SAN FRANCISCO — OPAQUE introduced a new open framework for verifying the identity, governance, and actions of AI agents, addressing one of the most pressing challenges emerging in enterprise AI infrastructure: proving that autonomous systems are operating under approved policies and handling sensitive data as intended.
Speaking at the Confidential Computing Summit in San Francisco, OPAQUE unveiled OPAQUE 3.0, a platform that combines confidential computing, cryptographic identity, and hardware-based attestation to create independently verifiable records of AI activity. The release includes two open-source projects: Agent Manifest, which provides cryptographic identity and runtime verification for AI agents, and Confidential MCP, which extends governance controls into the rapidly growing Model Context Protocol (MCP) ecosystem. Together, the technologies aim to provide verifiable evidence of what an AI agent is authorized to do, what actions it performed, and whether governance rules remained enforced throughout execution.
The announcement comes as enterprises move from AI chatbots to autonomous agents capable of accessing corporate data, invoking tools, and executing workflows across business systems. While organizations have invested heavily in model performance and infrastructure scalability, governance, auditability, and compliance remain unresolved challenges. OPAQUE says its platform allows organizations to generate hardware-attested evidence showing which models and agents ran, where they executed, what resources they accessed, and whether policies were enforced. The platform supports confidential computing environments from AMD, Intel, and NVIDIA, including NVIDIA Confidential Computing environments that extend trusted execution protections to GPUs. General availability is scheduled for July 2026.
• OPAQUE 3.0 combines confidential computing, cryptographic identity, governance enforcement, and auditability for AI agents.
• Agent Manifest extends the open-source Agent Governance Toolkit (AGT) with cryptographic identity and runtime integrity verification.
• Confidential MCP adds governance controls and hardware-backed verification to Model Context Protocol interactions.
• The platform supports AMD SEV, Intel confidential computing technologies, and NVIDIA Confidential Computing environments.
• OPAQUE and the UAE’s Technology Innovation Institute (TII) are incorporating post-quantum cryptography to protect long-term integrity of agent identities and audit records.
• OPAQUE says the technology is being evaluated by financial institutions, enterprise software providers, and sovereign AI initiatives.
“The more autonomous your AI agents become, the more your security posture has to keep pace — capability without accountability is a liability,” said Aaron Fulkerson, CEO of OPAQUE. “Organizations deploying AI agents are stuck on a question existing tooling can’t answer: is this agent still governed the way I intended, and can I prove it to someone with no reason to trust me? OPAQUE 3.0 provides hardware-enforced governance and independently verifiable evidence of agent activity.”
🌐 Analysis
The significance of this announcement extends beyond a single product launch. The AI industry is rapidly moving toward agentic systems that can interact with databases, applications, APIs, and enterprise workflows with limited human oversight. As these agents gain greater autonomy, enterprises face a new challenge: proving that an AI system followed approved policies and did not exceed its authorized permissions. This creates a new infrastructure layer focused on governance, identity, attestation, and auditability—functions that traditional AI platforms and security tools were not designed to provide.
OPAQUE is positioning itself within a growing ecosystem that includes confidential computing initiatives from AMD, Intel, NVIDIA, Microsoft, Google Cloud, and major cloud providers. The company’s emphasis on open standards is notable because governance mechanisms will likely need to operate across multiple AI frameworks, clouds, and models. The introduction of Agent Manifest and Confidential MCP also reflects growing industry interest in securing MCP, which has emerged as a common interface for connecting AI agents to tools and enterprise systems. As regulators increasingly demand evidence-based compliance and organizations deploy agents into production environments, verifiable execution and cryptographic proof may become as important to AI infrastructure as observability and cybersecurity are today.
| Profile: OPAQUE (Updated June 2026) | |
| Headquarters | San Francisco, California |
| Founded | 2021 |
| Origins | Spinout from UC Berkeley RISELab (now Sky Computing Lab) |
| Founders | Dr. Ion Stoica, Dr. Raluca Ada Popa, Rishabh Poddar |
| Leadership | Aaron Fulkerson (CEO), Imran Siddique (Chief Platform Officer), Rishabh Poddar (CTO) |
| Core Focus | Confidential AI, confidential computing, AI governance, trusted execution environments, cryptographic attestation |
| Key Technologies | OPAQUE 3.0, Agent Manifest, Confidential MCP, Confidential AI Platform |
| Open Source Projects | Agent Manifest, Confidential MCP, Agent Governance Toolkit ecosystem |
| Hardware Ecosystem | AMD SEV, Intel TDX/SGX ecosystem, NVIDIA Confidential Computing |
| Enterprise Focus | Financial services, healthcare, government, enterprise software, sovereign AI |
| Strategic Differentiator | Hardware-attested evidence proving governance policies were enforced during AI execution |
| Key Partners | Technology Innovation Institute (UAE), AMD, NVIDIA, Intel ecosystem |
| Recent Milestone | Launch of OPAQUE 3.0, Agent Manifest, and Confidential MCP at the 2026 Confidential Computing Summit |
| AI Infrastructure Impact (Updated June 2026) | |
| Current AI Challenge | Most enterprises can monitor AI outputs but cannot independently prove how an AI agent behaved during execution. |
| Emerging Risk | AI agents increasingly access databases, SaaS platforms, APIs, internal systems, and sensitive enterprise data. |
| Infrastructure Gap | Observability tools show what happened after execution; governance platforms seek to prove policy enforcement during execution. |
| Industry Trend | Movement toward confidential computing, trusted execution environments, AI attestation, and cryptographic verification. |
| Role of MCP | MCP is becoming a common interface for agent-to-tool interactions, creating demand for governance and security controls. |
| Regulatory Driver | AI regulations increasingly require evidence of compliance, auditability, provenance, and policy enforcement. |
| Long-Term Vision | Verifiable AI may become a foundational layer of enterprise AI infrastructure alongside networking, storage, security, and observability. |