HologramHologram
Agents

One agent. Many gates. All proven.

Agents that accept inbound connections only from parties they can verify. Personal, corporate, or specialist, built on the same trust layer.

Personal agentsCorporate agentsAudit & Observability
Personal

Your Agent. Your Gate.

A personal agent that represents you across the network, and decides who is allowed to reach you.

Your Personal AI Agent is not a chatbot you open. It is a network node that runs on your behalf, continuously. It has its own DID, its own Verifiable Credentials, and its own inbox. It answers only to parties that can prove who they are.

Who is allowed to connect

  • You. Always. Your agent knows your avatar credential and your recovery key. Nothing happens without you.
  • Your friends. Humans who present their own avatar or digital-ID credentials and are on your allowlist. Both sides know who they are talking to.
  • Your friends' agents. Autonomous software acting on their behalf, presenting the same credential chain. Agents negotiate with yours directly (scheduling, splitting a bill) without routing everything through a human.
  • Corporate agents you opted into. Your bank, your airline, your employer, your doctor's office. Each one presents its Organisation and Service credentials, plus a specific Relationship credential you approved once. You approve the relationship; your agent enforces its scope from then on.

Everything else? Your policy decides.

You set the default for anyone outside the list above. Four presets, one click to switch:

  • Block all. Silent. No reply, no log, no acknowledgment.
  • Block unknown agents. Humans may still request a connection.
  • Block unknown humans. Only verified agents may request.
  • Queue for review. Receive requests and accept or refuse them on your own time.

Default for new agents: Queue for review. Change anytime. Every decision is logged for you.

What your agent does for you

  • Acts on your behalf. Books flights, pays bills, schedules meetings, files documents.
  • Guards your inbox. Every inbound connection is trust-resolved before the agent decides to engage.
  • Protects your data. Selective disclosure. Prove you are over eighteen without revealing your birthdate.
  • Remembers everything. Persistent memory. Your preferences, history, contacts, under your control.
  • Connects to your tools. Banking, calendar, email, smart home via MCP servers. Add capabilities without writing code.
Get Your Free Agent
Maria (friend)
avatar ✔ · allowlisted
Maria's agent
scheduling · auto
Acme Bank
Relationship: 2024-11-12
Unknown sender
no proof · blocked
📅
calendar
banking
email
home
For Business

One Agent. Many Gates. All Proven.

Deploy corporate agents that accept verifiable connections from many parties at once: employees, customers, partners, auditors, other organisations' agents. Each one served a different surface, based on its credentials.

A corporate agent is not a customer-support chatbot bolted to your website. It is a Verifiable Service: a node on the agentic network that speaks to many parties in parallel, exposes a different capability surface to each, and proves everything it does.

Same agent. Many doors. Each one opens on credentials.

  • Customers
    Customer / KYC credential → product catalogue, order history, support tickets, scoped refunds.
  • Employees
    Organisation + Role credentials issued by your IAM → internal tools, CRM lookups, approval workflows, full-document RAG, admin consoles.
  • Partner agents
    Partner-Org + current master-agreement credential → pricing APIs, inventory checks, negotiated transactions, delegated actions within a scoped envelope.
  • Auditors
    Authority credential → read-only transcript access, audit-log export, policy-version inspection.
  • Anonymous public
    No credential → marketing-bot surface only. Everything sensitive is hidden, and no private data is logged.
Corporate agents also connect outward

Your corporate agents connect to other corporate agents, under the same rules. Your procurement agent negotiates with a supplier's agent by exchanging credentials. Your compliance agent consults with a third-party KYC provider's agent by exchanging credentials. Every outbound connection carries your organisation's proof-of-trust; every inbound response is verified in return. You are a first-class participant in the network, not a client of it.

The corporate agent stack

Deploy a hierarchy of specialised agents under your trust anchor

Acme Corp · Trust Anchor✓ verified
Customer Support
✔ verified
Financial Ops
✔ verified
HR Onboarding
✔ verified
Compliance
✔ verified
Procurement
✔ verified

audit log: 14,293 connections · 12,901 allowed · 1,392 refused · 0 slashing events · trust deposit $176K · ★★★★★

  • Your corporation as trust anchor
    Register on Verana. Obtain Organisation and Service credentials. Create your Trust Registry with custom credential schemas.
  • Agent hierarchy
    Deploy specialised agents under your umbrella. Each inherits your trust chain.
  • Enterprise authentication
    Employees authenticate with Verifiable Credentials issued by your IAM. RBAC at the tool level. Step-up approval workflows.
  • Any LLM, any tool
    OpenAI, Mistral, Kimi, Anthropic, or self-hosted. Integrate CRM, ERP, GitHub, banks, Salesforce via MCP.
  • Domain knowledge
    Feed your agent corporate documentation via RAG. It answers from your knowledge base, not hallucinated guesses.
  • Multi-language
    English, Spanish, French, Portuguese, any language you decide. Automatic detection.
  • Production-ready
    Helm charts, Kubernetes-native, horizontal scaling, monitoring. Deploy the full stack with one command.
Deploy a corporate AI agent in 5 minutes.

Define your Agent Pack in YAML. Declare your connection policy. Point a Helm chart at it. Your agent is live: verifiable, credential-gated, governed.

Talk to UsRead the Docs
Audit & Observability

Every Connection, Logged. Every Interaction, Replayable.

Agents that act autonomously must leave an evidentiary trail. Hologram agents do, by construction.

Deploying an autonomous agent means delegating authority. Deploying one you cannot audit means delegating unknowable authority. Hologram closes that gap.

Operator dashboard

Connections / hour
1,284
Policy hits
allow 62% scoped 22% deny 16%
Top credentials presented
  • Customer
    78%
  • Employee
    14%
  • Partner-Org
    6%
  • Authority
    2%
Recent anomalies
  • 10:14 · connection refused · did:webvh:unk.123 · no Org credential
  • 10:21 · policy v4.2.1 applied · by sre@acme
  • 10:37 · burst from 1 DID · rate-limited, 47 attempts denied
  • 10:44 · step-up cleared · initiate_wire · manager_approval_cred
Public reputation (Verana VPR)
14,293 served12,901 accepted1,392 refused0 slashing$176K deposit★★★★★

Incident replay · connection #8a3f…b2c7

  1. 1
    Credential presented
    Customer#8172 · issued by Acme Corp · valid
    hash 0x4e1c…9ab2
  2. 2
    Trust chain resolved
    3 hops · issuer → trust registry → Verana VPR
    hash 0x73aa…c1e5
  3. 3
    Policy evaluated
    v4.2.1 · matched clause customer_default
    hash 0x91d0…77f4
  4. 4
    Tool invoked
    lookup(order_id=#8172) → 200 OK · 128 bytes
    hash 0x0aa4…ffb1
  5. Response returned
    Connection closed · audit entry appended
    block 0x9a3f…b2c7 · 2026-04-23T10:44:12Z
What is captured
  • Every connection attempt, credential set, trust-chain resolution, policy match and decision.
  • Every tool invocation, arguments and return.
  • Every approval, with approver, credential, timestamp, policy version.
  • Every credential update: revocations, new issuances, schema changes.
Where it lives
  • Private log, operator-owned. Append-only, tamper-evident. OpenTelemetry-compatible, exportable to SIEM (Elastic, Splunk, Datadog). Encrypted at rest, keyed to your organisation.
  • Public reputation, Verana-anchored. Aggregate counters (served, accepted, refused, slashing, deposit) anchored on-chain. Anyone can audit the summary; only the operator can read the content.
What you can do with it
  • Real-time observability. Dashboards of connection rates, credentials, policy hits, anomaly alerts.
  • Incident response. Replay any connection end-to-end, with the credential state, policy version and tool trace.
  • Regulatory evidence. Tamper-evident exports for EU AI Act, eIDAS 2.0, KYC, AML, HIPAA, without exposing conversation content.
  • Ongoing governance. Policy is a versioned, signed artifact. Every change attributable to a named approver.
Observability for personal agents, too

The same guarantees apply to personal agents, at a scope appropriate for an individual. You can see who tried to reach your agent today, which connections were accepted, which were refused and why, and which of your tools were used on your behalf while you were away. You own the log.

Autonomy without observability is a liability. Hologram makes observability the default.