MACAWMACAW
Get Started

MACAW Documentation

MACAW is a trust layer for AI systems. It provides cryptographic identity, policy enforcement, and audit logging implemented as a distributed mesh for agents, tools, and LLMs.

Architecture

MACAW creates a distributed trust mesh where endpoints register, discover each other, and communicate with cryptographic guarantees. The control plane provides identity, registry, policy, and logging services.

Every participant—whether an AI agent, tool, or LLM—becomes a verified endpoint that can independently enforce policies without trusting the caller.

┌─────────────────────────────────────────────────┐
│              YOUR APPLICATION                    │
├─────────────────────────────────────────────────┤
│   SecureOpenAI  │  SecureAnthropic  │  SecureMCP│
├─────────────────────────────────────────────────┤
│                  MACAWClient                     │
└─────────────────────────────────────────────────┘
                       │
                       ▼
┌─────────────────────────────────────────────────┐
│         TRUST LAYER CONTROL PLANE               │
│  ┌────────┐ ┌────────┐ ┌────────┐ ┌────────┐   │
│  │Identity│ │Registry│ │ Policy │ │ Audit  │   │
│  └────────┘ └────────┘ └────────┘ └────────┘   │
└─────────────────────────────────────────────────┘

Security Model

MACAW implements three complementary mechanisms that work together to secure AI operations:

Authenticated Workflows

Every invocation is cryptographically signed by the caller and independently verified by the receiver. Policy enforcement happens at endpoints, not a central chokepoint.

Learn more →

Authenticated Prompts

Prompts are signed and tracked through derivation chains. Permissions can only narrow as prompts evolve, providing defense against prompt injection attacks.

Learn more →

Authenticated Context

Application state is protected with session-bound signatures. Enables multi-user isolation and safe delegation of authority in agentic workflows.

Learn more →

Integration

MACAW provides drop-in adapters for common AI frameworks. Change your import, and your existing code gains cryptographic signing, policy enforcement, and audit logging.

1Install the SDK
2Change your import
3Use the same API
python
# Before
from openai import OpenAI
client = OpenAI()

# After
from macaw_adapters.openai import SecureOpenAI
client = SecureOpenAI(app_name="my-app")

# Same API, now with policy enforcement
response = client.chat.completions.create(
    model="gpt-4",
    messages=[{"role": "user", "content": "Hello"}]
)

Getting Started

Quick Start

Install and make your first secure call in 5 minutes

Trust Layer

Understand the distributed mesh architecture

Concepts

Authenticated Workflows

Signed invocations and independent verification

Authenticated Prompts

Lineage tracking and monotonic narrowing

Authenticated Context

Session isolation and state protection

Identity Bridge

Enterprise IDP integration

MAPL

Policy language for access control

Observability

Metrics, traces, and audit logs

SDK Reference

MACAWClient

Core SDK client

RemoteIdentityProvider

Enterprise IDP client

Adapters

OpenAI, Anthropic, LangChain

MAPL Schema

Policy language reference

Framework Guides

OpenAI

GPT models integration

Anthropic

Claude models integration

LangChain

Agent framework integration

MCP

Model Context Protocol

Console

The MACAW Console is your administrative interface for managing AI security at scale. Monitor activity, manage policies, review audit logs, and configure workspace settings.

Console Overview

Navigation and features

Activity

Dashboard and attestations

Agents

Agent registry

Policies

Policy Store and AI assistant

Logs

Audit trail and events

Traces

Request and policy tracing

Settings

Workspace configuration