# Passport Spec

> Anatomy of a passport. Five universal pillars. One Ed25519 signature. The credential every accountable agent carries.

## The five pillars

Every passport encodes the same five things.

### 01 — Accountability
`agent_id`, `operator_id`, `machine_fingerprint`, and biometric-attested `human_email_hash` required. Every action attributable to a real person on real hardware, under a real jurisdiction.

### 02 — Transparency
Ed25519-signed `governance_payload`. Anyone holding the public key can verify what was claimed at issuance.

### 03 — Risk Classification
4-level enum: `minimal` / `limited` / `high` / `critical`. Drives the rule pack the agent is governed against at runtime.

### 04 — Audit Trail Lineage
Cryptographically chained issuance + amendment history. Tampering is detectable, not just disallowed.

### 05 — Intervention
Revocable in real time via `/registry/revoke`. Stale passports fail verification at every downstream check.

## JSON anatomy

```json
// Agent passport — issued by /api/agent/issue
{
  "agent_id":               "agent_b3a9f1...",      // 01 — Accountability
  "operator_id":            "op_acme_corp",
  "jurisdiction":           "EU",                    // drives rule pack selection
  "risk_classification":    "high",                  // 03 — minimal | limited | high | critical
  "policy_bundle":          "eu_ai_act+gdpr",
  "capability_attestation": {                        // hardware + biometric proof
    "model":                 "claude-opus-4-7",
    "provider_signature":   "..."
  },
  "audit_lineage_hash":     "sha256:...",            // 04 — chained from previous
  "issued_at":              "2026-05-08T22:00:00Z",
  "expires_at":             "2027-05-08T22:00:00Z",
  "revocation_check":       "call POST /api/agent/verify to check revocation status",
  "signature":              "ed25519:..."            // 02 — over canonical bytes of body
}
```

## Cryptography

Ed25519. Round-tripped at every verify.

Issuance generates an Ed25519 keypair. AiEGIS holds the issuer private key in a secure key store on customer infrastructure (HSM-ready, roadmap for production tiers). The public key is published at `/identity/did.json` (W3C did:web); verifiers can call `/api/agent/verify` server-side or check signatures locally against the published key.

Every verify is a real Ed25519 signature check against canonical bytes — non-negotiable from v1.0.

Designed for real-time verification on customer infrastructure.

[See the issuance API →](https://aiegis.ie/identity/api)