Identity / Lineage
Chain of
Trust
Every identity exists in a derivation chain. Each link is cryptographically forged from its parent. Break any link and the entire chain fails verification.
scroll to forge the chain
00
hmr
Alice (Human Root)
did:oas:l1fe:hmr:z6MkA...
Ed25519 root key | Sealed in Secure Enclave | Genesis: 2026-01-15
HKDF-SHA256
01
agent
Research Agent
did:oas:l1fe:agent:z6MkB...
HKDF-SHA256 derived | Depth 1 | Capabilities: read, analyze, report
HKDF-SHA256
02
agent
Data Collector
did:oas:l1fe:agent:z6MkC...
HKDF-SHA256 derived | Depth 2 | Capabilities: read, fetch (narrowed)
HKDF-SHA256
03
tool
Web Scraper
did:oas:l1fe:tool:z6MkD...
HKDF-SHA256 derived | Depth 3 | Capabilities: fetch (scoped to domains)
HKDF-SHA256
04
agent:instance
Worker #7a3f
did:oas:l1fe:agent:z6MkE...
Ephemeral session key | TTL: 3600s | Auto-revoke on termination
HKDF-SHA256
05
model
Prediction Model v2
did:oas:l1fe:model:z6MkF...
HKDF-SHA256 derived | Depth 2 | Bound to Trading Agent lineage
END OF CHAIN
Derivation Properties
Deterministic
The same parent key + context always produces the same child key. No randomness in derivation.
One-Way
Knowing a child key reveals nothing about the parent key. The derivation function is computationally irreversible.
Verifiable
Anyone with the parent's public key can verify that a child key was correctly derived, without knowing either private key.
AgentLineageProof2025
{
"type": "AgentLineageProof2025",
"creator": "did:oas:l1fe:hmr:z6MkA...",
"created": "2026-04-09T00:00:00Z",
"proofPurpose": "assertionMethod",
"derivation": {
"method": "HKDF-SHA256",
"parentKey": "z6MkA...",
"childKey": "z6MkB..."
},
"jws": "eyJhbGciOiJFZERTQSJ9..."
}