IDENTITY ARCHITECTURE
Two tokens.
Complete accountability.
The Human Identity Token (HIT) and Agent Identity Token (AIT) form the cryptographic foundation of nxtlinq's governance architecture. Every AI agent action — across every model, every workflow, every deployment — is anchored to a verified human principal through this dual-token chain.
HUMAN IDENTITY TOKEN
HIT
The human anchor of the delegation chain
Issued by
Your IAM (Okta, Entra, Ping)
Validity
Session-scoped, revocable
Anchors
All downstream AITs
↓ ↓ ↓
AGENT IDENTITY TOKEN
AIT
The agent's governed execution credential
Linked to
Parent HIT — full lineage
Scope
Task-exact permissions
TTL
Micro-Runtime, auto-expires
THE IDENTITY GAP
IAM knows who logged in.
Nobody knows what the agent did.
Enterprise AI agents operate in the gap between authentication and action — a space where traditional IAM has no visibility, no enforcement, and no audit trail. HIT and AIT were designed to close that gap permanently.
THE GAP TRADITIONAL IAM LEAVES OPEN
👥
Agents share identities
AI agents run under shared service accounts or system credentials — there is no individual human attribution for any machine-initiated action.
🔓
Permissions inherited, not scoped
Agents inherit broad IAM role permissions — they can access everything their role allows, not just what the specific task requires.
♾️
Credentials never expire
Service accounts and API keys are long-lived. A compromised credential grants indefinite access with no automatic revocation.
🌫️
Multi-agent workflows are invisible
Sub-agents spawned by orchestrators have no traceable lineage — there is no way to know which human ultimately authorized a downstream action.
🪙
HIT anchors every action to a named human
Every session starts with a Human Identity Token — a cryptographically signed record of the authenticated human principal. No agent acts without a traceable HIT in the chain.
🎯
AIT scopes each agent to task-exact permissions
Agent Identity Tokens carry only the permissions required for a specific task — not inherited IAM roles. Least-privilege enforced at the identity level, not the policy layer.
⏱️
Micro-Runtime TTL eliminates persistent credentials
AITs expire automatically at task completion. Ephemeral Execution Contexts operate with TTLs down to milliseconds — a compromised token is already revoked.
⛓️
Delegation chain survives multi-agent workflows
Sub-agents inherit and extend the parent AIT context — every spawned agent, tool call, and model handoff preserves the unbroken chain back to the originating HIT.
TOKEN SPECIFICATIONS
What each token
contains and guarantees.
HUMAN IDENTITY TOKEN
HIT
The human anchor of the delegation chain
Issued at human authentication time via your existing IAM provider. The HIT creates a persistent, cryptographically-signed record of the human principal authorizing agentic activity — it is the root of all accountability in every downstream action.
ISSUED BY
Your existing IAM provider — Okta, Microsoft Entra ID, Ping Identity, Google Identity, or any SAML 2.0 / OIDC-compatible system
TRIGGERED AT
Human authentication — zero changes to existing IAM configuration required
VALIDITY
Session-scoped; revocable at any time by the enterprise without affecting the ledger record
ANCHORS TO
All downstream AITs and Ephemeral Execution Contexts — the cryptographic root of the delegation tree
ON LEDGER
Hash commitment only — no PII stored on-chain. Ledger records the fact of issuance, not the principal's identity data
ASTP ROLE
Satisfies A — every action governed under this HIT is Attributable to the authenticated human principal
→ One HIT per authenticated human per session
→ Delegation chain is cryptographically verifiable end-to-end
→ Revocation propagates to all child AITs immediately
→ Supports IDV elevation for high-assurance environments (CLEAR, Incode, AuthID)
AGENT IDENTITY TOKEN
AIT
The agent's governed execution credential
Issued to each AI agent at task initiation. Every AIT is cryptographically linked to the originating HIT, scoped to a specific task and resource set, and carries a hard expiry enforced at the platform level — not configurable by the agent.
LINKED TO
Parent HIT — full delegation lineage preserved and verifiable on the audit ledger
SCOPE
Task-specific permissions, named resource constraints, and action-type whitelist — defined at issuance, not inherited from IAM roles
TTL
Micro-Runtime — expires at task completion or hard time limit, whichever comes first. Down to millisecond precision.
SPAWNS
Ephemeral Execution Contexts — sub-millisecond identities for individual tool calls and model invocations
IN MULTI-AGENTE
Child agents receive scoped child AITs — delegation chain extends without breaking the lineage to the originating HIT
ASTP ROLE
Satisfies S (Scoped) and T (Time-Bound) simultaneously — every AIT guarantees both principles by design
→ One AIT per agent task — no shared credentials across tasks
→ Out-of-scope requests blocked before execution, not after
→ AIT issuance latency: sub-100ms in standard deployment
→ Works with any model: OpenAI, Claude, Gemini, Llama, Mistral, private, air-gapped
DELEGATION CHAIN
From human to action —
every link cryptographically verified.
The HIT → AIT delegation chain is the core accountability mechanism. Every agent action — no matter how many layers deep — is traceable back to a named, authenticated human principal.
Human Principal
Authenticates via IAM
👤
HUMAN
🪙
HIT ISSUED
🤖
AIT — AGENT A
⚡
EXEC CONTEXT
⚡
EXEC CONTEXT
Sub-Agent Delegation
Chain extends, lineage preserved
👤
🪙
🤖
AIT — AGENT B
⚡
EXEC CONTEXT
🤖
SUB — AGENT
-
Human / HIT — cryptographic root, immutable attribution
-
AIT — scoped, time-bound agent credential, chained to HIT
-
Ephemeral Execution Context — sub-millisecond identity, auto-expires
Ephemeral Execution Context — sub-millisecond identity, auto-expires
IDENTITY LIFECYCLE
From login to ledger.
Every step governed.
The complete lifecycle of a governed AI agent action — from human authentication through task execution to blockchain proof.
👤
STEP 1
Human Auth
User authenticates via existing enterprise IAM — Okta, Entra, Ping, SAML
🪙
STEP 2
HIT Issued
Human Identity Token created, cryptographically anchored, session-scoped
🎯
STEP 3
HIT Issued
Human Identity Token created, cryptographically anchored, session-scoped
⚡
STEP 4
Execution
Ephemeral context spawned. Agent acts within exact AIT scope — nothing more
🔒
STEP 5
TTL Expiry
Token auto-revoked at task completion. No persistent credential remains
⛓️
STEP 6
Ledger Proof
Cryptographic hash anchored to immutable blockchain ledger — replayable on demand
MULTI-AGENT WORKFLOWS
The chain holds
across every agent layer.
Enterprise AI deployments rarely involve a single agent. Orchestrators spawn sub-agents, sub-agents call tools, tools invoke models — across clouds, systems, and teams. The HIT → AIT chain maintains full accountability at every layer.
LAYER
Human
WORKFLOW EXECUTION →
Sarah (IAM Auth)
HIT
HIT-9a2f... (Sarah)
Orchestrator AIT
AIT-Orchestrator · scope: [read:crm, read:docs] · TTL: 30s
AIT-A · read:crm · 5s
AIT-B · read:docs · 5s
AIT-C · write:summary · 5s
Sub-Agent AITs
EEC · <100ms
EEC · <100ms
EEC · <100ms
EEC · <100ms
Exec Contexts
Every EEC above is traceable through AIT-A/B/C → AIT-Orchestrator → HIT-9a2f → Sarah. Full chain anchored to ledger at each step.
Human / HIT layer — immutable attribution root
AIT layer — scoped delegation, inherits and narrows parent scope
EEC — Ephemeral Execution Context, sub-millisecond TTL
🔗
Scope narrows, never widens
Child AITs can only have equal or narrower scope than their parent — a sub-agent can never exceed the permissions of the orchestrator that spawned it.
⛓️
Every action ledger-committed
Each EEC execution generates a blockchain-anchored proof — even at sub-millisecond scale, the audit record is complete and replayable.
⏱️
TTLs cascade independently
Each AIT and EEC has its own TTL — sub-agents auto-expire even if the parent AIT is still active. No lingering sub-credentials.
🛡️
Air-gap compatible
The entire HIT → AIT delegation chain operates within your perimeter in air-gapped deployments — no external dependencies for token issuance or ledger commits.
INTEGRATIONS
Augments your stack.
No rip-and-replace.
HIT issuance plugs into your existing IAM at authentication time. AIT injection wraps your agent orchestration layer. Neither requires changes to your IAM configuration or agent code.
IAM PROVIDERS
AGENT INFRASTRUCTURE
AI MODELS GOVERNED
IDENTITY VERIFICATION (IDV)
Optional IDV integration elevates HIT assurance for high-trust environments — biometric verification at the human principal layer.
DEFENSIBLE IP
HIT & AIT are
patent-protected architecture.
The dual-token model and the identity lifecycle governance it enables are covered by multiple issued US patents — this is a proprietary identity architecture with defensible IP, not a general open-source framework.
US 12,418,417
AI Agent Lifecycle Management and Authentication using Decentralized Cryptographic Anchoring
ISSUED
Core AIT issuance and lifecycle management — the foundational patent covering the agent identity credential architecture.
US 12,574,251
Blockchain-Based Platform-Independent Personal Identity Profiles
ISSUED
Introduces the Human Identity Token (HIT) for secure cross-platform identity — the human-side anchor of the governance chain.
US 19/370,524
Blockchain-Based AI Agent Life Cycle Management (Continuation)
PENDING
Adds tokenized feedback (TDPs) and human-in-the-loop reinforcement — the compliance-auditable feedback layer of the AIT lifecycle.
US 12,483,411
Blockchain-Based Artificial Intelligence Agent Life Cycle Management
ISSUED
Extends AIT framework with real-time authentication and behavioral auditing — the blockchain ledger evidence architecture.
US 19/314,928
Blockchain-Based AI Agent Life Cycle Management (Continuation)
PENDING
Expands the AIT framework with an identity-anchored, audited learning loop — governance continuity through agent evolution.