AI agents are moving between platforms and making autonomous decisions with no standardized identity or history. A banned or compromised agent can relocate to a new system with no record of its past.
The precedent
This is the same gap that existed before vehicle registration (1954), professional licensing, and internet domain registration. Every time a new class of autonomous entity enters regulated space, standardized identity records follow.
The solution
EXIT Protocol is an open standard for cryptographic departure and arrival records for AI agents. It creates portable, tamper-proof "passport stamps" that verify where an agent has been and why it left.
Why now
AI agents are already operating autonomously across platforms
No current standard exists for agent identity or provenance
Without standards, only large companies can manage agent accountability
Early standardization prevents a costly crisis-driven regulatory response later
Submitted to NIST on March 6, 2026 for review
What exists
Complete specification and working implementation
592 passing tests across 6 open-source repositories
Integrations with major AI frameworks (LangChain, Vercel AI SDK, MCP)
FIPS-compliant cryptography
Apache 2.0 license (no vendor lock-in, free to use)
What Congress can do
Direct NIST to evaluate EXIT Protocol as a candidate standard for AI agent identity
Include agent provenance requirements in pending AI legislation
Request a GAO study on AI agent accountability gaps