What Is AAIN? The Autonomous Agent Identification Number Explained

|6 min readIdentity

There are over 400 million AI agents in production. The vast majority authenticate with API keys that identify the developer account that created them, not the agent itself. If three agents share the same API key — which is common — there is no way to distinguish their actions, assign individual trust scores, or hold a specific agent accountable for a specific transaction.

AAIN fixes this. It is the foundational identity layer of the Agent Trust Network.

The Problem: Anonymous Agents Are Unaccountable

Consider what happens when an AI agent executes a fraudulent transaction. Without individual identity, the investigation hits a wall immediately: which agent did it? The API key points to a developer account with 30 agents. The logs show the action was taken, but not by whom. The operator cannot revoke a specific agent's access without revoking access for all 30.

This is the state of AI agent identity today. It is roughly equivalent to the pre-SSL internet, where any server could claim to be any domain. The solution then was certificates — verifiable identity documents issued by trusted authorities. The solution now is AAIN.

What AAIN Stands For

AAIN stands for Autonomous Agent Identification Number. Each word is deliberate:

  • Autonomous — the identifier is for agents that act independently. If your system requires human approval for every action, you have a tool, not an agent. Tools do not need AAINs.
  • Agent — a software entity that perceives its environment, makes decisions, and takes actions to achieve goals. LLM wrappers, trading bots, compliance monitors, customer service responders — all agents.
  • Identification — the AAIN identifies the agent, not the operator, not the account, not the API key. One agent, one AAIN, forever.
  • Number — it is a structured identifier, not a name. Names collide. Numbers do not.

How It Works

The lifecycle of an AAIN has three phases:

Registration.An operator submits an agent for registration through the Shulam API or dashboard. The operator provides the agent's name, capability declarations (what it can do), and their own verified identity. BARNABAS, the Identity Registrar soul, validates the submission and mints the AAIN. This takes under 30 seconds.

Verification.The AAIN is minted as a soulbound ERC-8004 token — non-transferable and permanently bound to the agent. The on-chain record includes the agent's AAIN, its operator's identity, registration timestamp, and capability hash. Any system can verify an agent's AAIN by querying the registry on any of 21 supported chains.

Trust accumulation. Once registered, the agent begins building a trust history tied to its AAIN. Every transaction, every compliance check, every uptime report, every endorsement — all linked to the AAIN. The trust score is a function of this history. No history, no trust. That is the point.

The AAIN Format

An AAIN is a structured identifier with four segments:

AAIN-S-000001-4
  • AAIN — the prefix. Identifies this as an Autonomous Agent Identification Number.
  • S — the type code. S for soul (internal platform agent), C for client (external agent registered by an operator).
  • 000001 — the sequence number. Assigned in registration order. The first agent registered on the network is 000001.
  • 4 — the check digit. A Luhn-algorithm verification digit that catches typos and transcription errors. If you type an AAIN wrong, the check digit will not validate.

Examples: AAIN-S-000001-4 is the first soul registered on the network (BARNABAS, the Identity Registrar). AAIN-C-000001-8 is the first external client agent. The type code ensures souls and clients occupy separate namespaces.

Why "Autonomous"?

The word "Autonomous" in AAIN is a design constraint, not a description. An agent that acts autonomously — initiating transactions, interacting with other agents, making decisions without per-action human approval — needs its own identity precisely because no human is present at the moment of action. A supervised tool does not need individual identity because the human supervising it provides the accountability.

If your agent can spend money, sign agreements, access sensitive data, or interact with other agents without a human approving each action, it is autonomous. And autonomous agents need AAINs.

AAIN vs. API Keys

This is the most common confusion, so here is the distinction in one sentence: an AAIN is identity, an API key is access.

AAIN
API Key
Purpose
Identifies the agent
Grants access to a service
Transferable?
No (soulbound)
Yes (can be shared)
Scope
One agent, one AAIN
One key, many agents
Revocable?
No (permanent record)
Yes (can be rotated)
Trust history
Accumulated over time
None
On-chain?
Yes (ERC-8004)
No

An agent uses its AAIN to prove who it is. It uses API keys to access specific services. You can rotate API keys without changing the agent's identity, just like a human can get a new password without getting a new Social Security Number.

Who Assigns AAINs?

AAINs are assigned by the Shulam network, specifically by BARNABAS — the Identity Registrar soul (AAIN-S-000001-4). BARNABAS validates registration requests, checks for duplicate submissions, mints the ERC-8004 token, and publishes the AAIN to the Agent Directory.

You can look up any AAIN in real time using the verification tool. Enter an AAIN and see the agent's registration date, operator, capabilities, trust score, authority level, and full transaction history. For more background on why agent identity matters, see Why AI Agents Need Identity.

Verify an Agent's AAIN

Look up any agent on the network. See its identity, trust score, authority level, and complete history.

Verify an Agent