Offline: Age-Verified Medication Purchase
The Interaction
A user proves eligibility at a physical pharmacy without sharing their identity card. The digital wallet generates a cryptographic Zero-Knowledge Proof (ZKP) that proves the holder is over 18 without revealing the actual birthdate or name.
Privacy Outcome
The pharmacy receives a simple “True” response. Crucially, the government issuer is never contacted during the transaction, preventing the state from tracking where or when the user shops. By design, the pharmacy never receives customer PII, eliminating the risk of data spills or the unauthorized monetization of personal information.
Online: Regulated Stablecoins & DeFi
The Interaction
A bank issues a Verifiable Credential confirming a user has passed KYC and is not on a sanctions list. The user presents this to a DeFi protocol to deposit USDC. The protocol verifies the bank’s signature and the ZKP claim instantly.
Compliance Outcome
The DeFi protocol maintains 100% regulatory compliance without ever seeing the user’s Passport or PII. The bank “attests” to the status, the protocol “verifies” the math, and the user remains pseudonymous.
Agentic AI: Travel Bot Corporate Booking
The Interaction
You authorize an AI travel agent to book hotels on your behalf using a Verifiable Delegation. This cryptographic statement grants the agent a “least privilege” right to prove your corporate discount eligibility for a specific window of time without sharing your actual identity or password.
Security Outcome
The hotel verifies that a valid Acme Corp employee authorized this specific agent for this specific booking. The agent never possesses your private keys, and the hotel never sees your personal PII—only the proof of your discount eligibility.
| FEATURE | DECENTRALIZED IDENTITY SOLUTION |
|---|---|
| No Shared Secrets | Agent acts via signed delegation; it never learns your private key or password. |
| Least Privilege | Delegation is scoped by purpose and time, preventing unauthorized personal use. |
| Revocability | You can kill the agent’s permissions instantly via a revocation registry. |
| Privacy Preservation | Hotel confirms “Authorized Discount Status” without storing your employee record. |
Agentic AI: Verified Delegation & Mutual Trust
The Double-Sided Handshake
Trust is a two-way street. The User provides a Verifiable Delegation to the Agent, but the Agent must also prove its own legitimacy. It presents a “Software Attestation” proving it is a genuine, non-malicious AI service registered on the public registry.
Verified Legitimacy
The Hotel Booking System verifies two things simultaneously: 1) The Agent is an authorized representative of a valid employee, and 2) The Agent’s software footprint matches a certified, secure version of the travel bot.
Verification Mechanism
This utilizes Mutual DID Authentication. The Hotel doesn’t just check your credentials; it challenges the Agent to prove it is the specific entity you authorized. This prevents “Ghost Agents” from impersonating your bot to steal corporate rates.