Identity
Every Forge agent carries a cryptographic identity from birth. The identity
is a did:oas DID rooted in a verifiable human
(HMR — Human Master Record).
DID structure
did:oas:<namespace>:<kind>:<identifier>
| Part | Example | Purpose |
|---|---|---|
namespace |
acme |
Organisation or platform |
kind |
agent, hmr, mhr, enr, tool, skill, workflow, model, dataset, service, agent:instance |
Entity type |
identifier |
research-analyst |
Stable name within (namespace, kind) |
Creating identities
Random (development only)
use forge::identity::create_hmr_identity;
let hmr = create_hmr_identity("acme", "alice")?;
A fresh Ed25519 keypair is generated. Useful for tests; not for production since the key is non-deterministic.
Seeded (production)
For reproducible production identities, pass a 32-byte seed:
use forge::identity::create_hmr_with_seed;
let seed: [u8; 32] = load_seed_from_kms()?;
let hmr = create_hmr_with_seed("acme", "alice", &seed)?;
The keypair is derived deterministically via HKDF-SHA256 with the kind, namespace, and identifier baked into the info string:
HKDF(seed, salt = "forge-identity-v1", info = "kind=hmr;ns=acme;id=alice")
This means:
- Same seed + same triple → same DID, every time.
- The seed alone is insufficient — you also need the
(kind, namespace, identifier). - A leaked seed compromises only the identities derived from it under a given namespace + kind + identifier.
Store the seed in your KMS, OpenBao, or hardware security module. Forge itself never persists raw seeds.
Multi-Human Roots (MHR)
For organisations that need m-of-n threshold authorisation over the human root, Forge supports FROST-based MHR creation:
use forge::identity::create_mhr_with_seed;
let mhr = create_mhr_with_seed("acme", "leadership", &seed)?;
The MHR's keypair is a FROST aggregate; the threshold split happens through Aegis. See the OAS specification for the protocol details.
Lineage chains
Every non-root entity has a lineage proof connecting it back to a human:
HMR (Alice) ─[signs]─→ Agent (research-analyst) ─[signs]─→ Tool (web-fetch)
Verifying lineage is offline:
use forge::identity::verify_lineage;
let proof = lineage_proof_from_storage()?;
verify_lineage(&proof)?; // Returns Ok if Ed25519 chain is intact
This is the accountability property: every action an agent or tool takes in production traces back to a human signature.
Binding identity to an agent
let agent_identity = create_hmr_with_seed("acme", "research-analyst", &seed)?;
let config = AgentConfig::new("research", "anthropic:claude-sonnet-4-5-20250929")
.with_identity(agent_identity);
The agent will sign its outbound messages with this identity's private key.
Glyphs
Every identity has a deterministic visual representation derived from its DID — a "glyph" used in the harness terminal, dashboards, and audit logs. See Glyphs.
Next
- Capabilities — Arsenal Agent Capability Tokens (ACTs)
- Glyphs — visual identity rendering
- Security model — how identity, capability, and approval interact