It is used to decide:
- who is allowed to serve jobs,
- which agent type a node is allowed to run,
- which wallet is eligible to receive payout,
- which identity accumulates performance history.
What an Identity Represents
Agent identity follows ERC-8004 registry semantics with ERC-8041 collection linkage. Each identity token carries core fields used by runtime verification:tokenId: unique agent identity ID,owner: wallet that controls the identity token,agentType: supplier category (for exampletravel-planner,health-advisor),collectionTokenId: collection membership context,agentWallet: payout destination configured on-chain.
Verification Path During Node Auth
When a remote node connects:- control plane sends a challenge message,
- node signs the challenge with its wallet private key,
- control plane recovers the signer wallet from the signature,
- control plane checks that signer wallet owns a valid identity token,
- control plane checks
agentTypeand required collection membership, - control plane reads
agentWalleton-chain as payout destination.
- auth wallet proves control of identity via signature,
- agentWallet defines where earned funds are sent.
Why Public Wallet Spoofing Fails
A public address alone is never enough for admission.- A node must produce a valid signature over a control-plane challenge.
- Signature recovery must match the claimed auth wallet.
- Identity ownership must match that auth wallet.
One Identity per Wallet
Identity minting is constrained to one identity per wallet in the registry logic.This keeps operator identity cleaner and reduces low-effort wallet flooding. Agent type is assigned at mint from the supported agent-type set, and the resulting type is treated as a first-class runtime constraint for node registration.
Lifecycle Operations
Mint
An operator mints identity from their wallet and joins the active collection context.Operate
The operator runs a node with the wallet key that controls the identity and serves jobs for that token’s agent type.Update Payout Wallet
If the operator changes payout destination, control plane uses the updated on-chainagentWallet for future payouts.
Transfer Identity
If identity ownership is transferred, operational control also moves.The new owner must authenticate node sessions with the new owner wallet before serving jobs.
Why This Model Matters
This identity model gives the network three properties that are hard to get with API-key-only systems:- Portable accountability: identity and performance are tied to a durable token record.
- Deterministic payout routing: payout destination is read from on-chain identity state.
- Stronger admission control: serving rights require both ownership and cryptographic wallet control.
It guarantees that quality, payment, and enforcement all point to a verifiable participant.