• Cryptographic operations: Signing, verification, encryption, decryption
• Key management: Rotation, delegation, recovery workflows
• Credential operations: Issuance, presentation, revocation of ACDCs
• Protocol interactions: Witness coordination, watcher queries, OOBI resolution
• Transaction facilitation: Send/receive operations, invoice generation

Agency does not include the underlying key material itself—that remains the domain of the keystore. This architectural separation enables security models where agents hold signing authority while controllers retain rotation authority.

Historical Context

The concept of agency in computing systems predates KERI, originating in distributed systems and multi-agent architectures. Traditional software agents have long operated as programs executing tasks on behalf of users, with user agents (like web browsers) serving as the most familiar example.

In identity systems, agency emerged as a critical concept with the rise of custodial services—third parties managing cryptographic keys on behalf of users. Traditional Public Key Infrastructure (PKI) systems implicitly incorporated agency through Certificate Authorities, which performed key certification operations on behalf of relying parties. However, these systems conflated agency with trust, requiring users to trust custodians with both operational authority and key material.

The self-sovereign identity (SSI) movement sought to eliminate custodial intermediaries, but this created usability challenges. Managing cryptographic keys directly proved difficult for average users, creating tension between security (self-custody) and usability (custodial services). Early SSI implementations often forced binary choices: either full self-custody with complex key management, or full custodial control with centralized trust dependencies.

KERI's Approach

Architectural Separation of Authority

KERI resolves the custody dilemma through partial rotation and split authority models that enable sophisticated agency arrangements without compromising security. The key innovation is separating two types of authority:

1. Signing Authority: The right to sign non-establishment events and perform day-to-day operations
2. Rotation Authority: The exclusive right to rotate keys and change the authoritative key set

This separation enables custodial agency where:

• A custodial agent holds current signing keys and provides operational services
• The controller retains pre-rotated keys and rotation authority
• The controller can "fire" the custodian at any time through unilateral key rotation
• The custodian cannot lock out the controller or seize control of the identifier

KERIA: Cloud-Based Agency

KERIA (KERI Agent in the cloud) exemplifies KERI's agency architecture. KERIA provides comprehensive agent services while maintaining strict security boundaries:

Security Model:

• All client operations must be signed at the edge (client-side)
• KERIA never possesses client secrets or private keys
• Agents handle operations on behalf of clients without holding ultimate control

Service Components:

1. Message Router: Handles incoming KERI protocol messages, coordinates multi-signature workflows, routes asynchronous responses
2. Agency: Provisions and manages agent instances, maintains agent-to-AID mappings
3. API Handler: Processes agent-specific requests (identifier creation, credential management) with mandatory signature verification
4. Individual Agents: Execute operations on behalf of specific clients while maintaining security boundaries

Multi-Form Agency

KERI recognizes three primary forms of agents providing agency:

Human Agents: Designated representatives who perform identity operations on behalf of organizations or individuals. In the vLEI ecosystem, roles like Designated Authorized Representatives (DARs) and Authorized vLEI Representatives (AVRs) exemplify human agency.

Edge Computing Agents: Software running on user-controlled devices (smartphones, laptops, hardware security modules) that provide agency while keeping key material under direct user control. This model supports the "keys at the edge" security paradigm.

Cloud Agents: Services like KERIA that provide agency through remote infrastructure while maintaining security through cryptographic protocols rather than physical custody.

Wallet Architecture and Agency

KERI explicitly distinguishes between keystores (storage) and wallets (storage + agency). A KERI wallet is defined as a collection of data stores comprising:

• Keystore: Secure storage for cryptographic keys
• Local and remote KEL databases: Event log storage
• Credential database: ACDC storage

The agency component of a wallet includes:

• Signing operations
• Credential management (issuance, storage, presentation)
• Delegation handling
• Transaction processing
• Encryption/decryption operations

This architecture makes wallets a superset of keystores, with agency representing the functional capabilities beyond passive storage.

Practical Implications

Use Cases

Enterprise Identity Management: Organizations deploy cloud agents (KERIA instances) to manage corporate identifiers while maintaining rotation authority through hardware security modules or multi-signature governance structures. This enables scalable operations without centralizing ultimate control.

Personal Identity Wallets: Individuals use mobile wallet applications that provide agency through edge computing while synchronizing with cloud agents for backup and cross-device access. The split authority model ensures users can recover from device loss without custodial lock-in.

Delegated Credential Issuance: Qualified vLEI Issuers (QVIs) operate as agents for GLEIF, providing credential issuance services under delegated authority. The delegation chain is cryptographically verifiable through KEL anchoring, ensuring accountability without requiring GLEIF to directly operate all issuance infrastructure.

Multi-Signature Coordination: Agents coordinate asynchronous signature collection for multi-signature AIDs, routing signature requests and aggregating responses. This agency service enables practical multi-party control without requiring simultaneous online presence of all signers.

Benefits

Usability Without Custody Trade-offs: Agency enables user-friendly services (cloud backup, cross-device sync, automated operations) without requiring users to surrender ultimate control. The split authority model provides the best of both custodial convenience and self-sovereign security.

Scalability Through Delegation: Organizations can delegate operational authority to specialized agents while retaining governance control. This enables horizontal scaling of identity operations without centralizing trust.

Flexibility in Security Models: Different use cases can employ different agency models (edge-only, cloud-assisted, fully custodial) while maintaining interoperability through common KERI protocols. High-security applications can use hardware-based edge agents, while consumer applications can use cloud agents with appropriate authority splits.

Separation of Operational and Security Concerns: Developers can focus on building excellent user experiences in agent software without needing to solve the hardest key management problems. The KERI protocol handles security properties, while agents handle operational workflows.

Trade-offs

Complexity in Authority Management: Split authority models require careful design of threshold structures, delegation chains, and recovery mechanisms. Misconfigured authority splits can create operational bottlenecks or security vulnerabilities.

Trust in Agent Availability: While agents don't hold ultimate control, users depend on agent availability for day-to-day operations. Cloud agent outages can disrupt workflows even though they don't compromise security. This creates operational dependencies even in non-custodial models.

Key Management Burden: Even with agency services, users must still manage rotation keys and recovery mechanisms. Agency reduces but does not eliminate the key management burden, particularly for high-security applications.

Protocol Complexity: The sophisticated authority models enabling secure agency require complex protocol mechanisms (pre-rotation, partial rotation, delegation, witness coordination). This increases implementation complexity compared to simpler custodial or fully self-managed approaches.

Potential for Confusion: The distinction between signing authority and rotation authority, or between agents and agency, can confuse users and developers. Clear mental models and user interfaces are essential to prevent security mistakes arising from misunderstanding authority boundaries.