Agent Name Service (ANS): A Proof-of-Concept Trust Layer for Secure AI Agent Discovery, Identity, and Governance in Kubernetes

Researchers present Agent Name Service (ANS), a DNS-inspired trust layer for securing AI agent discovery and identity verification in Kubernetes environments. The proof-of-concept implements cryptographic authentication, capability attestation, and policy governance using Decentralized Identifiers and Verifiable Credentials, demonstrating sub-10ms response times in a 50-agent test environment.

The Agent Name Service addresses a critical infrastructure gap in autonomous AI ecosystems: the absence of standardized, secure mechanisms for agent discovery and trust establishment. As AI systems increasingly operate in distributed, multi-agent configurations—particularly in enterprise Kubernetes deployments—the lack of uniform authentication and capability verification creates both security vulnerabilities and operational friction. ANS bridges this gap by adapting DNS principles to AI agent environments, leveraging blockchain-adjacent technologies like DIDs and VCs to establish cryptographic identity and verifiable capability proofs.

The technical foundation reflects growing industry recognition that AI agent governance requires stronger primitives than traditional service-to-service authentication. Current approaches rely on ad-hoc integrations; ANS proposes a native trust layer that prevents unauthorized agent interactions and enforces policy-as-code through Open Policy Agent. The research demonstrates practical feasibility within Kubernetes, the dominant container orchestration platform, making adoption pathways clearer for enterprise deployments.

For developers and infrastructure teams, ANS represents a potential standard for multi-agent system architecture, reducing security engineering costs and improving interoperability across agent platforms. The proof-of-concept performance metrics—sub-10ms latency—indicate minimal operational overhead. However, the authors carefully position findings as evidence-grounded PoC rather than production-ready, noting explicit limitations and unimplemented protocol features. This distinction matters: widespread adoption depends on hardening, threat modeling validation, and integration with existing agent frameworks. The work establishes a reproducible engineering pathway rather than delivering immediate market impact, positioning ANS as infrastructure-layer research likely to influence agent deployment standards over 18-24 months.

• →ANS implements DNS-inspired discovery for AI agents using DIDs and Verifiable Credentials, addressing current gaps in secure multi-agent authentication.
• →Proof-of-concept achieves sub-10ms latency in Kubernetes with 50-agent workflows, demonstrating operational feasibility without production certification.
• →Policy-as-code enforcement via Open Policy Agent enables declarative governance of agent interactions and capability access control.
• →Research carefully delineates implemented evidence from protocol specifications and roadmap features, avoiding overstatement of current capabilities.
• →Enterprise adoption pathway depends on hardening beyond PoC, threat model validation, and integration with existing agent frameworks and platforms.