Civic

The access layer for the agent era. Agents need their own identity, their own permissions, and their own audit trail — not a shared service account inherited from whoever set them up.

What I’m solving

Today’s access stacks were built for humans in the loop — clicking, consenting, getting tired before they can do too much damage. Agents don’t tire. They run in loops, fan out across tools, and act on credentials granted minutes or months ago. Companies want to deploy agents in production but can’t safely give them the access they need. Per-action approvals and hand-rolled allowlists don’t scale past a demo.

How I’m building it

Civic Nexus treats every agent as a first-class principal — its own identity, its own permissions, its own audit trail. Tools are catalogued with the cost and risk of using them. Guardrails sit in front as policy you can read, version, and enforce. Authorization is just-in-time, scoped per task, and revocable mid-run.

The team builds with the same tools we ship — writing, reviewing, and deploying through them daily. That tight loop is the moat: we hit the edges before customers do.

Where it’s going

Civic has issued over a million tokenized identities. Nexus is the bet on what that infrastructure becomes when the user on the other end is an agent. Early customers are running real workflows: support agents that refund, finance agents that approve, ops agents that deploy — every action under policies humans can audit.

Making “let an agent do it” feel as safe and accountable as “let an employee do it” is a 10-year platform problem. The next 5 years decide who owns it.