Interoperable Architecture for Digital Identity Delegation for AI Agents with Blockchain Integration

TL;DR

This paper presents a comprehensive, interoperable framework for secure digital identity delegation that integrates blockchain technology, enabling auditable, least-privilege authority transfer across diverse identity systems for both humans and AI agents.

Contribution

It introduces a unified architecture with novel authorization artifacts, verification normalization, layered trust components, and blockchain as an optional integrity layer, advancing digital identity delegation.

Findings

Enables revocable, scope-limited delegation across identity ecosystems.

Provides a normalized verification request structure independent of protocols.

Supports blockchain anchoring as an optional integrity layer.

Abstract

Verifiable delegation in digital identity systems remains unresolved across centralized, federated, and self-sovereign identity (SSI) environments, particularly where both human users and autonomous AI agents must exercise and transfer authority without exposing primary credentials or private keys. We introduce a unified framework that enables bounded, auditable, and least-privilege delegation across heterogeneous identity ecosystems. The framework includes four key elements: Delegation Grants (DGs), first-class authorization artefacts that encode revocable transfers of authority with enforced scope reduction; a Canonical Verification Context (CVC) that normalizes verification requests into a single structured representation independent of protocols or credential formats; a layered reference architecture that separates trust anchoring, credential and proof validation, policy evaluation, and protocol mediation via a Trust Gateway; and an explicit treatment of blockchain anchoring as an optional integrity layer rather than a structural dependency. Together, these elements advance interoperable delegation and auditability and provide a foundation for future standardization, implementation, and integration of autonomous agents into trusted digital identity infrastructures.