THE GOVERNANCE STANDARD
ASTP — The four principles
AI agents must satisfy.
Every AI agent action in nxtlinq must satisfy four non-negotiable governance criteria before it executes. ASTP is the framework that closes the accountability gap between human intent and machine action — at the identity level, not the policy layer.
A
ATTRIBUTABLE
T
TIME-BOUND
S
SCOPED
P
PROVABLE
HOW ASTP GOVERNS EVERY AGENT ACTION
👤
Human authenticates
HIT issued by existing IAM (Okta, Entra, Ping)
🔵
A — Attribution anchored
HIT cryptographically links human to all downstream agents
🎯
S — Scope defined
AIT issued with exact task, resource, and action limits
⏱️
T — TTL enforced
Micro-Runtime TTL — token auto-expires at task completion
⛓️
P — Proof recorded
Hash-anchored blockchain commit — immutable, replayable
Every agent action satisfies all four — or it doesn't execute.
THE PROBLEM
IAM governs logins.
Nothing governs what happens after.
Traditional identity infrastructure was designed for humans logging into systems. It was never designed for autonomous agents acting on behalf of humans — at scale, across systems, without a human in the loop. ASTP was built for exactly that gap.
WITHOUT ASTP — THE ACCOUNTABILITY GAP
❓
Anonymous machine actions
AI agents execute under service accounts or shared credentials. No individual human is accountable for what the agent does.
🔓
Unlimited scope creep
Agents with broad IAM permissions can access far more than a specific task requires. No enforcement at the action level.
🔑
Persistent credentials
Service accounts and API keys live indefinitely. A compromised credential means unlimited, ongoing exposure.
🔍
No forensic audit trail
Logs capture that something happened — not who authorized it, what scope was granted, or whether the action was legitimate.
WITH ASTP — EVERY GAP CLOSED
🪙
Every action traces to a named human
HIT → AIT delegation chain creates unbreakable attribution from human intent to machine execution. No anonymous agents.
🎯
Agents can only act within their exact scope
Task-specific permissions bound at the AIT level — not inherited from broad IAM roles. Out-of-scope requests are blocked before execution.
⏱️
Credentials expire at task completion
Micro-Runtime TTLs enforce hard expiry. No persistent credentials means a compromised token is already expired.
⛓️
Cryptographic proof, not just logs
Every governance event is blockchain-anchored. Tamper-evident, deterministically replayable, auditor-ready by default.
THE FOUR PILLARS
Four principles.
Zero accountability gaps.
Every identity issued by nxtID adheres to the ASTP framework — the governing standard that ensures every agentic action is attributable, scoped, time-bound, and provable.
A
ATTRIBUTABLE
Every action traces to a human
The HIT (Human Identity Token) creates an unbreakable cryptographic link between every agentic action and the human principal who delegated authority. There is no anonymous AI execution in nxtlinq.
→ HIT issued at human authentication time via your existing IAM
→ Delegation chain preserved end-to-end across all agents and sub-agents
→ Cross-system attribution with zero gaps — even in multi-agent workflows
→ Every action carries the originating human's cryptographic signature
S
SCOPED
Least-privilege at the agent level
Every AIT (Agent Identity Token) is bound to a specific task, resource set, and action type. Agents cannot access systems or perform actions outside their explicit authorization — regardless of what the underlying IAM permits.
→ Task-specific permission binding — no inherited broad IAM roles
→ Resource-level access constraints defined at AIT issuance
→ Action-type whitelisting per execution context
→ Out-of-scope requests blocked and logged before execution
T
TIME-BOUND
No persistent credentials for agents
AITs carry explicit expiry enforced at the platform level. Ephemeral Execution Contexts operate on Micro-Runtime TTLs — tokens auto-expire at task completion, eliminating persistent credential risk entirely.
→ Micro-Runtime TTL enforced down to millisecond precision
→ Automatic token revocation on task completion or hard time limit
→ No long-lived service accounts or API keys for agent execution
→ Compromised token is already expired — blast radius near zero
P
PROVABLE
Cryptographic proof of every action
Every identity event, delegation step, and execution outcome is anchored to a decentralized cryptographic ledger. No PII is stored on-chain — only hash-based commitments that enable deterministic audit replay.
→ Hash-anchored immutable audit trail — tamper-evident by design
→ Deterministic replay for precise forensic investigation
→ Zero PII exposure on ledger — only cryptographic commitments
→ Independently verifiable without vendor access
HOW IT WORKS
From human intent
to governed execution.
ASTP isn't a policy layer bolted on after the fact. It's the execution architecture — built into every identity transaction, before any agent action is permitted.
STEP 1
Human authenticates via existing IAM
The human principal logs in through your existing IAM provider — Okta, Microsoft Entra ID, Ping Identity, or any SAML/OIDC-compatible system. nxtlinq does not replace your IAM.
NO RIP-AND-REPLACE
👤
🪙
🎯
⏱️
🤖
⛓️
STEP 2 — ATTRIBUTABLE
HIT issued — human identity anchored
nxtID issues a Human Identity Token (HIT) cryptographically linked to the authenticated principal. This token becomes the root of all accountability for every downstream agent action in this session.
A — ATTRIBUTABLE
STEP 3 — SCOPED
AIT issued with task-exact permissions
When an AI agent is invoked, nxtID issues an Agent Identity Token (AIT) scoped precisely to the task — specific resources, allowed action types, and nothing more. The AIT is cryptographically chained to the parent HIT.
S — SCOPED
STEP 4 — TIME-BOUND
Micro-Runtime TTL enforced
The AIT carries a hard expiry enforced at the platform level. Ephemeral Execution Contexts operate on Micro-Runtime TTLs — the credential is valid only for the duration of the specific task and automatically revoked at completion.
T — TIME-BOUND
STEP 5
Agent executes within scope
The agent acts — reads, writes, calls APIs, invokes tools — within the exact bounds of its AIT. Any attempt to act outside scope is blocked by the nxtlinq policy enforcement layer before execution and logged to the audit ledger.
ENFORCEMENT BEFORE EXECUTION
STEP 6 — PROVABLE
Blockchain-anchored proof recorded
Every governance event — authorization, scope evaluation, execution outcome, token expiry — is hashed and committed to the immutable blockchain audit ledger. No PII on-chain. Full forensic replay available on demand.
P — PROVABLE
TOKEN ARCHITECTURE
Two tokens.
Complete accountability.
ASTP is implemented through nxtID's dual-token model — the Human Identity Token and the Agent Identity Token. Together they form the cryptographic foundation for every accountability guarantee the framework provides.
HUMAN IDENTITY TOKEN
HIT
The human anchor of the delegation chain
Issued at human authentication time via your existing IAM provider. The HIT creates a persistent, cryptographically-signed record of the human principal authorizing agentic activity — it is the root of all attribution under the ASTP framework.
ISSUED BY
Your IAM provider (Okta, Entra ID, Ping, Google, SAML)
VALIDITY
Session-scoped; revocable at any time by the enterprise
ANCHORS TO
All downstream AITs and execution contexts
ON LEDGER
Hash commitment only — no PII stored on-chain
ASTP ROLE
Satisfies A — every action is Attributable to this principal
AGENT IDENTITY TOKEN
AIT
The agent's governed execution credential
Issued to each AI agent at task initiation. Every AIT is cryptographically linked to the originating HIT, scoped to a specific task and resource set, and carries a hard expiry enforced at the platform level.
LINKED TO
Parent HIT — full delegation lineage preserved
SCOPE
Task-specific permissions, resource constraints, action types
TTL
Micro-Runtime — expires at task completion or hard time limit
SPAWNS
Ephemeral Execution Contexts (sub-millisecond identities)
ASTP ROLE
Satisfies S (Scoped) and T (Time-Bound) simultaneously
ASTP VS TRADITIONAL IAM
Traditional IAM wasn't built
for agentic AI.
ASTP doesn't replace your IAM — it governs what happens after authentication, in the layer your IAM cannot see.
⚠️
Traditional IAM for AI Agents
✕
Agents run under shared service accounts — no human attribution
✕
IAM roles grant broad permissions — agents can access far more than they need
✕
Credentials are long-lived — one compromise means persistent exposure
✕
Logs record events but not authorization scope or human delegation
✕
No enforcement mechanism for what agents do after they authenticate
✕
Multi-agent workflows have no lineage — sub-agents are invisible
✕
Compliance teams cannot answer "who authorized this AI action?"
✅
Traditional IAM for AI Agents
✓
Every agent action traces to a named human principal via HIT chain
✓
AIT scopes each agent to exact task permissions — least-privilege enforced
✓
Micro-Runtime TTLs — credentials auto-expire at task completion
✓
Blockchain-anchored proof of every governance event — not just logs
✓
Policy enforcement before execution — out-of-scope actions blocked
✓
Sub-agent delegation chains preserved end-to-end across workflows
✓
Auditors get deterministic replay — full forensic reconstruction on demand
COMPLIANCE BY ARCHITECTURE
ASTP satisfies auditors
by design — not
documentation.
Regulatory frameworks that govern AI deployments — SOC II, HIPAA, SOX, FedRAMP — require the same things ASTP delivers: attribution, scope enforcement, time-bounded access, and cryptographic proof. When auditors ask, the evidence is already there.
A → WHO AUTHORIZED IT?
HIT delegation chain provides cryptographic attribution to the named human principal — satisfies audit requirement for human accountability over AI actions.
T → HOW LONG DID ACCESS LAST?
TTL recorded and enforced — precise access duration provable from the audit ledger. No persistent credentials to explain to regulators.
S → WHAT WAS IT ALLOWED TO DO?
AIT scope definition captured at issuance — auditors see exactly what permissions were granted for each task, not a broad IAM role.
P → CAN YOU PROVE IT?
Blockchain-anchored cryptographic commitments — tamper-evident, independently verifiable, deterministically replayable for any governance event.
DEFENSIBLE IP
ASTP is backed by
issued patents.
The ASTP framework and the HIT/AIT token architecture underlying it are protected by multiple issued US patents — this is a proprietary governance architecture, not a general framework.
US 12,418,417
AI Agent Lifecycle Management and Authentication using Decentralized Cryptographic Anchoring
-
ISSUED
US 12,418,417
AI Agent Lifecycle Management and Authentication using Decentralized Cryptographic Anchoring
-
ISSUED
US 12,574,251
Blockchain-Based Platform-Independent Personal Identity Profiles (HIT)
-
ISSUED
US 19/314,928
Blockchain-Based AI Agent Life Cycle Management (Continuation)
-
PENDING
US 19/370,524
Blockchain-Based AI Agent Life Cycle Management — Tokenized Feedback & HITL
-
PENDING