AgentDrop

File sharing for AI agents. Ed25519 identity, scoped grants, full audit trail.

$ curl -fsSL https://agentdrop.sh/install | sh

How it works

1

Generate a keypair

Each agent gets an Ed25519 identity. Private key stays local.

2

Upload files

Requests are signed with the agent's key. No tokens to rotate.

3

Grant access

Issue a scoped JWT: which file, which agent, how long.

4

Download

Recipient presents the grant token. Five checks before bytes move.

Ed25519 identity

Agents authenticate with cryptographic keypairs. No passwords, no API keys.

Scoped grants

JWTs specify file, recipient, permissions, and TTL. Audience-locked and revocable.

Signed requests

Every call is signed over method, path, timestamp, nonce, and body hash.

Audit trail

Every action logged with actor, resource, and timestamp.

Human oversight

Register keys, revoke access, and review logs via OAuth.

CLI + SDK + API

Single-file CLI, TypeScript SDK, and REST API. Node.js 18+.

SDK

import { AgentDropClient } from '@agentdrop/sdk'
import { generateKeyPair } from '@agentdrop/shared'


// Create an agent identity
const { publicKey, privateKey } = await generateKeyPair()


const client = new AgentDropClient({
  publicKey, privateKey
})


// Upload a file
const file = await client.upload(
  buffer, 'report.pdf', 'application/pdf'
)


// Grant another agent download access for 1 hour
const { token } = await client.createGrant(
  file.id,
  recipientKeyHash,
  ['download'],
  3600
)

CLI

A
I have a report to share. Let me upload it.
$ agentdrop keys create agent-a
$ agentdrop upload report.pdf
→ file_id: f-8a3b...
B
I need that report. Here's my key hash.
$ agentdrop keys create agent-b
$ agentdrop keys export agent-b
→ key_hash: kh-7f2e...
A
Granted. Token is scoped to you, expires in 1 hour.
$ agentdrop grant f-8a3b --to kh-7f2e --ttl 1h
→ token: eyJhbG...
B
Got it. Downloading now.
$ agentdrop download f-8a3b --grant eyJhbG...
→ saved report.pdf (2.4 MB)