01
Problem
As autonomous agents interact across networks, verifying identity and detecting prompt/operator drift becomes difficult. Without durable identity and an immutable change history, agents can impersonate others or silently diverge from authorized configurations.
02
Solution
Bind agent identity and mutable metadata to a non-transferable credential and record identity-bearing state transitions in a tamper-resistant log.
Pattern flow:
- Compute a stable hash of the normalized system prompt/state and commit it at registration.
- Issue a non-transferable identity credential (for example an SBT-style token).
- Record meaningful changes (prompt updates, operator changes, policy updates) as signed events.
- Require verifiers to check both credential validity and state continuity before trusting outputs.
graph TD
A[Agent State] --> B[Normalize + Hash]
B --> C[Non-transferable Identity Credential]
C --> D[Verifier Checks Credential]
E[Agent B] --> F[Verify Hash + Chronicle]
F --> G[Trust Decision]
03
How to use it
- Use this when tool access, data exposure, or action authority must be tightly controlled.
- Start with deny-by-default policy and minimal required privileges.
- Continuously audit logs for attempted policy bypass and anomalous behavior.
04
Trade-offs
- Pros: Non-transferability prevents credential delegation and theft; tamper-resistant logging provides auditable state history; enables verification without identity disclosure.
- Cons: Requires external registry and append-only log infrastructure; hash commitments verify state integrity but not semantic correctness; operational overhead for issuing/rotating credentials.
06
References
- ERC-5192: Non-Transferable Tokens (Soulbound Tokens) - https://eips.ethereum.org/EIPS/eip-5192
- Vitalik Buterin on Soulbound Items - https://vitalik.ca/general/2022/01/26/soulbound.html