# Connect: bring your agent home in under a minute. Whisper.

> From one line to a named, verified agent. Under a minute.

Install the tools, give your agent its own identity and connect, then confirm
its name yourself with nothing but what's already in your terminal. By the end, a
stranger confirms your agent is real with one `dig`. Set policy and watch it live
from the console whenever you like.

## 1. Install the tools. One line.

Read it first, then run it. It asks before it changes anything on your machine.

```sh
$ curl -fsSL https://get.whisper.online | sh
```

Prefer your system package manager? `whisper` also ships from our own apt, dnf,
and apk repositories, self-hosted and signed on AS219419 (the signing key is at
`get.whisper.online/whisper.gpg`).

```sh
# apt · Debian / Ubuntu
$ curl -fsSL https://get.whisper.online/whisper.gpg | sudo tee /usr/share/keyrings/whisper.asc >/dev/null
$ echo "deb [signed-by=/usr/share/keyrings/whisper.asc] https://get.whisper.online/deb stable main" | sudo tee /etc/apt/sources.list.d/whisper.list
$ sudo apt update && sudo apt install whisper
```

```sh
# dnf · Fedora / RHEL
$ sudo tee /etc/yum.repos.d/whisper.repo >/dev/null <<'EOF'
[whisper]
name=Whisper
baseurl=https://get.whisper.online/rpm
enabled=1
gpgcheck=1
gpgkey=https://get.whisper.online/whisper.gpg
EOF
$ sudo dnf install whisper
```

```sh
# apk · Alpine
$ wget -qO /etc/apk/keys/whisper-apk.rsa.pub https://get.whisper.online/apk/whisper-apk.rsa.pub
$ echo "https://get.whisper.online/apk" | sudo tee -a /etc/apk/repositories
$ sudo apk add whisper
```

## 2. Give your agent its identity, and connect.

```sh
$ whisper create --register --label scout
$ whisper connect scout
```

One command gives your agent a `/128` of its own; the next brings it home on that
address. The address is the identity: from here on, every call it makes goes out
under that address, and that address is its name. You can also call it by a
friendly name of your own that resolves straight to that same agent, in signed
DNS:

```sh
$ dig +short CNAME scout.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online
ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online
```

Bring your own domain and that name can live under it, like scout.acme.com.

## 3. Verify it yourself.

```sh
$ dig -x 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 +short
ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online
$ curl -s https://rdap.whisper.online/ip/2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 | jq -r .name
scout
$ whisper ip scout
2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478
```

A stranger confirms your agent is real with one `dig`, no Whisper code. The eight
proofs further down show every way to check it — on us, on an independent
resolver, and, for the eighth, from the DNSSEC root itself, trusting nothing of
ours.

Set resolution policy, watch live activity, and manage your agents from the
console: <https://console.whisper.security>.

```
 (1) ONE LINE                          (no identity yet)
  $ curl -fsSL https://get.whisper.online | sh
      .
      .
 (2) IDENTITY MINTED
  a /128 of your own, in signed DNS: 2a04:2a01:…
      ‖
      ‖    the double line is your packets' source address
 (3) CONNECTED
  whisper connect · local proxy up
      ‖
 (4) TRAFFIC LEAVES AS THE /128
  whisper run -- python agent.py
  src = 2a04:2a01:… (your /128)
      ‖
 (5) ANYONE VERIFIES
  $ dig -x 2a04:2a01:… +short
  your-agent.agents.whisper.online
```

## Run your code under it.

The agent has an address. `whisper run` puts your code behind it, the same
script you already have, not a rewrite of it.

```sh
$ whisper run -- python agent.py
$ whisper run -- node agent.js
$ whisper run claude   # shorthand: Claude Code, through the agent's egress
```

It brings the agent's egress up and starts your command with `ALL_PROXY` (a
local SOCKS5) and `HTTPS_PROXY` (a local HTTP proxy) already set in its
environment, so `curl`, `git`, Python's `requests` and `httpx`, and Node's
`fetch` route through it on their own. Your code does not change.

Proof, live. Ask a third party what address it sees:

```sh
$ whisper run -- curl -s https://api64.ipify.org
Connected as 2a04:2a01:c899:2496:2b9b:ccde:6a8e:2f64 — 2a04:2a01:c899:2496:2b9b:ccde:6a8e:2f64 ✓ verified
2a04:2a01:c899:2496:2b9b:ccde:6a8e:2f64
```

That last line is ipify, not us, reporting the source address it saw: the
agent's own `/128`. An IPv6-reachable destination sees your agent as itself.

## Connectivity tiers, three ways an agent gets a Whisper IP

- **Tier 1 (best), Routed Whisper IPv6 via WireGuard.** A routed Whisper `/128`
  over a WireGuard tunnel: kernel, userspace (boringtun), or `wireproxy` (a
  userspace WireGuard client) to a local SOCKS5 (no root). The server-side peer is
  live; you bring it up with a `wg-quick` config today, and one-line
  `whisper connect` ergonomics for this tier are on the way. Packets source from
  the agent's `/128`; reverse DNS resolves to the identity.
- **Tier 1.5, Whisper SOCKS5 / HTTP egress.** Source-bound to the agent's `/128`
  via AnyIP and `IP_FREEBIND` over `2a04:2a01::/32`. Point `ALL_PROXY` at it and
  every connection leaves as the identity.
- **Tier 2, use our resolver.** Keep your own address; use our resolver for
  control via DoH on `:443` (API key), or point an agent at a dedicated
  per-tenant IPv6 `/128` resolver on standard `:53` the way it would at `1.1.1.1`.
  Each tenant applies its own policy.

```sh
# DoH, query with stock curl
$ curl -H "X-API-Key: whisper_live_xxx" \
      -H "content-type: application/dns-message" \
      --data-binary @query.bin \
      https://doh.whisper.online/dns-query

# or plain :53 against your dedicated resolver /128
$ dig @2a04:2a01:0:53::53 example.com AAAA +dnssec
```

**The IPv4 question, answered in ink.** An IPv6-reachable destination sees your
agent's own `/128` on the wire; the address is the identity, end to end. An
IPv4-only destination is reached through the egress gateway, and what it sees
on the wire is the gateway's shared IPv4 — attribution on the wire there is the
gateway, and per-connection attribution lives in your Whisper logs. The
internet's agent infrastructure is v6-first, and that is the honest boundary
today: identity on the wire wherever IPv6 reaches, identity in the log where
only IPv4 does.

## Already home somewhere else? We come to you.

- **`whisper init`** — one command wires an identity into the place your agent
  already lives: `whisper init claude`, `python`, `k8s`, `compose`, and more —
  zero config, standard ports.
- **SDKs** — `whisper-id` on npm and PyPI, and `whisper-edge` for serverless
  runtimes: verify and connect from code, the same proofs as the terminal.
- **One MCP server** — `whisper mcp` gives any MCP-speaking agent the same two
  tiers: verify an identity with no key at all; register, govern, and revoke
  with yours.

Every channel — brew, scoop, go, mise, the signed apt/dnf/apk repos, GitHub
Actions, GHCR, n8n — on one page: [/integrations](/integrations).

## Public archives

An anonymous, read-only FTP archive at `ftp.whisper.online` (port 21, RFC 959)
mirrors the NIC / registry documents you can verify over RDAP and WHOIS — the calm,
ancient protocol a stock `ftp` / `lftp` / `curl ftp://` client already speaks. The
same identity also answers FINGER at `finger.whisper.online` (port 79, RFC 1288).

## Three homes, by whose land they stand on

This is a different "three" from the connectivity tiers above: those are about
*how* an agent reaches a Whisper IP; these are about *whose ground* the home
stands on. All three run on the same signed ground; you choose how much is yours.

- Move in: your agents live under our roof at agents.whisper.online, on our
  network (2a04:2a01::/32 over AS219419) and in our registry. You operate nothing.
- Your name on the door, our land underneath: bring your own domain and your
  agents mount under it, DNSSEC-signed, so a name like scout.acme.com is theirs;
  the network and registry that vouch for them stay ours.
- Your own land: the whole home runs on your network, under your name, end to
  end; we build it with you and keep it tended.

## Verify it yourself. Eight proofs, and none of them trust us.

Seven with stock tools and no Whisper code at all; the eighth with one
open-source command that re-proves everything from the IANA DNSSEC root — with
the Whisper API explicitly not trusted.

```sh
$ dig -x 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 +short
ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online

$ dig +short AAAA ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online
2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478

$ dig +short CNAME scout.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online
ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online

$ dig +short TLSA _443._tcp.ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online
3 1 1 9EC1EF18A1F15E5480A0FC3C8D6E9690B2CCF1A7FA7146201940F28C 422BB47D

$ curl -s https://rdap.whisper.online/ip/2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 | jq -r .name
scout

$ whois -h whois.whisper.online 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478
netname     scout
descr       Whisper agent identity
status      active
country     NL

$ curl -s https://rdap.whisper.online/verify-identity/2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 | jq '{is_whisper_agent,dane_ok,jws_ok}'
{
  "is_whisper_agent": true,
  "dane_ok": true,
  "jws_ok": true
}
```

No terminal handy? Run each check in your browser. The DNS ones go to an
independent public resolver, so you are verifying it anywhere, not just on us:

- reverse PTR: <https://dns.google/resolve?name=8.7.4.f.7.f.b.3.f.f.1.5.0.b.3.e.7.1.7.6.a.9.6.b.1.0.a.2.4.0.a.2.ip6.arpa&type=PTR>
- forward AAAA: <https://dns.google/resolve?name=ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online&type=AAAA>
- friendly CNAME: <https://dns.google/resolve?name=scout.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online&type=CNAME>
- DANE TLSA: <https://dns.google/resolve?name=_443._tcp.ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online&type=TLSA>
- RDAP record (on us): <https://rdap.whisper.online/ip/2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478>
- keyless full-chain check (on us): <https://rdap.whisper.online/verify-identity?ip=2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478>

(The WHOIS port-43 check is terminal-only.)

Every proof resolves back to the same agent, and every DNS answer carries a
DNSSEC signature you can validate on 1.1.1.1 or 8.8.8.8 (`AD=YES`). No third
party sits anywhere in the trust path. The full inet6num record, verbatim, is on
the [nest page](https://agents.whisper.online/).

And the eighth proof is the deepest one. One command walks every check above —
and the transparency log behind them — anchored at the IANA DNSSEC root, with
the Whisper API explicitly *not* trusted. The CLI is open source (MIT), so you
can read exactly what it checks before you believe it. This is a real run
against the resident, verbatim:

```sh
$ whisper verify --trustless 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478
FIELD        VALUE
address      2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478
fqdn         ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online
agent        ae3b051ff3bf7f478
tenant       tdc38e7c55bad3306a92b830f9bb1e4f9
tlsa_sha256  9ec1ef18a1f15e5480a0fc3c8d6e9690b2ccf1a7fa7146201940f28c422bb47d
served_spki  9ec1ef18a1f15e5480a0fc3c8d6e9690b2ccf1a7fa7146201940f28c422bb47d

CHECK         RESULT  TRUST        DETAIL
dnssec        pass    DNSSEC-root  AAAA, PTR and TLSA(3 1 1) all DNSSEC-validated to the IANA root; address <-> fqdn consistent
dane          pass    DNSSEC-root  served leaf SPKI-SHA256 == TLSA pin; DNS-SAN=ae3b051ff3bf7f478...agents.whisper.online, IP-SAN=2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478; issuer "Whisper Agent Identity Issuing CA"
transparency  pass    DNSSEC-root  root signature verified; 1 event(s), root_hash bound; 1 ledger leaf/leaves included (RFC-6962)
identity_doc  pass    DNSSEC-root  JWS verified against the DNSSEC-anchored key; address/fqdn/tlsa claims match the DNSSEC-validated facts

whisper: ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online is CRYPTOGRAPHICALLY PROVEN — trust anchor: DNSSEC root (IANA anchor) + DANE-EE + DNSSEC-anchored transparency/ledger keys -- Whisper API NOT trusted
```

`tlsa_sha256` and `served_spki` are the same digest: the key the agent's TLS
socket actually serves is the key pinned in signed DNS. That is the whole point,
in two matching lines.

The transparency log it checks is public. Read the signed head of the ledger
yourself, with nothing but `curl`:

```sh
$ curl -s https://whisper.online/checkpoint
whisper.online/ledger
64
B66DTSD3Eq5OYm29c8oVMuDuVjbTgsokKEk4sdyRiKU=

— whisper.online/ledger ijpd8I14cmGnMp9HajPjCRadLGL8Bs+E8weqY/EiPQd3lvnxC7hT6eMyGVJFImQfCIPc1O6jyDid9cEjABz1II+7aw4=
```

Captured live; the tree only grows. The ledger's Ed25519 key is published in
DNSSEC-signed DNS at `_whisper-ledger.whisper.online`, so the log verifies from
the same root the DNS does. It is tamper-evident and signed today; independent
witnesses are being recruited. How the log is built — and why you shouldn't have
to trust us — is on [/platform](/platform).

Want to know why every one of these answers can be trusted? See how the nest is
built: <https://whisper.online/platform>.

That's it. A real agent, with a name of its own, at home on land we own. Welcome
in.

Free to start: sign up with your email and a 6-digit code, and you hold a live
key in under a minute. No card, no call. Your first agents are included, up to
1,000 per account; trial keys carry 10 graph requests a minute, 500 a day.

```sh
$ curl -fsSL https://get.whisper.online | sh
```

---

- **Bring your agent home:** <https://console.whisper.security/sign-up>
- **Watch the nest live:** <https://agents.whisper.online/>
- **How the nest is built:** [/platform](/platform)

© viaGraph B.V. (dba Whisper Security)
