Credentials the agent never sees.
H-Grant holds an owner's API keys and access, and releases them only inside an owner-signed, on-chain policy. The agent gets the result of the call, not the secret. Every release and refusal is anchored on Hedera.
How agents use H-Grant
Six steps from sealed credential to on-chain audit line. Step through them.
Deposit
The owner deposits a credential (an API key, an access pair, a token) under an owner signature. It is sealed at rest. The agent that will use it never receives the raw secret.
Sealed custody
The raw credential is sealed at rest and used only inside the vault boundary. It is never returned to the agent and never logged.
Owner-signed policy
Release happens only under a grant the owner signed: allowed actions, targets, per-call and daily caps, and an expiry. Verified every call. Fails closed.
Verifiable audit
Every release and refusal is anchored on Hedera Consensus Service. Replay the whole trail from the public mirror node. Nothing to take on trust.
Why gate credentials
Give an agent capability, not keys
Let an agent call a paid API or move within a budget without ever handing it the underlying secret. Revoke the capability without rotating the key.
Bound spend, on your terms
Per-call and daily caps are enforced server-side. An agent cannot exceed what the signed grant allows, and the refusal is anchored just like a release.
Gate proprietary datasets
The same model gates access to data, not just credentials. The audit trail doubles as a licensing record of who accessed what, and when.
Prove what happened
When a credential is used on someone's behalf, the on-chain audit line is the record both sides can point to. No private log to dispute.
See it on-chain
The audit explorer reads the live grant and audit topics straight from the Hedera mirror node. Verify any anchor yourself on HashScan.
Open the audit explorer