High Level User Stories

The Holder (End User and Agent Principal)

The Holder wants to leverage owned off-chain and cross-chain Credentials (e.g., a government-issued ID card) to access permissioned or access-controlled services (e.g., permissioned yield pools) across any ecosystem. In the Agent Economy, the Holder also acts as the Agent Principal, delegating bounded authority to AI agents via the zkMe Vault.

The Holder’s primary goal is to reveal as little Personally Identifiable Information (PII) as possible and remain anonymous to prevent any party, including Issuers, Verifiers, Regulators, or any uninvolved third party, from benefiting from or abusing the link between their identity and their public service consumption patterns. When deploying agents, the Holder’s goal extends to ensuring their agents can execute tasks autonomously without exposing the Holder’s raw credentials or exceeding delegated limits.

Holder Priorities:

Example Scenario

Alice holds a government-issued passport credential and wants her AI trading agent to participate in a permissioned DeFi yield pool that requires proof of non-US residency. Rather than sharing her passport with the agent or the protocol, Alice authorizes a time-limited, scope-restricted delegation through her SSI Wallet. The agent can prove Alice’s eligibility to the pool’s smart contract via a zero-knowledge proof, without ever seeing her passport data, her nationality, or any other personal detail beyond the boolean result “eligible: true.”

The Agent (Autonomous Actor)

The Agent is an autonomous AI system that operates on behalf of a human or legal entity principal. It needs to prove its identity, intent, capabilities, and authorization to access services, execute transactions, and interact with other agents or platforms.

The Agent’s primary goal is to act within its delegated authority while maintaining cryptographic proof of accountability to its principal (via the Agent Principal Credential), without ever holding the principal’s raw secrets, API keys, or PII in its own memory.

Agent Priorities:

Example Scenario

A SaaS procurement agent is authorized by a startup’s CFO to evaluate and purchase software subscriptions up to $500/month. When a vendor’s API responds with a 402 Payment Required status, the agent routes the payment through the Agent Trust Gateway. The Gateway verifies the agent’s payment credential (a delegated allowance from the CFO), confirms the amount is within the authorized spending limit, and facilitates the stablecoin transaction inside a TEE enclave. The vendor receives payment confirmation alongside a verifiable proof that the agent is authorized by a real, KYC-verified entity, all without the agent ever accessing the CFO’s private keys or bank account details.

The Verifier (Service Provider)

The Verifier needs to perform user due diligence before onboarding a user to fulfill internal business needs (e.g., targeted service provision), reduce fraud (e.g., remove bots and duplicate accounts), manage jurisdictional restrictions (e.g., block services to residents of certain countries), or fulfill compliance requirements (e.g., enhanced customer due diligence).

In the Agent Economy, the Verifier must also perform Agent Due Diligence (zkKYA). They need to verify an incoming agent’s accountability (APC), safety certification (ACC), declared intent (AIC), and historical reputation (ARC) before granting it access to APIs, financial rails, or platform resources. The Verifier requires a solution that is fully decentralized, cost-effective, and secure against data misuse to comply with global data privacy regulations like GDPR.

Verifier Priorities:

Example Scenario

A decentralized exchange receives a trade request from an AI agent it has never seen before. Before executing the trade, the exchange’s smart contract challenges the agent for three proofs:

1. an Agent Principal Credential proving the agent is accountable to a KYC-verified human,

2. an Agent Safety Credential confirming the agent has passed a recognized safety audit, and

3. a nullifier proving this is not a duplicate Sybil identity.

The agent constructs all three proofs automatically via the Agent Trust Gateway and submits them alongside the trade transaction. The exchange verifies the proofs on-chain in a single transaction, grants access, and executes the trade, all within seconds and without any human intervention on either side.

The Regulator

The Regulator aims to protect Holders within its jurisdiction from accessing unregistered financial services to shield them from non-transparent risks. In the context of autonomous finance, the Regulator seeks to ensure that machine-to-machine transactions do not become a black box for money laundering or market manipulation.

The Regulator requires the ability to recover the real identity of a Holder, or the Ultimate Beneficial Owner (UBO) behind an autonomous AI agent, in case formal bad actor proceedings are initiated against them. They rely on immutable audit trails and cryptographic bindings (like the APC) to maintain market integrity.

Regulator Priorities:

Example Scenario

A financial regulator receives a suspicious activity report involving a series of high-frequency trades executed by an AI agent across multiple DeFi protocols. Using the immutable audit trail recorded on-chain, the regulator traces the agent’s Agent Principal Credential back to its UBO. The APC’s cryptographic binding, combined with the zkMe FHE-protected biometric anchor, allows the regulator to initiate a formal identity recovery process through the appropriate legal channel, without compromising the privacy of any uninvolved users in the system.

The Credential Issuer

The Credential Issuer is responsible for generating and distributing verifiable credentials to Holders and Agents. It represents the starting point of the credential lifecycle within the zkMe Protocol. In the Agent Economy, Issuers expand beyond traditional KYC providers to include third-party AI auditors, reputation scoring oracles, and intent verification networks.

A Credential Issuer can operate in two models:

Issuer Priorities:

Example Scenario

An AI safety auditing firm completes a behavioral assessment of a new trading agent. The firm acts as a Decentralized Issuer, generating an Agent Capability Credential (ACC) that attests to the agent’s safety score, tested failure modes, and maximum recommended transaction limits. The credential is signed with the firm’s BabyJubJub key and anchored to the on-chain State Contract. If the agent later exhibits anomalous behavior and the firm revokes the ACC, every Verifier that checks the agent’s credential will immediately see the revocation reflected in the State Contract, preventing the agent from accessing any further permissioned services.

Stakeholder Interaction Summary

The five stakeholders form an interconnected trust network. The following table summarizes the primary interactions between each pair:

The Issuer’s critical role is to ensure that issued Credentials are cryptographically secure, privacy-preserving, and verifiable while adhering to data minimization principles.