Loading vLEI.wiki
Fetching knowledge base...
Fetching knowledge base...
This comprehensive explanation has been generated from 14 GitHub source documents. All source documents are searchable here.
Last updated: October 7, 2025
This content is meant to be consumed by AI agents via MCP. Click here to get the MCP configuration.
Note: In rare cases it may contain LLM hallucinations.
For authoritative documentation, please consult the official GLEIF vLEI trainings and the ToIP Glossary.
An operational mode in which a [watcher](/concept/watcher) runs, characterized by indiscriminate acceptance and monitoring of key events without selective filtering or formal designation by identifier controllers, using the same protocol and codebase as [witnesses](/concept/witness) but serving a different functional role.
Promiscuous mode is the operational mode in which a watcher executes within the KERI infrastructure. The term "promiscuous" derives from its dictionary meaning: "lacking standards of selection; acting without careful judgment; indiscriminate" or "showing little forethought or critical judgment; casual." This characterization precisely describes how watchers operate compared to their more selective counterparts, witnesses.
Key characteristics:
Promiscuous mode is essential to KERI's ambient duplicity detection architecture. While witnesses are formally designated by controllers to verify, sign, and maintain specific key event logs (KELs), watchers operating in promiscuous mode provide broader ecosystem monitoring without such formal relationships.
The witness implementation repository documents that the current implementation includes a "promiscuous, single-tenant witness with Docker container" as a completed feature. This indicates that the same codebase can be configured to operate in promiscuous mode (as a watcher) or in selective mode (as a designated witness).
While the source documents do not provide explicit configuration parameters, the architectural description makes clear that the operational mode is a behavioral configuration rather than a code-level distinction. Implementers should expect configuration options that determine:
Promiscuous mode does not imply reduced security—rather, it represents a different security model. Watchers in promiscuous mode contribute to ecosystem-wide security through broad monitoring, while witnesses provide identifier-specific security through designated relationships. Both are essential to KERI's defense-in-depth architecture.
The promiscuous mode design enables KERI to achieve distributed security monitoring without requiring every monitoring node to have explicit authorization relationships. Watchers can:
Cooperative security model:
As documented in the judge component specifications, promiscuous mode watchers participate in a cooperative security ecosystem where even competing entities share duplicity detection information. This creates network effects similar to certificate transparency systems, where shared threat intelligence benefits all participants.
Implementation efficiency:
The fact that watchers and witnesses share the same codebase demonstrates KERI's design philosophy of maximizing code reuse through behavioral differentiation. Rather than maintaining separate implementations, the protocol achieves functional diversity through operational modes, reducing maintenance burden and ensuring consistency in protocol interpretation.