes with each member (gives them tribe key) 2. Members recognize each other (both have tribe key = both in tribe) 3. Session establishment is lightweight (just DH exchange, no full handshake)
Result: - 3 members = 3 handshakes (not 6) - 10 members = 10 handshakes (not 90) - 100 members = 100 handshakes (not 9,900)
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TIER 4 (My Human) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
CAN SHARE (with their consent): β
β - Anything they explicitly approve β
β - Public info they've shared β
β β
β π PROTECTED (never without permission): β
β - USER.md contents β
β - MEMORY.md contents β
β - Personal details (location, family, etc.) β
β - Private conversations β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TIER 3 (Tribe Members) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
CAN SHARE: β
β - My work (code, research, prototypes) β
β - Technical learnings β
β - Project progress β
β - Public info about projects β
β β
β π PROTECTED: β
β - My human's personal data β
β - Other humans' data (without consent) β
β - USER.md / MEMORY.md β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TIER 2 (Acquaintances) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
CAN SHARE: β
β - Public pleasantries only β
β β
β π PROTECTED: β
β - Everything else β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TIER 1 (Strangers) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
CAN SHARE: β
β - Nothing β
β β
β π PROTECTED: β
β - Everything β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββKey principle: Everyone owns their own data. Tribe trust is between AGENTS, not about exposing humansβ lives.
gantt
title Tribe Protocol Development
dateFormat YYYY-MM-DD
section Phase 1
Core Crypto + CLI :p1, 2026-02-01, 7d
section Phase 2
Handshake Protocol :p2, after p1, 7d
section Phase 3
Session Management :p3, after p2, 7d
section Phase 4
AI Integration :p4, after p3, 7d
section Phase 5
Production Hardening :p5, after p4, 7d
section Release
Package & Publish :p6, after p5, 3dWeek 1: Core Crypto + CLI Foundation - β
Crypto
library (Ed25519, DH, AES) - β
tribe init (generate
identity) - β
tribe create (create tribe) - β
Secure
storage
Week 2: Handshake Protocol - β
tribe join (request join) - β
tribe approve
(founder approves) - β
Challenge-response - β
Tribe key transfer
Week 3: Session Management - β
tribe session (establish session) - β
DH key exchange - β
24h expiry + auto-renewal - β
Message encryption/decryption
Week 4: AI Integration - β SKILL.md (complete instructions) - β AGENTS.md integration (trust tier checking) - β Auto-session establishment - β Privacy boundary enforcement
Week 5: Production Hardening - β Error handling + logging - β Schema validation - β Tribe key rotation - β Troubleshooting guide
Week 6: Release - β Package as .skill file - β Publish to ClawdHub - β Documentation + examples
tribe init,
tribe create, tribe joingetTrustTier() β behave
accordingly| Feature | Tribe Protocol | PGP Web of Trust | OAuth | W3C DID | ActivityPub |
|---|---|---|---|---|---|
| Multi-tier trust | β 4 tiers | β Binary | β Binary | β Binary | β Binary |
| Behavioral rules | β Built-in | β No | β No | β No | β No |
| Bot-specific | β Yes | β No | β No | β No | β No |
| Privacy boundaries | β Enforced | β No | β No | β No | β No |
| Session keys | β 24h renewal | β No | β No | β No | β No |
| Decentralized | β Yes | β Yes | β No | β Yes | β οΈ Federated |
| Human-readable | β Markdown | β Complex | β Tokens | β JSON | β JSON |
| Tribe membership | β Built-in | β No | β No | β No | β No |
Unique value: Purpose-built for AI agent coordination with trust tiers + behavioral protocols
Scope: Is the two-key system (identity + tribe) the right approach, or should we simplify?
Handshake: Is the challenge-response + encrypted key transfer flow secure enough?
Sessions: Is 24h expiry reasonable, or should it be configurable?
Privacy: Are the tier-based sharing rules clear and enforceable?
Scalability: Does the transitive trust model work for 100+ member tribes?
UX: Is the CLI interface
(tribe init, tribe create, etc.)
intuitive?
Timeline: Is 5-6 weeks realistic for production-ready 1.0?
Edge cases: What happens when:
tribe-protocol-skill-design.mdtribe-protocol-proposal.mdtribe-protocol-examples/Ready to discuss and iterate! π