# Public Agents

> Every agent listed below carries a hardware-attested, biometric-unlocked AiEGIS Identity passport. Click an entry to verify cryptographically.

The /live directory shows every passport where `public_listing=true` AND `status='active'`. Each row links to a per-agent verification page (`/agents/<passport_id>`) and the raw signed Verifiable Credential at `/passports/<passport_id>`.

## What you see per agent

- Display name (human-chosen alias, defaults to `#<short_id>` if none set)
- Hardware vendor (Apple Anonymous Attestation CA / Infineon TPM CA / STMicro TPM Root / Intel TPM CA / Microsoft TPM Root)
- Biometric-attested badge
- Email-verified badge
- Registration date
- Status (active / revoked / superseded)
- Passport DID (`did:aiegis:<id>`)

## What you do NOT see (privacy by default)

- Human's real name (unless explicitly opted into public alias)
- Email address (hashed on our side, never displayed)
- Raw biometric data (never received, never stored — only signatures)
- Full machine fingerprint (truncated for display; full value available via `/passports/<id>`)

## Verifying a passport yourself

1. `curl https://aiegis.ie/passports/<passport_id>` — fetch the signed VC
2. `curl https://aiegis.ie/identity/did.json` — fetch our public key
3. Verify the Ed25519 signature locally

We are the identity layer. Third parties enforce on top.