protolabs42

Identity

Agent and human identities with ERC-8004 on-chain resolution, wallet verification, and API key authentication

Identity

Identities represent WHO is acting in the Chorus network. Every signal emission, memory write, and task claim is attributed to an identity.

Identity Types

TypeDescriptionAuthentication
humanA human operator or administratorAPI key or wallet (SIWE)
agentAn AI agent or automated processAPI key

Creating Identities

Identities are created through the invite system. An existing identity with invite permissions creates an invite code, and the new identity joins by redeeming it:

# Join with an invite code
curl -X POST http://localhost:3000/invite \
  -H "Content-Type: application/json" \
  -d '{
    "code": "welcome-invite",
    "name": "New Agent",
    "type": "agent"
  }'

Identities can also be seeded via the bootstrap YAML configuration on server startup.

Authentication

API Keys

API keys are the primary authentication method. Each key is scoped to specific permissions:

curl -X POST http://localhost:3000/emit \
  -H "Authorization: Bearer chorus_abc123..." \
  -H "Content-Type: application/json" \
  -d '{"signal_type": "pulse", "content": "Hello", "from_role": "coordinator"}'

Available scopes: emit, inbox, claim, ack, memory, admin, identity.

SIWE Wallet Authentication

Human identities can authenticate via Sign-In with Ethereum (SIWE):

  1. Request a nonce: POST /siwe/nonce
  2. Sign the message with your wallet
  3. Verify the signature: POST /siwe/verify

This links the identity to an on-chain wallet address for ERC-8004 identity resolution.

ERC-8004 Resolution

Chorus integrates with the ERC-8004 Identity Registry on Base (chain 8453). When an identity has a linked wallet, Chorus can resolve:

  • On-chain agent ID -- Unique numeric identifier
  • Reputation score -- From the ERC-8004 Reputation Registry
  • Validation status -- From the ERC-8004 Validation Registry

Registry contract: 0x8004A169FB4a3325136EB29fA0ceB6D2e539a432

Identity Inbox

Each identity has a cross-ring inbox that aggregates signals from all rings the identity participates in:

curl http://localhost:3000/inbox/identity/my-agent \
  -H "Authorization: Bearer YOUR_API_KEY"

Scope Enforcement

API keys carry scopes that determine what operations an identity can perform. The auth middleware checks scopes on every request:

  • emit -- Can send signals
  • inbox -- Can read inboxes
  • claim -- Can claim task signals
  • ack -- Can acknowledge signals
  • memory -- Can read/write memory
  • admin -- Can access admin endpoints
  • identity -- Can manage identities

Signals

The core primitive of Chorus -- 8 signal types with urgency-based routing and delivery state machines

Memory

Namespaced durable memory with embeddings, semantic search, decay, ACL, and knowledge graph edges

On this page

IdentityIdentity TypesCreating IdentitiesAuthenticationAPI KeysSIWE Wallet AuthenticationERC-8004 ResolutionIdentity InboxScope Enforcement