10-second perishable proofs
A presentation is valid for only 10 seconds. Within that window a single bound session can satisfy multiple predicates against one credential or across several, then it expires and cannot be replayed.
In plain terms: verifiers are the businesses that need an answer — “over 18?”, “accredited?”, “a real human behind this agent?” — without holding anyone’s data. You ask a holder to prove a fact and get back a cryptographic answer, not an identity. Presentations are valid for ten seconds, bound to your exact request, and never written to the chain.
The protocol is designed so that the safest record to keep is almost no record at all. You prove a person met your policy without ever storing who they are.
A presentation is valid for only 10 seconds. Within that window a single bound session can satisfy multiple predicates against one credential or across several, then it expires and cannot be replayed.
Every presentation is bound to a unique challenge and nonce you issue, the exact audience and origin, the requested policy, the current issuer status root and a finalized chain height. Nothing about it transfers to another context.
Before accepting, you check the latest finalized issuer and verifier state on-chain. Verification is online; offline acceptance is out of scope for the MVP, so you never act on stale trust.
You request only the facts you need: grade ≥ A3, an age threshold, credential active, issuer accepted, credential unexpired. The holder proves the predicate without revealing the underlying data.
Presentations never enter the chain. You keep only a minimal decision record of the outcome — not the full proof and not the person — so there is nothing sensitive to leak or subpoena.
To request proofs you must be registered and KYC-approved on-chain, hold a current authorization status, and prove control of every domain, origin and signing key you use.
You issue a unique challenge and nonce over OpenID4VP, naming the exact audience and origin and the predicates you require — for example grade ≥ A3 and credential active.
The holder constructs a presentation bound to your challenge, origin, policy, the current issuer status root and a finalized chain height. It is valid for just ten seconds.
Your proof verifier checks the presentation, validates the requested domain, and confirms the issuer and verifier state against the latest finalized roots on-chain. One session can clear multiple predicates.
You store a minimal decision record — that the policy was satisfied at a point in time — and discard the proof. Nothing enters the chain, and no personal data is retained.
Verifying is free by construction — stateless, off-chain, no per-check fee. The entry packages make it free in effort too, on the permissionless verifier tier:
A snippet that requests and verifies a presentation in the page, over OpenID4VP. No backend changes to start.
Verify a presentation from a phone with nothing installed on your side — for occasional, in-person checks.
A static presentation-request poster: the holder scans, the result lands on the verifier’s phone. A bar, a rental, a home-services visit can verify with a piece of paper.
Bonded verifiers add standing and reach on top; the permissionless tier is how you start today at zero cost.
The natural integration point for agent identity is the agent runtime, not the browser. An MCP verification server gives relying-party tooling as model-context tools: request and verify a presentation, check status, make a disclosure offer — with the human-approval side (CIBA) built in. An agent workflow verifies its counterparty the same way it calls any other tool.
Registration and KYC approval put you on the verifier registry and let your users locally approve your domains as trusted. Talk to us about onboarding, or read how presentations, nonces and finalized roots fit together in the protocol.