Comprehensive Explanation

payload

Definition

A payload is the substantive information content within a KERI message or data structure, separated from the supporting infrastructure (headers, signatures, metadata) required for transmission and verification. The term originates from transportation logistics—analogous to cargo in a truck versus the vehicle's weight—and applies to computing contexts where "interesting" data must be distinguished from processing overhead.

In KERI's architecture, payloads have strict constraints: they consist exclusively of cryptographic primitives rather than raw application data. This design principle is fundamental to KERI's security model.

Context in KERI/ACDC

Cryptographic Payload Restriction

KERI never places raw data or privacy-sensitive information directly in Key Event Logs (KELs) or Key Event Receipt Logs (KERLs). Instead, payloads are limited to three cryptographic building blocks:

1. Content digest hash - A cryptographic hash representing data without exposing content
2. Merkle tree root hash - The root of a hash tree structure enabling efficient verification
3. Public key - Cryptographic verification keys for signature validation

This constraint ensures that event logs contain only cryptographic commitments rather than actual data, maintaining privacy while enabling verifiability.

ACDC Payload Architecture

In ACDC (Authentic Chained Data Container) credentials, the payload concept extends to the ( field) and other data-bearing sections. However, ACDCs maintain the same principle: sensitive data can be represented by (Self-Addressing Identifiers) rather than full disclosure, with the SAID serving as a cryptographic commitment to the payload.