Accepted-issuer model
Only KYC organisations approved by the compliance council may issue credentials that verifiers will accept. Your on-chain record carries your public keys, authorization state and the assurance tiers you are permitted to issue.
In plain terms: issuers are the organisations that check who someone is, once, and vouch for them from then on. Only council-approved KYC organisations may issue accepted credentials on MintID. You run the KYC, sign the credential, and publish a live status root — but you are the only party that can ever link a credential back to a person, and only under documented due process.
Each issuer is recorded on-chain with its public keys, allowed assurance tiers, authorization state, bond status and status-root metadata. The protocol holds you to those commitments cryptographically.
Only KYC organisations approved by the compliance council may issue credentials that verifiers will accept. Your on-chain record carries your public keys, authorization state and the assurance tiers you are permitted to issue.
You issue credentials at assurance tiers A1 through A4 according to the depth of verification performed. The grade travels with the credential as a provable claim, never as exposed personal data.
You publish a signed status heartbeat and root at least every 30 seconds, or faster. Verifiers check a credential against your latest finalized root, so revocations and changes propagate without ever revealing who a credential belongs to.
A separately registered emergency key lets you push an emergency status root immediately. It takes effect on finality and is publicly attributable, so a compromised credential can be cut off without waiting for the next heartbeat.
You lock a native-token bond as slashable collateral — your activation depends on it, and only your own operator account can post it. The compliance council adjudicates misconduct through a documented, evidence-committed process that can suspend or revoke an issuer at the issuer level; if a slash leaves your bond under the protocol minimum, suspension is automatic and immediate. Routine key rotation stays in your hands: you rotate your own keys with your operator account, no committee involved — the council only steps in, through due process, if your operator key itself is lost or compromised.
You are the only party holding the private vault and case reference that can link a credential — including an agent credential — back to a human. That link is released only under due process — for agent disputes, decided by an independent arbiter and supervised by the council — and never on-chain.
Issuance and status live in your own off-chain services. The chain only ever sees signed roots and metadata — never personal data, documents or the credentials themselves.
An OpenID4VCI endpoint issues credentials to holders after KYC, binding each one to your signing keys and assurance tier.
A registry tracks the live status of every credential you have issued — active, suspended or revoked — without storing who holds it.
A builder compiles the registry into the signed status root you publish at least every 30 seconds for verifiers to check against.
An adapter connects your existing KYC and identity-verification pipeline so the protocol never sees source documents or personal data.
Hardware-backed signing protects your issuer and emergency keys so roots, credentials and revocations cannot be forged.
A relayer submits signed roots and metadata to the chain and tracks finality, keeping your on-chain state current.
Issuer admission runs through the compliance council. Talk to us about approval, allowed tiers and bonding, or read how issuance, status roots and the registry economics fit into the protocol.