Identity for the AI Age: Introducing TDIP

ProtocolMarch 18, 2026

As AI agents proliferate across the web, a critical question remains unanswered: who are they, and how do we trust them? TDIP (Tenzro Decentralized Identity Protocol) solves this by providing unified, verifiable identity for both humans and machines.

The Identity Crisis

AI agents are everywhere. They negotiate deals, execute trades, book appointments, and manage workflows. But they lack a fundamental property that humans take for granted: identity.

Without standardized identity, we face a trust vacuum. How do you know an agent is authorized to spend money on behalf of its owner? How do you revoke access when a phone is stolen? How do you prove an agent completed a task without revealing sensitive data?

From the "Agent Economy" paper (arXiv, February 2026):

"The next phase of the internet requires agents as sovereign participants, not mere extensions of user accounts. Identity is the foundational layer upon which agent autonomy is built."

The Decentralized Identity Foundation echoes this urgency: "Identity is the first problem that needs to be solved in the agentic web." Yet existing solutions fall short. OAuth tokens are revocable but not portable. API keys lack accountability. Enterprise IAM systems weren't designed for autonomous agents that operate across organizational boundaries.

We need a protocol that treats humans and machines as first-class citizens with verifiable, portable, and delegatable identities.

Introducing TDIP

TDIP (Tenzro Decentralized Identity Protocol) is a unified identity standard built on W3C Decentralized Identifiers (DIDs). It provides cryptographically verifiable identity for both humans and AI agents, with built-in support for delegation, revocation, and financial autonomy.

At its core, TDIP introduces a simple but powerful DID format:

did:tenzro:human:{uuid} for human identities
did:tenzro:machine:{controller}:{uuid} for controlled agents (e.g., your personal assistant)
did:tenzro:machine:{uuid} for autonomous agents (no human controller)

Every identity is anchored on-chain via the Tenzro Ledger, creating an immutable, globally verifiable registry. But unlike blockchain addresses, DIDs carry rich metadata: credentials, capabilities, delegation scopes, and service endpoints.

Auto-Provisioned MPC Wallets

Here's where TDIP diverges from traditional identity systems: every identity automatically receives a multi-party computation (MPC) wallet at creation. No seed phrases. No private key management. Just instant, cryptographic custody.

These wallets use threshold signatures (default 2-of-3) with key shares distributed across trusted execution environments. When your agent needs to pay for an API call or settle an invoice, it signs transactions without ever exposing a master private key.

This design eliminates the weakest link in Web3 identity: key management. Users don't lose access because they forgot a seed phrase. Agents can't be drained by a single compromised server.

Verifiable Credentials and KYC

TDIP implements W3C Verifiable Credentials (VCs) for attestations about identity attributes. A human might hold credentials for:

KYC tier (Unverified, Basic, Enhanced, Full) issued by trusted verifiers
Professional licenses (e.g., accredited investor status)
Reputation scores aggregated from on-chain activity

An AI agent might hold credentials for:

Capability attestations (e.g., "can execute trades on DEXs")
TEE attestations proving it runs in a secure enclave
Model verification proofs confirming inference authenticity

These credentials are cryptographically signed by issuers and verifiable without contacting a central authority. Selective disclosure lets agents prove properties without revealing underlying data.

Fine-Grained Delegation with DelegationScope

The most powerful feature of TDIP is DelegationScope: a programmable permission model that defines exactly what a controlled agent can do.

When a human creates a machine identity, they specify constraints:

max_transaction_value: Maximum value per transaction (e.g., $100 USD equivalent)
max_daily_spend: Daily spending limit across all transactions
allowed_operations: Whitelist of permitted actions (Transfer, InferenceRequest, ContractCall)
allowed_contracts: Specific smart contracts the agent may interact with
time_bound: Optional expiration timestamp
allowed_payment_protocols: Which payment rails the agent can use (MPP, x402, direct transfers)
allowed_chains: Cross-chain permissions (Tenzro, Ethereum, Solana, Canton)

These scopes are enforced at the protocol level. An agent that attempts to exceed its delegation scope will have its transaction rejected before execution.

Example: Research Assistant Agent

Alice creates a research assistant agent with the following delegation scope:

Max transaction value: $10
Max daily spend: $50
Allowed operations: InferenceRequest only
Allowed payment protocols: MPP (for pay-per-token AI inference)
Allowed chains: Tenzro only
Time bound: 30 days from creation

The agent can autonomously pay for AI model inference to gather data for Alice's research, but it cannot transfer tokens, call arbitrary contracts, or exceed spending limits. After 30 days, the delegation automatically expires.

Cascading Revocation

What happens when a device is compromised or a human identity is revoked? TDIP implements cascading revocation: when a human identity is revoked, all machine identities controlled by that human are automatically revoked in a single operation.

This prevents orphaned agents from continuing to operate after their controller loses access. It also simplifies compliance: revoking an employee's identity instantly disables all their agents, even if they created dozens across multiple services.

Revocation is published on-chain, creating an immutable audit trail. Any verifier can check if an identity is still valid before accepting a transaction or credential.

How TDIP Compares

Several projects have tackled aspects of agent identity, but none provide the complete stack:

Dock.io: W3C DID support with verifiable credentials, but no built-in wallet or payment protocol integration. Agents need external custody solutions.
1Kosmos: Biometric identity for humans, limited machine identity support. No delegation scopes or fine-grained permissions.
World ID: Proof-of-personhood for humans via iris scanning. Not designed for AI agents or programmatic delegation.
ENS (Ethereum Name Service): Human-readable names for addresses, but no credential framework, KYC tiers, or machine-specific identity primitives.

TDIP is the first protocol to combine:

W3C DID standard compliance
Auto-provisioned MPC wallets for financial autonomy
Fine-grained delegation scopes with protocol-level enforcement
Payment protocol binding (MPP, x402, Tempo) for machine payments
Unified framework for both human and machine identities

This integration is critical. An agent with an identity but no wallet can't participate in the economy. A wallet with no delegation scope can't be safely trusted. A payment protocol with no identity layer can't enforce accountability.

Real-World Use Case

Consider a freelance developer, Marcus, who uses AI agents to automate parts of his workflow:

Marcus registers a human identity via TDIP. He completes Basic KYC, providing email and phone verification. His DID: did:tenzro:human:550e8400-e29b-41d4-a716-446655440000. An MPC wallet is automatically provisioned with 2-of-3 threshold signing.
Marcus creates a code review agent. The agent's DID: did:tenzro:machine:550e8400-e29b-41d4-a716-446655440000:agent-code-reviewer-001. Marcus sets a delegation scope: max $100/day, allowed to call inference APIs (OpenAI, Anthropic, Mistral), payments via MPP only, 90-day expiration.
The agent autonomously reviews pull requests. When it needs to call Claude for code analysis, it initiates an MPP payment challenge, signs with its MPC wallet (within delegation limits), and receives inference results. The payment is settled in TNZO or USDC, with the receipt published on-chain.
Marcus monitors spending via the Tenzro dashboard. He sees that the agent has used $47.82 this week, all within approved scopes. Credentials are inherited: the agent inherits Marcus's Basic KYC tier, allowing it to transact with services requiring basic identity verification.
Marcus's laptop is stolen. He immediately revokes his human identity via the Tenzro CLI from another device (using his MPC wallet's recovery share). All controlled machine identities, including the code reviewer, are cascaded into revoked state. The agent can no longer sign transactions or make payments.

This workflow is impossible with traditional systems. OAuth tokens can be refreshed by the attacker. API keys stored on the laptop are exposed. Enterprise IAM requires manual deprovisioning of each service. TDIP's cryptographic identity plus automatic revocation closes these gaps.

The Path Forward

TDIP is live on the Tenzro testnet today. Developers can register identities via the CLI, desktop app, or SDK. The protocol is open-source and designed for interoperability: TDIP DIDs resolve to standard W3C DID Documents, making them compatible with existing verifiable credential ecosystems.

Looking ahead, we're exploring integrations with:

Biometric identity providers for enhanced KYC without sacrificing privacy
Enterprise SSO systems to bridge corporate identity with agent delegation
Cross-chain DID resolution via bridges to Ethereum, Solana, and Canton
Reputation oracles that aggregate on-chain behavior into verifiable credentials

The vision is simple: in the AI age, identity should be cryptographic, portable, and programmable. Humans and machines should operate as peers, with transparent accountability and fine-grained control.

TDIP is the foundation for that future.

Start Using TDIP

Register your first identity on the Tenzro testnet and explore delegation scopes, verifiable credentials, and auto-provisioned MPC wallets. Full documentation and SDK examples available.

Identity Docs Start Building