From 3964cd1cb4452fe69e09e8f7b77c91c2d1d408cc Mon Sep 17 00:00:00 2001 From: ruFFaa <41384293+ruFFaa@users.noreply.github.com> Date: Mon, 28 Apr 2025 08:03:34 +0200 Subject: [PATCH] Update ROADMAP.md --- docs/ROADMAP.md | 40 ++++++++++++++++++++++++++++------------ 1 file changed, 28 insertions(+), 12 deletions(-) diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md index 23e8248..43afdfa 100644 --- a/docs/ROADMAP.md +++ b/docs/ROADMAP.md @@ -1,3 +1,4 @@ + # AgentVault Project Roadmap This document outlines the planned development phases and features for the AgentVault ecosystem. Our goal is to create a secure, interoperable, and easy-to-use platform for AI agent communication based on open standards like A2A and MCP concepts. @@ -26,11 +27,6 @@ The AgentVault project has established a functional baseline across its core com 1. **Automation Scripts:** * **TODO:** Finalize and test `automation_scripts/` (`av_create_package_agent`, `av_deploy_register_agent`, `av_find_run_task`). Ensure they work reliably with the latest components. * **TODO:** Refine agent template generation (e.g., better `.env` setup based on selected options). -2. **Testing & Coverage:** - * **TODO:** Implement CI workflow for running `pytest` across all components. - * **TODO:** Integrate `pytest-cov` and add coverage reporting/thresholds to CI. - * **TODO:** Increase test coverage, focusing on complex logic (client state machine, registry auth flows, SDK router edge cases, CLI interactions). - * **TODO:** Add basic end-to-end tests (e.g., CLI -> Registry -> Mock Agent). 3. **Registry Enhancements:** * **TODO:** Investigate and potentially optimize developer programmatic API key lookup performance if needed for scale. * **TODO:** Implement email-based password reset flow (currently placeholder). @@ -39,18 +35,38 @@ The AgentVault project has established a functional baseline across its core com * **TODO:** Provide examples or interfaces for persistent `BaseTaskStore` implementations (e.g., Redis, SQL). * **TODO:** Review and standardize error handling and logging across all components for consistency. 5. **Documentation Polish:** - * **TODO:** Fill in remaining placeholders in policy documents (Contact emails). * **TODO:** Add more diagrams where helpful (e.g., auth flows). * **TODO:** Review all guides for clarity and accuracy against latest code. ## Future Considerations (Phase 3 & Beyond) -* **Multimodality (WebRTC):** Integrate `aiortc` for optional real-time audio/video streaming. -* **Deeper MCP Integration:** Align with finalized MCP specifications, provide SDK helpers. -* **TEE Attestation Verification:** Implement client-side verification of TEE attestations. -* **Registry Features:** Community reviews/ratings, usage analytics (opt-in), advanced search, key rotation. -* **Other Language SDKs/Libraries:** Explore SDKs for Node.js, Go, etc. -* **Security Audits:** Formal third-party security reviews. +**Objective:** Expand AgentVault into a comprehensive, enterprise-ready platform for secure, scalable, and truly intelligent multi-agent collaboration across diverse environments. + +**Key Areas:** + +1. **Federated Registry & Discovery:** + * Design and implement protocols for secure, policy-based discovery between independent AgentVault Registry instances (private enterprise, partner, public). + * Develop mechanisms for establishing and managing trust relationships between registries. + * Enhance Agent Cards to support federation metadata and cross-domain policies. +2. **AgentVault Identity Fabric (Zero Trust IAM for Agents):** + * **Goal:** Implement a robust, fine-grained Identity and Access Management system specifically for agents, complementing existing user IAM (like Entra ID). + * **Agent Identity (SPIFFE/SPIRE):** Integrate SPIFFE/SPIRE for issuing verifiable, short-lived cryptographic identities (SVIDs) to agent workloads, enabling strong mTLS authentication for A2A. + * **Capability-Based Authorization (OAuth2 Scopes/Token Exchange):** Define granular permission scopes based on agent capabilities (from Agent Cards). Implement OAuth 2.0 Token Exchange flows to issue delegated, capability-scoped tokens for agent interactions, enforcing the Principle of Least Privilege. + * **Policy Engine Integration (OPA):** Integrate Open Policy Agent (OPA) for decoupled, dynamic authorization decisions based on agent identity, user context, requested capabilities, and custom enterprise policies (Rego). + * **Secure Context Propagation:** Define standardized methods for securely passing necessary user and call-chain context between agents. + * **Synergy:** This Identity Fabric provides the necessary security primitives for secure and scalable Federated Registry interactions. +3. **Enhanced A2A/MCP Capabilities:** + * **Multimodality (WebRTC):** Integrate `aiortc` or similar libraries for optional real-time audio/video streaming capabilities within the A2A framework. + * **Deeper MCP Integration:** Fully align with finalized Model Context Protocol specifications, providing robust SDK helpers for standardized tool use and context passing. +4. **Advanced Security & Trust:** + * **TEE Attestation Verification:** Implement client-side cryptographic verification of Trusted Execution Environment attestations declared in Agent Cards. + * **Key Rotation & Management:** Enhanced features for managing registry API keys and potentially agent-level credentials. + * **Formal Security Audits:** Engage third-party experts for comprehensive security reviews of the core framework and protocols. +5. **Ecosystem & Usability:** + * **Persistent Task Stores:** Provide robust, production-ready `BaseTaskStore` implementations (e.g., Redis, SQL database). + * **UI Enhancements:** Improve Agent Builder capabilities, add registry analytics/monitoring dashboards. + * **Other Language SDKs/Libraries:** Explore SDKs for other popular languages like Node.js, Go, etc., based on community demand. + * **Community Features:** Implement features like agent reviews/ratings within the registry. ## Contributing