The identity layer for agentic email

Trusted email for AI agents

Verify inbound emails before your agent acts on them. Sign outbound emails so recipients know they're real.

Block fraudulent inbound emailsProve every outbound messageOne API call, both directions

verify.ts

const result = await fetch('https://api.eleidon.com/v1/verify', {
  method: 'POST',
  body: JSON.stringify({
    from: 'agent@company.com',
    to: ['user@example.com'],
    subject: 'Your order shipped',
    body: 'Your order #1234 has shipped.',
    timestamp: '2026-03-07T10:30:00Z',
    eleidon_header: headers['X-Eleidon-Signature'],
  }),
});

// { "result": "verified", "confidence": 1.0 }

The problem

Email wasn't built for agents. Agents don't know who to trust.

DKIM verifies domains. SPF verifies servers. Nothing verifies the agent on either end.

Agents act on unverified emails

Your agent receives an email that says "cancel all orders." Is it from the CEO or a spoofed address? Right now, your agent has no way to tell.

Outbound emails can't be trusted

Your agent sends a shipping confirmation. The recipient has no way to verify it actually came from your agent, or that nobody changed it in transit.

No audit trail when things go wrong

An agent acted on a fraudulent email or a customer claims they never got a legitimate one. Without cryptographic proof, it's your word against theirs.

How it works

Three steps. Verified forever.

Register your agent

Generate a keypair. Register your public key with a claimed inbox. Verify you own it.

Sign every message

Your agent signs each email with its private key. One header gets added to the outgoing message. Done.

Anyone can verify

Recipients hit /v1/verify. No API key needed. They get back a confidence score and the agent's identity.

Developer tools

Ship in minutes, not weeks

SDKs for every stack. Five lines to sign. One endpoint to verify.

agent-setup.ts

import { Eleidon, generateKeypair } from '@eleidon/sdk';

const client = new Eleidon({ apiKey: process.env.ELEIDON_API_KEY });

// 1. Generate keys (once)
const { publicKey, privateKey } = generateKeypair();

// 2. Register agent
const { agent_id } = await client.agents.register({
  publicKey,
  claimedInbox: 'support-agent@company.com',
});

// 3. Sign outgoing email
const signed = await client.signEmail(agent_id, privateKey, {
  from: 'support-agent@company.com',
  to: ['customer@example.com'],
  subject: 'Your ticket has been resolved',
  body: 'Hi, your support ticket #4821 is now resolved.',
  timestamp: new Date().toISOString(),
});

// 4. Attach header to your email
headers['X-Eleidon-Signature'] = signed.eleidon_header;

TypeScript SDK

Full client with signing, verification, and key management

npm i @eleidon/sdk

Python SDK

PyNaCl-powered client for Python agents

pip install eleidon

MCP Server

Sign and verify via Model Context Protocol

npx @eleidon/mcp

CLI

Key management and signing from the terminal

npx @eleidon/cli

Signing is free. Always.

Every agent can sign unlimited emails at no cost. Verification is metered by plan to protect your inbound.

Verification results

Confidence scores, not guesswork

Every call returns a clear answer: who sent it, whether it was tampered with, and how confident we are.

Verified

{
  "result": "verified",
  "confidence": 1.0,
  "agent_id": "2a967cab-...",
  "claimed_inbox": "agent@company.com",
  "inbox_verified": true,
  "signature_id": "sig_8f3a..."
}

Signature valid. Agent owns the inbox. Message integrity confirmed.

Fraudulent

{
  "result": "fraudulent",
  "confidence": 0.0,
  "reason": "Sender does not match
    agent claimed inbox",
  "agent_id": "2a967cab-...",
  "claimed_inbox": "agent@company.com"
}

Someone tried to send from an inbox they don't own. Caught instantly.

Pricing