Comprehensive Explanation

attributional-trust

Conceptual Definition

Attributional trust represents the cryptographic certainty that a digital statement, credential, or action can be verifiably attributed to a specific controlling entity. Unlike traditional trust models that rely on organizational reputation or third-party verification, attributional trust is established through mathematical proof using asymmetric cryptography and verifiable data structures.

The core principle is secure attribution - answering the fundamental question "who said what?" in cyberspace with cryptographic certainty. This form of trust provides:

• Non-repudiable proof of authorship: Digital signatures that cryptographically bind statements to their creators
• End-to-end verifiability: Any party can independently verify attribution without trusting intermediaries
• Decentralized control: The entity making statements controls the cryptographic keys proving their identity
• Ambient verifiability: Attribution can be verified by anyone, anywhere, at any time

Attributional trust is necessary but not sufficient for comprehensive trust relationships. As Samuel Smith's Universal Identifier Theory emphasizes: "you can't have reputation without attributional trust." Attribution establishes who made a claim, while complementary mechanisms like reputational trust establish whether that entity should be trusted based on their history and standing.

Historical Context

Traditional internet security architectures suffer from a fundamental flaw identified in KERI specifications: the Internet Protocol lacks an inherent security layer for verifiable authenticity. IP packet headers can be forged by intermediaries, meaning recipients cannot determine whether packets originated from legitimate sources or imposters. This architectural deficiency necessitates security overlays.

Historically, three trust basis models have emerged:

Administrative Trust Basis

Traditional PKI systems rely on Certificate Authorities (CAs) and DNS infrastructure to establish identity mappings. These systems provide administrative trust through organizational reputation but suffer from:

• Vulnerability to organizational failures and compromise
• Centralized points of failure (DNS hijacking, BGP hijacking)
• Inability to provide truly decentralized control
• Dependence on human and procedural security

Algorithmic Trust Basis

Blockchain and distributed ledger systems provide algorithmic trust through consensus mechanisms. While offering improved decentralization, they:

• Lock identifiers to specific infrastructure
• Impose higher costs and lower performance
• Create logical centralization despite distributed governance
• Require ongoing infrastructure dependency

Autonomic Trust Basis

Cryptographic self-certification provides autonomic trust through mathematical properties of one-way functions. This approach, which KERI implements, offers:

• True decentralization through private key control
• Infrastructure independence and portability
• Superior security through cryptographic strength
• End-verifiable proof without trusted intermediaries

KERI's Approach

KERI establishes attributional trust through its autonomic trust basis architecture, which fundamentally differs from traditional approaches by making cryptographic self-certification the primary root-of-trust.

Self-Certifying Identifiers (SCIDs)

KERI uses Self-Certifying Identifiers as the foundation for attributional trust. An SCID is cryptographically derived from the public key of an asymmetric keypair using one-way functions with 128+ bits of cryptographic strength. The identifier itself contains or uniquely determines the public key, creating a self-contained cryptographic root-of-trust.

Example SCID format:

EXq5YqaL6L48pf0fu7IUhL0JRaU2_RxFP0AL43wYn148

The derivation code prefix ("E" in this example) indicates the cryptographic algorithm used, while the remainder is the Base64-encoded public key material. Any signature made with the corresponding private key can be verified by extracting the public key from the identifier itself.

Autonomic Identifiers (AIDs)

Autonomic Identifiers extend basic SCIDs with key rotation capabilities, making them persistent rather than ephemeral. This addresses the critical limitation that compromised keys would otherwise require identifier abandonment. AIDs maintain attributional trust across key rotations through:

• Key Event Logs (KELs): Append-only, cryptographically chained logs of key management events
• Pre-rotation: Forward-blinded commitments to next rotation keys
• Witnesses: Designated entities that verify, sign, and maintain key events
• Duplicity detection: Mechanisms to identify conflicting key event claims

Out-of-Band Introductions (OOBIs)

KERI's OOBI protocol provides a low-friction mechanism for establishing attributional trust. An OOBI is a URL that associates an AID with a service endpoint, enabling:

• Discovery of the authoritative KEL for an identifier
• Verification of current key state without trusted intermediaries
• Bootstrap of cryptographic verification chains
• Ambient verifiability across network boundaries

The Universal Identifier Theory whitepaper emphasizes that OOBI-based attributional trust establishment has significantly lower friction than traditional identity assurance processes, which require extensive verification by trusted parties like GLEIF.

Trust Domains and AID|LID Couplets

KERI's attributional trust creates trust domains - ecosystems of interactions that rely on a cryptographic trust basis. Within these domains, KERI enables the aid|lid couplet model:

• AIDs (Autonomic Identifiers): Provide cryptographic attributional trust
• LIDs (Legitimized Identifiers): Human-meaningful identifiers authorized within an AID's trust domain
• Authorization: The vertical bar (|) represents cryptographic authorization that legitimizes the LID

This model resolves Zooko's triangle by separating security (AIDs) from human meaningfulness (LIDs) while maintaining verifiable authorization between them.

End-Verifiable Proof

KERI's attributional trust is end-verifiable, meaning any party can independently verify attribution by:

1. Obtaining the KEL for an AID (via OOBI or other discovery)
2. Verifying the cryptographic chain from inception through all rotations
3. Confirming witness signatures meet the threshold of accountable duplicity (TOAD)
4. Validating that the current key state matches the signature on the attributed statement

This process requires no trust in intermediaries - verification depends solely on cryptographic properties and the verifier's ability to detect duplicity.

Practical Implications

Use Cases

Verifiable Credentials: ACDCs (Authentic Chained Data Containers) leverage attributional trust to create credentials where:

• Issuers are cryptographically identified via AIDs
• Credential content is bound to issuer signatures
• Verifiers can independently confirm who issued what claims
• Credential chains maintain attribution through delegation

Legal Entity Verification: The vLEI ecosystem uses attributional trust to:

• Cryptographically bind Legal Entity Identifiers to controlling organizations
• Enable verifiable organizational role credentials
• Maintain attribution across credential delegation hierarchies
• Provide end-verifiable proof of authorization

Secure Communications: Attributional trust enables:

• Non-repudiable message signing
• Verifiable sender identity without PKI infrastructure
• Ambient verification of message authenticity
• Protection against impersonation attacks

Benefits

Decentralization: Attributional trust eliminates dependence on centralized authorities for identity verification. Controllers maintain direct cryptographic control over their identifiers without requiring permission from or trust in third parties.

Portability: KELs are portable verifiable data structures that can be stored, transmitted, and verified across any infrastructure. Attributional trust is not locked to specific platforms, blockchains, or service providers.

Security: Cryptographic strength (typically 128+ bits of entropy) provides security properties that exceed organizational security measures. Pre-rotation mechanisms offer post-quantum security through forward-blinded commitments.

Scalability: End-verifiable proof enables parallel verification without coordination. Witnesses provide duplicity detection without requiring global consensus, allowing horizontal scaling.

Ambient Verifiability: Any party can verify attribution at any time without online interaction with the identifier controller. This enables asynchronous verification and offline use cases.

Trade-offs and Limitations

Insufficient Alone: Attributional trust proves who made a statement but not whether that entity should be trusted. Real-world systems require complementary reputational trust mechanisms to assess trustworthiness based on history and standing.

Key Management Burden: Controllers must securely manage private keys and maintain KEL integrity. While KERI provides mechanisms like pre-rotation for recovery, key compromise remains a risk that requires operational discipline.

Discovery Dependency: Attributional trust requires discovering the authoritative KEL for an AID. While OOBIs provide low-friction discovery, initial bootstrapping still requires some out-of-band communication.

Witness Coordination: Witnesses must be available and responsive for optimal operation. While KERI's KAACE algorithm provides Byzantine fault tolerance, witness unavailability can delay verification.

Human Meaningfulness: AIDs are cryptographic identifiers that are not human-memorable. The aid|lid couplet model addresses this through authorized human-meaningful identifiers, but this adds complexity to the trust model.

Relationship to Reputational Trust

The Universal Identifier Theory emphasizes that attributional trust and reputational trust are complementary, not competing trust models:

• Attributional trust (KERI's domain): Cryptographically proves who made statements
• Reputational trust (identity assurance domain): Establishes whether that entity should be trusted

Organizations like GLEIF provide reputational trust through identity assurance processes that verify legal entity status, organizational structure, and authorized representatives. This "heavy-lifting" complements KERI's attributional trust by adding institutional verification to cryptographic proof.

The vLEI ecosystem demonstrates this complementarity:

• KERI provides attributional trust for all credentials and identifiers
• GLEIF provides reputational trust through qualification of QVIs
• QVIs provide reputational trust for legal entities they verify
• Legal entities use attributional trust to issue role credentials to representatives

This layered model enables verifiable reputation - reputation that is cryptographically attributable to specific entities through KERI's mechanisms while being established through traditional identity assurance processes.