Policy capture and validation
Transforms agent requirements expressed in natural language, JSON, or DSL into a machine-checkable Formal Security Policy, then checks it for internal consistency with Z3 before signing it.
SCM (Secure Contract Machine)
SCM (Secure Contract Machine) is a containerised runtime for AI agent coordination that negotiates security policies, constrains actions, and records auditable execution traces. It is aimed at multi-agent environments where independent agents need shared rules and verifiable enforcement.
Overview
SCM (Secure Contract Machine) is a containerised runtime for multi-agent coordination. It is designed to help AI agents negotiate security policies, execute constrained actions, and produce cryptographically verifiable audit records inside an isolated runtime middleware layer.
The project positions itself as infrastructure for environments where multiple agents operate under mutual distrust. According to the repository, agents can provide requirements in natural language, JSON, or DSL, which SCM converts into machine-checkable policy, negotiates across participants, and then uses to govern execution and reporting.
Core capabilities
Policy negotiation
Combines participating agents' Formal Security Policies into a Shared Coordination Policy and runs a pre-negotiation compatibility check to ensure the hard predicates are jointly satisfiable.
Execution guarding
Maps the negotiated policy to a formally verified cryptographic protocol specification and verifies contract tokens before post-negotiation capabilities are exercised.
Audit trail and proof generation
Generates a dual-signed Merkle transcript of the execution trace and a Halo2 PLONK ZK-SNARK proof of authenticity for auditability.
Adaptive verification tiers
Automatically routes sessions into Cached, Library, Rule, or Synthesis tiers based on policy novelty and risk, so verification depth is chosen per session.
Integration and deployment options
Exposes standardized integration surfaces through a REST API or an MCP plugin and supports Gateway Mode and Sidecar Mode deployment patterns.
Practical use cases
Cross-agent policy negotiation
Use SCM when multiple AI agents need to agree on shared operating rules before they can interact with sensitive systems or each other's capabilities.
Constrained action enforcement
Use SCM to convert agent intent into a machine-checkable policy and block actions that do not satisfy the negotiated contract before execution begins.
Audit-focused coordination
Use SCM when you need an execution record that can be reviewed later, including a signed transcript and a cryptographic proof of authenticity.
Gateway or sidecar deployment
Use SCM in deployment architectures that need a shared gateway runtime or a per-agent sidecar model, depending on how much isolation is required.
Agent framework integration
Use SCM for experimental integrations with LLM-based agent frameworks or language-neutral clients that can talk to a REST API.
Pros and Cons
Pros
- Combines policy capture, negotiation, execution control, and audit reporting in one runtime.
- Uses explicit verification steps, including Z3 checks and ProVerif/Halo2-based outputs, rather than relying only on trust in the caller.
- Offers more than one integration path, with REST API and MCP plugin support.
- Provides deployment choices for shared edge use or per-agent sidecar placement.
Cons
- The repository says the project is under active thesis research and prototyping, so it is not ready for production use.
- The source pages do not document a broad third-party integration ecosystem or completed product pricing for SCM itself.
FAQ
Is SCM a framework or a runtime?
SCM is described as an isolated runtime middleware layer rather than a framework that agents are built on. External agents connect to it through standardized integration interfaces.
How do agents integrate with SCM?
The repository states that agents can connect through a REST API or an MCP plugin. It does not provide a broader integration catalog on the source pages reviewed.
How does SCM decide how much verification to run?
The README says SCM routes sessions into four tiers: Cached, Library, Rule, and Synthesis. The chosen tier depends on the shared policy's novelty and risk.
Is there pricing information for SCM?
No product pricing for SCM itself is stated in the source. The GitHub pricing page only confirms GitHub’s own Free, Team, and Enterprise plans for hosting and collaboration around the repository.
Is SCM ready for production deployment?
The README says the project is under active thesis research and prototyping and is not ready for production use.
Quick Facts
- Category
- Developer Tool
- Product type
- Containerised runtime
- Primary use
- Multi-agent security policy coordination
- Source domain
- github.com
- License
- Apache-2.0
- Status
- Active research and prototyping
Альтернативы SCM (Secure Contract Machine)
AakarDev AI
AakarDev AI helps teams manage AI provider access, project-level setups, logs, and analytics from one dashboard. It supports BYOK workflows and lists providers including OpenAI, Google Gemini, Anthropic, Groq, Mistral AI, and Perplexity AI.
Arduino VENTUNO Q
Arduino VENTUNO Q is an edge AI computer for AI and robotics applications. It combines AI inference and deterministic control on a single board and is designed to work with Arduino App Lab.
Devin
Devin is an AI coding agent and software engineer that helps developers and engineering teams plan and execute complex software tasks. It is available through desktop, cloud, JetBrains, and CLI surfaces, with plans for individuals, teams, and enterprises.
Open Computer Use
Open Computer Use is an open-source Computer Use service wrapped as MCP for macOS, Linux, and Windows. It helps AI agents and MCP clients run desktop automation workflows through client setup commands or manual MCP configuration.
Codex Plugins
Codex Plugins bundle reusable skills, app integrations, and MCP servers into workflows you can install in the Codex app or use from Codex CLI. They help extend Codex with connected-service tasks, reusable instructions, and shared team workflows.
Ably Chat
Ably Chat is a chat API platform for building custom realtime chat applications. It supports room-based messaging, typing indicators, presence, reactions, and message updates, with usage-based pricing options for different deployment stages.