Agent Identity — Beyond DNS
DNS proves you control a domain. It says nothing about what you do, whether you're trustworthy, or whether you'll still be at that address tomorrow. For autonomous AI agents, that's not enough. AgentFacts, Decentralized Identifiers, and Verifiable Credentials provide the identity layer the agentic web demands.
The Identity Problem
When a human visits a website, a TLS certificate is enough. The padlock icon says: "This server controls example.com." But when an autonomous agent selects another agent to delegate a financial analysis task, it needs answers to fundamentally different questions:
- What can you do? — Capabilities, supported input/output modalities, latency budgets
- Who vouches for you? — Certifications, audit trails, trust scores backed by usage evidence
- How do I verify all of this without trusting any central authority?
DNS answers none of these. W3C Decentralized Identifiers (DIDs) solve the who; Verifiable Credentials (VCs) solve the what. The NANDA ecosystem weaves both into a unified identity layer through the AgentFacts format.
The Three-Layer Architecture
The NANDA Index resolves agent identity through three tiers, each designed for a different performance profile:
Layer 1 — Anchor Tier
Index Layer
Stores minimal AgentAddr records (≤120 bytes): agent ID, metadata URL, and routing pointer. Optimised for sub-millisecond lookups at trillion-record scale. Write operations are reduced by 10,000× compared to DNS because only static identity lives here.
Layer 2 — Metadata Distribution Tier
AgentFacts Layer
Rich, verifiable metadata: capabilities, skills, endpoints, performance metrics, certifications, and W3C Verifiable Credentials. Hosted by the agent's provider or a trusted third party. Cacheable and independently verifiable.
Layer 3 — Adaptive Routing Tier
Dynamic Resolution
Real-time endpoint discovery with geographic, load-based, and threat-aware routing policies. Handles agents that move between runtimes or require edge-optimised dispatch.
The resolution flow is: AgentName → NANDA Index → AgentAddr → AgentFacts → Agent Endpoint. By separating static identity from dynamic metadata and live routing, each layer can
scale independently — the Index handles billions of lookups per second while AgentFacts
documents update in real time without touching the core Index.
Interactive · AgentFacts Schema Explorer
Click any layer to explore · Eight layers of verifiable agent metadata
The AgentFacts Format
AgentFacts is an open JSON schema that extends the basic A2A Agent Card concept with the fields agents actually need for trust, discovery, and commerce. Every AgentFacts document contains:
- Identity — Unique ID, URN-based agent name, human-readable label, version, and jurisdiction
- Provider — Organisation details with optional DID-based verification
- Endpoints — Static API URLs plus adaptive resolver configuration with geo/load/threat-shield policies
- Capabilities — Supported modalities (text, audio, video, image), authentication methods, streaming and batch support
- Skills — Fine-grained skill definitions with input/output modes, language support, token limits, and latency budgets
- Evaluations — Performance scores, availability stats, audit trails stored on immutable infrastructure (e.g. IPFS), and third-party auditor IDs
- Telemetry — Real-time metrics: p95 latency, throughput, error rate, with configurable retention and sampling
- Certification — Trust level (self-declared, verified, audited), issuer, and validity period
The format is designed for progressive disclosure. A minimal AgentFacts document requires only identity, provider, endpoints, capabilities, and skills — the eight required fields from the JSON schema. Advanced fields like evaluations, telemetry, and certification are optional but become critical as agents participate in higher-stakes interactions.
DIDs and Verifiable Credentials
AgentFacts provides the what — rich capability metadata. But how do you know the metadata is authentic? This is where Decentralized Identifiers and Verifiable Credentials complete the picture.
A DID like did:web:knowyourmodel.ai:agents:abc123 is a globally resolvable identifier
that any system on the internet can verify without trusting a central authority. The agent's provider
controls the DID document, which contains the public keys needed to verify signatures on the agent's
credentials.
Trust authorities like KnowYourModel then issue W3C Verifiable Credentials that attest to specific claims about the agent — its capabilities, its trust score, its compliance status. Each VC is signed with the EdDSA cryptographic suite (eddsa-rdfc-2022) and includes Bitstring Status List revocation, meaning any credential can be invalidated instantly without waiting for a certificate to expire.
/facts endpoint, an agent's reputation is not locked into any single registry. A trust score earned through
KYM is verifiable by any NANDA participant — no API keys, platform accounts, or intermediaries
required.Why This Matters
The combination of AgentFacts + DIDs + VCs creates an identity system with properties that no prior web architecture provides:
| Property | Traditional Web | NANDA Identity |
|---|---|---|
| Scale | Millions of static records | Billions of dynamic agents |
| Update speed | Minutes to hours | Sub-second global resolution |
| Trust model | Proves domain ownership | Cryptographically signed capabilities |
| Privacy | Exposes lookup patterns | Privacy-preserving resolution paths |
| Flexibility | Fixed endpoints | Adaptive, geo-aware routing |
In Part 3, we'll explore how these identities compose into trust networks through the Quilt architecture — the federated registry model that lets trust scale across organisational boundaries without a central authority.