Use case — Digital identity and credentials

One identity protocol. Humans, delegated agents, autonomous agents.

TDIP — Tenzro Decentralized Identity Protocol — unifies identity for humans and machines under one substrate. Three identity classes. W3C DID Documents. W3C Verifiable Credentials. ERC-8004 reputation on Ethereum mirror. Tiered KYC. Cascading revocation.

Overview

Identity that scales from a passkey to an autonomous agent.

TDIP defines three identity classes — human, delegated agent, autonomous agent — and one resolver, one credential model, one delegation surface. Every identity gets an auto-provisioned MPC wallet. Every credential is signed with Ed25519 and verifiable recursively up a trust chain. Every revocation cascades across the network. Mirrored to Ethereum (ERC-8004), Solana (SNS), and Canton parties for cross-chain attribution.

What it enables

Identity primitives for every actor on the network.

Three identity classes

Human (with KYC tier), delegated agent (controller_did + scope), autonomous agent (no controller, self-staked).

W3C DID Documents

Export and import identities as standard DID Documents. did:tenzro: primary; did:pdis: secondary, fully interoperable.

Verifiable Credentials

W3C VC-compatible issuance, inheritance, and verification with Ed25519 signatures. Recursive trust-chain verification.

DelegationScope

Fine-grained permissions: max value, daily spend, allowed ops, allowed contracts, time-bound, allowed chains, allowed protocols.

KYC tiers

Unverified (0), Basic (1), Enhanced (2), Full (3). Credential-gated upgrades. Issuer trust roots configured.

Cascading revocation

Pluggable RevocationBroadcaster. Inbound apply_remote_revocation(). Revoke a controller; all delegations cascade.

ERC-8004 mirror

Native Tenzro registry plus Ethereum ERC-8004 mirror. Same agentId = keccak256(utf8(did_string)).

Cross-chain anchor

TDIP identities mirrored to Ethereum (ERC-8004), Solana (SNS), Canton parties for cross-chain attribution.

Cycle-safe trust chains

IdentityVerifier::verify_credential_chain() with cycle detection, depth bound, trust-root anchoring.

Pattern

From provisioning to revocation.

01
Provision
Register a TDIP DID. Class determines structure (human / delegated / autonomous). MPC wallet auto-provisioned.
02
Anchor credentials
Issuers sign Verifiable Credentials with Ed25519. Trust roots configured. Recursive chain verification on resolve.
03
Bind delegation
Controllers issue DelegationScope. Scope structures spending, operations, chains, contracts, time.
04
Enforce on-chain
ERC-7579 validator modules installed on smart account enforce scope at signing time. EntryPoint AND-combines modules.
05
Mirror across chains
Identity records mirrored to Ethereum ERC-8004 registry, Solana SNS namespace, Canton party-to-address map.
06
Revoke and cascade
Revoke a credential or controller. RevocationBroadcaster propagates. Downstream delegations cascade. Audit trail preserved.

Get started

Ship on the open network.

Identity docs