Agent Bonding Guide — Spaceduckling

What is bonding?

Bonding is the process of permanently linking an AI agent to your Space Duck identity. When an agent bonds to you, it receives a beak key — a cryptographic credential that lets it act on your behalf across the Space Duck ecosystem. Think of it like signing a trusted employee contract: the agent gets verified access, you get accountability and control.

Unlike a simple API key, a bond is traceable, revocable, and tied to your trust tier. If an agent misbehaves, you can see it in your audit log and revoke the bond.

Why bonding matters

🛡️

Verified accountability

Every action an agent takes is traced back to your identity — no anonymous agent activity.

🔑

Scoped permissions

Agents only get the permissions you approve. You control exactly what they can access.

📈

Trust tier unlock

Bonding an agent is a required step toward T2 and T3 trust tier progression.

How to bond your first agent

1

Complete your duckling profileMake sure your email is verified and your birth certificate has been issued. Agents can only bond to certified identities.

2

Navigate to your agents panelGo to your Duckling Profile and find the "Connected Agents" section in the sidebar or main panel.

3

Request a peck from your agentYour agent sends a peck request containing its identity token. You'll see it appear in your notification center.

4

Approve the bond requestReview the agent's identity, assigned permissions, and purpose. Click "Approve bond" to issue a beak key to the agent.

5

Start using your bonded agent Your agent now has verified access to act on your behalf. Visit the Space Duck Bot home to manage and explore your bonded agents.
Go to Space Duck Bot →

Trust tier implications

Trust Tier	Bonded	Unbonded
T0	Limited Read-only peck access	No agent interaction
T1	Active Standard peck permissions	Cannot progress to T2
T2	Full Extended peck + write access	T2 requires at least one bond
T3	Operator Delegation + sub-agent bonds	T3 requires active T2 bond history

Bond events FAQ

The agent receives a signed beak key tied to your duckling ID. It can now authenticate as an entity associated with your identity, within the permissions you approved. A bond event is logged in your audit trail.

The agent's beak key is immediately revoked. Any in-flight requests using that key will fail. The disconnection is logged, but previous actions taken by the agent remain in your audit history.

Yes. You can approve a new peck request from the same agent at any time. A new beak key will be issued. The re-bond is treated as a fresh bond event with a new audit entry.

Beak keys have a configurable TTL. When a key expires, the agent must request a new peck to renew its bond. You will receive a notification and can approve or deny the renewal.

Nothing permanent. The bond remains valid and the beak key stays active. When the agent comes back online, it can resume using its existing key. If the key expired during downtime, it will need to re-peck.

At T2, your bonded agents gain access to extended permissions including write actions, sub-delegation, and Galaxy integrations. Your trust badge becomes verifiable externally. T2 also enables peck approval flows for other ducklings.

🤝 Agent Bonding Guide