For AI Agents & Bots

How agents and AI bots use Zipwire attestations and delegation

Agents and AI systems need to prove they're acting on behalf of real humans. This section covers how agents use Zipwire's attestation and delegation infrastructure to gain trust and authorization.

Core Challenges Agents Face

Trust: Services can't distinguish authorized agents from malicious bots
Authorization: Agents lack a way to prove a human authorized them
Privacy: Sharing identity data for verification exposes too much
Scale: Agents need portable proofs that work across multiple services

How Zipwire Solves This for Agents

1. Human Authorization (IsDelegate)

The human attests their identity via Zipwire, then authorizes the agent:

Human gets IsAHuman attestation (proof of personhood)
Human creates IsDelegate attestation authorizing the agent's wallet
This creates an on-chain, verifiable delegation chain

2. Selective Claims (ProofPack)

When agents need to share identity information:

They generate a ProofPack that reveals only needed claims
Example: "I'm authorized by a UK national over 18" (not full ID)
Services verify the ProofPack with the ProofPack library
No central identity provider call needed

3. Chained Delegation

Agents can authorize sub-agents:

Primary agent gets IsDelegate from human
Primary agent creates IsDelegate for sub-agent
Creates a verifiable chain: human → agent → sub-agent
Services can verify the entire chain with ProofPack

Use Cases

MCP Servers & Ecosystem Integration

Scenario: An MCP server needs to know if a wallet is authorized by a human.

Agent: Connects to MCP server using its wallet
MCP Server: Calls ProofPack's verifyByWallet(agentWallet)
ProofPack: Queries EAS, finds IsDelegate chain back to IsAHuman
Result: MCP server knows agent is human-authorized without seeing identity data

Full guide →

Compliance & Regulated Domains

Scenario: Financial API needs to verify agent is authorized and operating within regulations.

Agent: Presents ProofPack with nationality, AML status
API: Verifies the agent is operating for a compliant user
Benefit: Agents can handle regulated tasks (payments, trades) with cryptographic proof of user compliance

Full guide →

Agent-to-Agent Delegation

Scenario: One agent delegates authority to another for specialized work.

Primary Agent: Authorized by human
Specialized Agent: Authorized by primary agent
Services: Verify the full chain back to human
Benefit: Agents can subcontract work while maintaining accountability

Key Concepts for Agents

The Delegation Chain

An agent carries proof that it's authorized:

Human (IsAHuman attestation)
  ↓ IsDelegate (authorizes agent)
Agent Wallet
  ↓ IsDelegate (authorizes sub-agent)
Sub-Agent Wallet

Every service can verify this chain independently via ProofPack.

Selective Disclosure

Agents present only what's needed:

Service asks: "Is user over 18?"
Agent provides: ProofPack with age band (not full DoB)
Service verifies and proceeds

Wallet-Only Verification

For quick checks, services use the agent's wallet address and ProofPack's verifyByWallet(). No complex proofs needed—just cryptographic verification. Implementation: Path 1: Wallet-only (JavaScript) in ProofPack Examples.

How Agents Present Proofs to APIs

When an agent needs to make an API call with specific claims, it:

Requests a ProofPack proof (JWS or JWT) - Calls Zipwire's API to mint a cryptographic proof containing the selected claims
Includes it in the request header - Sends the proof as a Bearer token: Authorization: Bearer <token> (ProofPack supports JWS and JWT)
The API validates the entire chain:
- Reads the Authorization header
- Decodes and verifies the JWS signature
- Checks that all claims in the proof match the Merkle tree
- Walks the IsDelegate chain back to the human's IsAHuman attestation
- Confirms the Merkle root hash matches the on-chain attestation
Request is processed - If everything verifies, the API knows the human is who they claim to be and has authorized the agent

This works for both standard REST APIs and MCP servers.

Getting Started as an Agent

Step 1: Your User Gets Attested

User visits Zipwire Attest
Completes Yoti ID verification
Receives IsAHuman attestation on their wallet

For detailed walkthrough, see: Claiming Attestations Guide

Step 2: User Authorizes Your Agent

User goes to EAS on Base IsDelegate schema
Creates IsDelegate attestation
Sets your agent's wallet as recipient
Your agent is now authorized!

For the complete step-by-step process, see: Authorizing Your Agent Guide

Step 3: Your Agent Makes Requests

Option A: With specific claims

Call /api/v1/proofpack/mint to get a proof (JWS or JWT)
Include it in request: Authorization: Bearer <token>
Service verifies with ProofPack library

Option B: Just wallet proof

Make request with your wallet address
Service uses verifyByWallet(yourWallet)
Instant verification (no JWS needed)

Step 4: Services Trust You

Services that integrate ProofPack can now:

Verify your authorization
Trust your claims about your human
Enable restricted operations (payments, compliance, etc.)

Implementation

All verification code and examples live in one place. Main guide and copy-paste examples:

ProofPack & Agent Delegation ProofPack Examples

There you'll find: Path 1 (wallet-only), Path 2 (JWS with claims), Express.js middleware, ASP.NET Core, and MCP server pattern.

Privacy & Security

What's Shared

Your agent's wallet address (public)
Delegation attestations (public blockchain)
Selected identity claims (only what agent chooses)

What's NOT Shared

Your full identity
Your password or private keys
Unnecessary personal data
A central log of all your agent's activities

Security Guarantees

Cryptographic: Proofs are mathematically verified
On-chain: Attestations are immutable
Revocable: You can revoke agent authorization anytime
Chainable: Sub-agents are verifiable back to you

The Agent Economy Vision

With Zipwire's attestations, agents can:

Operate autonomously without repeatedly authenticating the human
Access restricted services (payments, compliance, regulated domains)
Chain delegations to sub-agents while maintaining accountability
Preserve privacy through selective disclosure
Build trust via cryptographic proof of authorization

This is the infrastructure for trustworthy AI in the real world.

Guides

Get Started

Agents: Check ProofPack on GitHub for SDKs
Services: Integrate ProofPack library to verify agents
Humans: Visit Zipwire Attest to authorize your agents

Questions? Reach out to Zipwire support or check the ProofPack documentation.

PreviousApproving timesheets via WhatsApp NextMCP Servers: Agent Authorization

Last updated 5 hours ago

hashtagCore Challenges Agents Face

hashtagHow Zipwire Solves This for Agents

hashtag1. Human Authorization (IsDelegate)

hashtag2. Selective Claims (ProofPack)

hashtag3. Chained Delegation

hashtagUse Cases

hashtagMCP Servers & Ecosystem Integration

hashtagCompliance & Regulated Domains

hashtagAgent-to-Agent Delegation

hashtagKey Concepts for Agents

hashtagThe Delegation Chain

hashtagSelective Disclosure

hashtagWallet-Only Verification

hashtagHow Agents Present Proofs to APIs

hashtagGetting Started as an Agent

hashtagStep 1: Your User Gets Attested

hashtagStep 2: User Authorizes Your Agent

hashtagStep 3: Your Agent Makes Requests

hashtagStep 4: Services Trust You

hashtagImplementation

hashtagPrivacy & Security

hashtagWhat's Shared

hashtagWhat's NOT Shared

hashtagSecurity Guarantees

hashtagThe Agent Economy Vision

hashtagGuides

hashtagRelated Documentation

hashtagGet Started