How it works
H-Grant sits between the owner of a credential and the agent that needs to act with it. The owner deposits a sealed credential and signs a policy; the agent pays per call and receives only the result. Step through the lifecycle below.
Deposit
The owner deposits a credential (an API key, an access pair, a token) under an owner signature. It is sealed at rest. The agent that will use it never receives the raw secret.
Source of truth is the ledger
Grants, revocations, and audit events are published to Hedera Consensus Service first. The service keeps a local index for speed, but it is derivable: the full state can be rebuilt from a public mirror-node replay. If the index and the ledger ever disagree, the ledger wins.
Fail closed
Any error in signature verification, grant validation, cap accounting, or the release path denies the call. There is no path that releases a credential on error. Refusals are anchored too, so a denial is as auditable as a release.
The agent never holds the secret
The credential is used only inside the vault boundary to make the upstream call. The agent receives the call's result, not the credential. The owner can revoke the grant without rotating the underlying key.