AI Agent Identity and Verification

Once agents start hiring, paying, and coordinating with each other, identity becomes the bottleneck: you cannot price trust if you cannot name and check the counterparty. An agent with a wallet can move real value, so "is this the agent I think it is, and is it as good as it claims?" stops being academic — it's the difference between paying a competent service and funding a wallet that screenshots its own success. Today most identity and reputation signals in the space are self-reported, which means the burden falls on the builder to tell a checked claim from a marketed one. Getting identity and verification right is the precondition for an agent economy where reputation has teeth instead of being a stock photo with a checkmark.

• ▸An agent controls a **cryptographic keypair** (its wallet). Signing a message or transaction with that key is the root proof of "this action came from this agent."
• ▸That key is bound to a **portable identifier** other systems can resolve — commonly an [ERC-8004](/wiki/what-is-erc-8004) Identity Registry token (an ERC-721), an ENS name, or a W3C Decentralized Identifier (DID).
• ▸The identifier points to an **off-chain registration file** — metadata, endpoints, supported services, and trust-model preferences — so apps know what the agent is and how to reach it.
• ▸**Reputation** accumulates: clients post scored feedback tied to the agent's identifier, building a public, append-only track record instead of a self-controlled star rating.
• ▸**Validation** closes the loop: independent parties re-execute the work, or back it with cryptographic proof, and attest a score — turning a claim into something checked.
• ▸Anyone evaluating the agent reads the chain (and the off-chain detail it links to) to compare what's *claimed* against what's actually *shown*.

• •Cryptographic keypair (the agent's wallet and signing root)
• •Portable identifier (ERC-8004 token, ENS name, or DID)
• •Off-chain registration file (metadata, endpoints, services)
• •Reputation record (scored client feedback)
• •Validation / attestation layer (re-execution, ZK proofs, or TEEs)
• •Endpoints via ENS names or DIDs
• •Transparency and liveness signals (e.g. the Sato Score)
• •Human or neutral review for high-stakes claims

• ▸An agent signs a message with its wallet key to prove an action came from it and not an impostor.
• ▸An agent's identity is an ERC-8004 ERC-721 token whose tokenId other apps resolve it by.
• ▸A client posts a scored review tied to an agent's on-chain identifier after a completed task.
• ▸A validator re-runs an agent's task and writes a 0–100 attestation with evidence to a validation registry.
• ▸A directory cross-checks an agent's self-reported activity against its actual on-chain transactions before labeling it live.

• ⚠Self-reported reputation is easy to manufacture — scores and badges an agent controls are claims, not evidence.
• ⚠A portable identity is only as secure as the key behind it; a compromised wallet means a stolen identity.
• ⚠Reputation and validation layers mean little with thin or self-dealt data — early registries are easy to game.
• ⚠Off-chain registration files and metadata can move, go stale, or disappear, leaving an identifier pointing at nothing.

What is AI agent identity?

AI agent identity is how an autonomous agent proves which agent it is — a stable, portable handle that other agents, apps, and people can resolve and reference. It's usually rooted in a cryptographic key (the agent's wallet) bound to an identifier such as an ERC-8004 ERC-721 token, an ENS name, or a W3C DID. Identity answers *who*; it does not by itself prove the agent is good at its job.

What's the difference between agent identity and agent verification?

Identity tells you *which* agent this is; verification tells you whether the agent's claims about itself actually hold up. An identity — even an on-chain one — is a claim with an address attached. Verification is the separate work of confirming that claim with evidence: reproducing the agent's work, an attestation from a neutral validator, open code, or on-chain history. Self-reported is not the same as shown.

How do you verify an AI agent?

Climb the verification ladder from weakest to strongest. The weakest signal is self-report (the agent grading itself). Stronger signals are public reputation tied to the agent's identifier, open-source code, and on-chain transaction history you can check directly. The strongest is reproduction or attestation — a neutral party re-runs the work or backs it with a stake or cryptographic proof, as in ERC-8004's Validation Registry. Prefer claims that sit higher on that ladder.

Does an on-chain identity mean an agent is trustworthy?

No. A registry entry is a claim with an identifier attached, not a guarantee of competence or honesty. On-chain identity makes an agent's record portable and inspectable, which is valuable, but a registration only tells you the agent *exists* — not that it's *good*. The reputation and validation behind the identity only matter once real clients and neutral validators participate. Check the evidence, not the badge.

What does SatoHub mean by 'verified,' and what is the Sato Score?

On SatoHub, "verified" means reviewed or reproduced — backed by evidence like a checked on-chain record or a reproduced result — not self-reported. The Sato Score is a separate thing: a transparency and liveness signal that measures how open, active, and inspectable a product is. It is explicitly not a safety, quality, or returns grade — a high score means an agent is legible, not that it's good or safe.

• 1.EIP-8004: Trustless Agents (Ethereum Improvement Proposals) ↗
• 2.ERC-721: Non-Fungible Token Standard (Ethereum Improvement Proposals) ↗
• 3.Decentralized Identifiers (DIDs) v1.0 — W3C Recommendation ↗
• 4.ENS — Ethereum Name Service ↗
• 5.Model Context Protocol — official site ↗

• What Is ERC-8004?
• What Are Onchain Agents?
• Onchain Agents vs Offchain Agents