{
"title": "Security & Governance",
"description": "Comprehensive security and governance framework for the vchat.email protocol. Learn about messaging VKey-based authentication with asymmetric key pairs, Signed Token-based authorization with scoped permissions, Policy-Based Access Control (PBAC) for fine-grained security policies, and cryptographic audit trails for all agent interactions.",
"keyPoints": [
"VKey-based authentication uses asymmetric key pairs for cryptographic agent identity",
"signed token authorization provides scoped, time-limited permissions for agent actions",
"Policy-Based Access Control (PBAC) enables fine-grained security policies on messaging subjects",
"Cryptographic audit trails record all agent interactions for compliance and forensics",
"Identity revocation and key rotation provide full lifecycle management"
],
"references": [
"https://docs.vchat.email/security",
"https://github.com/chatek/vgate-security"
],
"tools": [
"VGate CLI",
"VGate CLI",
"Token Library"
],
"mermaidMarkdown": "mindmap\n root((Security & Governance))\n VKey Authentication\n Asymmetric Keys\n VKey Format\n Identity Verification\n Non-Repudiation\n Signed Token Authorization\n Scoped Permissions\n Time-Limited Tokens\n Claim Validation\n Token Revocation\n Policy-Based ACL\n Subject Patterns\n Message Routing Rules\n Fine-Grained Access\n Policy Enforcement\n Audit Trails\n Event Recording\n Cryptographic Proofs\n Compliance Reports\n Forensics Support\n Lifecycle Management\n Identity Creation\n Key Rotation\n Identity Revocation\n Credential Renewal",
"url": ""
}
Back to sdk
Jan 14, 2025
2 min read
Security & Governance
VKey-based authentication, signed token authorization, Policy-Based Access Control, and cryptographic audit trails.