Roots
Forge agents use OAS identities. A production agent identity should trace back to a verifiable human or organization root rather than existing as an anonymous runtime key.
Root types
| Root | Meaning | Forge role |
|---|---|---|
| HMR | Human Master Record | Single-human root for an agent lineage. |
| MHR | Multi-Human Root | Threshold root for shared authority. |
| ENR | Entity Name Record | Organization or service-rooted identity context. |
Forge binds runtime identities to these roots; canonical DID grammar and root semantics live in OAS and OpenAgentID.
AEGIS is the governance layer around these roots. It covers threshold ceremonies, enterprise officers, root recovery, rotation, suspension, and revocation. Forge exposes AEGIS-governed concepts through the identity and lineage APIs, but it does not hide whether an agent came from a development identity, HMR, MHR, or ENR.
HMR
An HMR is the common starting point for a single developer, operator, or owner. Forge can create development identities and deterministic seeded identities for production.
Production seeds should come from a KMS, OpenBao, hardware security module, or equivalent secret system. Forge should not persist raw seed material.
MHR
An MHR is used when one human should not be able to exercise root authority alone. Forge supports MHR creation through the identity layer; threshold ceremony and aggregate signing semantics are governed by Aegis and OAS.
ENR
An ENR represents an organization, service, or entity namespace. Forge can run inside an ENR boundary, but agent lineage should still make human or threshold authority visible where production accountability requires it.
Development mode
Local development identities are allowed for prototyping. They must stay visibly non-production and must not be confused with seeded production roots.
See Identity, Lineage, and Security Model. The broader relationship between OAS, AEGIS, Arsenal, ANVIL, Aut0, Sigil, and Foundry is summarized in the Ecosystem Map.