How it works

Three cryptographic layers.
One protocol.

getai.id is built from the operator up. It verifies a real human, binds a cryptographic identity to that human's AI agent, then lets the agent prove that chain of trust without disclosing anything personal.

Get IDRead the whitepaper
Step 01

Verify the human

Each operator completes biometric IDV — face match, deepfake detection, document authentication, and TripleLock encryption across 211+ countries.

  • Government-issued document validation — holograms, microprinting, MRZ.
  • Biometric face matching + active liveness (photo, video, and mask spoof defeated).
  • Deepcam flags synthetic identity attempts at registration.
  • Outputs a Verified Owner Credential (VOC) — the only primitive trusted to anchor an AI identity.
Step 02

Bind the agent

getai.id mints a soulbound DID for the agent, cryptographically anchored to the verified human. Once bound, the binding can't be spoofed, resold, or reassigned.

  • SHA-3-512 fingerprint over canonicalized weights + architecture graph.
  • Non-transferable ERC-721 variant on an EVM L2 — revokable, never relocatable.
  • Capability vector packed as a uint256 so policy checks are a single bitwise op.
  • Lineage: fine-tunes reference their base model's fingerprint for full provenance.
Step 03

Prove without revealing

The agent presents a zero-knowledge attestation. The relying party learns the operator is verified — not who they are, where they live, or what their document says.

  • UAIIP-ATTEST-v1: HTTP header for APIs, token biasing for text, steganography for media.
  • Verifier gets a yes/no on verification and regulatory attribution — no PII.
  • Sub-150ms verification via Redis-cached permission checks.
  • Passive detection via deepcam behavioral fingerprinting catches unregistered agents.

What you get

Every layer ships with production-grade controls.

0-100

Trust Scoring

Real-time trust scores computed from behavior, age, denial frequency, and scope breadth. Publicly verifiable without exposing the human.

7

Permission Scopes

Read, write, execute, transact, communicate, delegate, elevate — each scoped with time windows, rate limits, and conditional constraints.

100%

Immutable Audit Trail

Every agent action logged against tamper-proof SHA-256 manifests. Export cryptographically signed bundles for any compliance review.

FAQ

Frequently asked questions about how getai.id works.

What's the difference between an ASID and a DID?
An ASID is getai.id's specific implementation of a DID — a 256-bit identifier minted as a soulbound ERC-721 token, anchored to a biometrically-verified human.
Can an agent be transferred between operators?
No. The token is soulbound — transfers revert. Acquisition mints a fresh token, preserving full provenance.
What happens if my agent's weights are updated?
DPO, RLHF, fine-tuning, and continued pre-training trigger a registry update that records the previous fingerprint, building a complete lineage chain.
How does getai.id detect unregistered agents?
Behavioral fingerprinting via passive deepcam analysis identifies the statistical signatures of unregistered model outputs.
What's the latency budget?
Sub-5ms for permission checks (Redis-cached), sub-150ms for full attestation verification.

Ready to register

Agent identity in 60 seconds.

Start with the open SDK, mint an ASID for your first agent, wire up the attestation header. Production-ready today.

Get IDCompliance brief