Daemonet/Ecosystem/DigitalID

Daemonet DigitalID · holder-controlled credential direction

Proof,
not profile.

Your identity should be something you can prove—not something every company gets to keep. DigitalID is Daemonet’s product direction for receiving a signed claim from a legitimate issuer, holding it under your own keys, and presenting only what a service actually requires.

See the trust model

Product design—not a current identity-verification service. The preview issues no credential, verifies no person, and discloses no information.

KEY + AUTHORITY SEPARATIONRepository implementedDevice, profile, browser, entitlement, payment, and recovery keys already have bounded roles
PURPOSE-BOUND PRESENTATIONSRepository foundationDaemonPay rights can bind subject, resource, audience, purpose, request, expiry, and holder proof
DIGITALID CREDENTIAL + DISCLOSUREOpen design decisionNo reviewed legal-identity format, issuer registry, selective-disclosure scheme, pseudonym, or status protocol
1MAN DIGITALID SERVICESNot a current serviceNo live verifier, credential issuer, document processor, revocation service, or white-label verification offer

Identity without the identity warehouse

Stop copying the same person into every organization.

Passports, licenses, face images, addresses, tax identifiers, and signatures are repeatedly uploaded into unrelated databases. Every copy adds employees, contractors, retention rules, breach exposure, and another place the person cannot meaningfully control.

DigitalID’s goal is to make the reusable object a signed result of an accepted verification—not another reusable bundle of the raw documents.

PROFILE MODEL

Here is everything we collected.

  • Upload the original evidence again
  • Create a permanent provider account
  • Reuse one customer identifier everywhere
  • Retain fields unrelated to the transaction
  • Ask the person to trust every copy forever
IDENTITY BECOMES INVENTORY
PROOF MODEL

Here is the fact this interaction requires.

  • Name the verifier and claim issuer
  • Bind the presentation to one holder and request
  • Reveal only approved claims or fields
  • Expire and revoke under explicit policy
  • Keep unrelated relationships unlinkable where possible
IDENTITY REMAINS WITH THE HOLDER

Five roles. No universal authority.

A signature is meaningful only when every role is explicit.

DigitalID cannot be “Daemonet says this person is real.” A relying service chooses trusted issuers, claims, assurance, freshness, and retention for one purpose. The issuer remains accountable for the claim it signed.

01 · HOLDER

Keeps the credential

Controls the holder key, storage, approval, recovery, and each presentation.

Person or organization
02 · VERIFIER

Examines source evidence

Runs the accepted document, record, in-person, or institutional validation process.

May have legal retention duties
03 · ISSUER

Signs exact claims

Names the assurance, validity, holder binding, status policy, and authority behind the result.

Never implicitly trusted
04 · RELYING SERVICE

Requests the minimum

Defines the accepted issuers and decides whether one presentation satisfies its service policy.

Destination remains authoritative
05 · DAEMON

Acts for the holder

Would match eligible credentials, explain the request, obtain approval, create the presentation, and retain a disclosure receipt.

Product direction

A disclosure ceremony—not an upload form

See the requester, purpose, claim, retention, and consequence before anything leaves.

The preview below demonstrates the intended decision shape only. It uses no wallet, credential, issuer, status registry, server request, or cryptographic proof.

NON-TRANSACTIONAL PREVIEW

What should an identity request feel like?

Choose a claim, choose how much the hypothetical presentation would reveal, review the complete boundary, and inspect the local-verification result.

NO CREDENTIAL · NO VERIFICATION · NO DISCLOSURE

Preview a DigitalID request

  1. 1Request
  2. 2Disclosure
  3. 3Review
  4. 4Result

Step 1 · relying-service request

Which fact does this example service need?

A production request would also bind its audience, nonce, expiry, accepted issuers, assurance, status freshness, retention, and purpose.

The target issuance and presentation model

Verify with an accepted authority. Take custody of the signed result.

The verifier may need to process real identity evidence. The user should know what is processed, which claims are issued, what must be retained, and how the credential expires or is revoked before beginning.

  1. 01

    Choose a verifier

    Select an authority accepted for the required claim and jurisdiction.

  2. 02

    Present source evidence

    Send documents or records directly to the verifier under its declared policy.

  3. 03

    Issue exact claims

    The named issuer signs holder-bound claims, assurance, validity, and status policy.

  4. 04

    Hold under your key

    Store the credential in a trusted Daemon, hardware device, or owner-controlled recovery path.

  5. 05

    Approve one presentation

    Bind the minimum disclosure to one requester, nonce, purpose, and short validity.

  6. 06

    Verify without surveillance

    Let the service check locally when policy permits; use online status only when explicitly required.

HONEST RETENTION CLAIM

“Nobody stores your identification” is not credible. A verifier may process raw documents and may be legally required to retain evidence. The defensible goal is to stop copying those documents into every later service and expose the verifier’s retention before consent.

Holder-bound and request-bound

A credential file should not work like a screenshot anybody can replay.

A useful presentation would prove control of the holder key, bind the audience and nonce, carry only approved claims, expire quickly, and respect current issuer and credential status. A copied object without the holder key should not authorize a new presentation.

ISSUERSigns claim + holder key + validityAuthority visible
HOLDER DAEMONApproves claim + audience + requestPrivate key stays local
PRESENTATIONShort-lived, minimum, request-boundReplay-resistant target
RELYING SERVICEVerifies policy and decidesNo issuer call unless freshness requires it
SELECTIVE DISCLOSURE

Mechanism not selected

Separately signed claims, derived credentials, selective-disclosure signatures, zero-knowledge proofs, and one-time presentations have different security and interoperability costs.

No zero-knowledge claim today
SERVICE PSEUDONYMS

Correlation defense not specified

One permanent identifier would let unrelated organizations merge records. Pairwise identifiers need a reviewed derivation, rotation, recovery, and issuer-linkability model.

No unique-human trial claim today
STATUS + REVOCATION

Privacy/freshness tradeoff open

Short credentials, lists, accumulators, rotating tokens, or online checks expose different information and failure behavior.

No production status registry today

Truth changes

Assurance, expiration, revocation, and recovery are part of the credential—not footnotes.

Self-asserted preferences, verified contact control, document checks, in-person verification, employee status, and government records do not carry the same confidence or lifetime. The relying service chooses the minimum adequate assurance.

ASSURANCE

Say how the claim was established.

Self-asserted, contact-controlled, document-checked, person-matched, in-person, or institutionally issued are different facts.

EXPIRATION

Never turn one old check into permanent truth.

Residence, employment, professional status, document validity, and one-time events need appropriate lifetimes.

REVOCATION

Compromise and changed status must converge.

Issuer error, fraud, suspended license, replaced credential, or holder-key loss must invalidate future presentations.

RECOVERY

Replace the holder key—do not resurrect it.

Another trusted device, re-verification, hardware recovery, or later quorum paths can reissue authority while the old key is revoked.

One claim, several Daemonet systems

Identity, access, payment, storage, and the entrance remain separate.

DigitalID should compose with other Daemonet pillars only where destination policy explicitly asks. Payment never becomes identity; identity never reveals purchase history; storage never becomes issuer authority.

Managed verification without a global identity owner

1Man may later sell verification operations. It cannot become the person.

A future managed offer could coordinate selected verifiers, issuer infrastructure, status, policy APIs, portal integration, and audit evidence. Every issuer, verifier, retention duty, jurisdiction, plaintext processor, and recovery path would remain visible.

HOLDER

Credential + presentation custody

Holder keys, approved disclosures, local receipts, personas, recovery choices, and revocation requests.

Customer-controlled
VERIFIER / ISSUER

Claim-specific authority

Source evidence processing, assurance decision, exact claims, signing keys, validity, retention, and revocation.

Named and policy-scoped
RELYING SERVICE

Relationship decision

Accepted issuers, required claims, purpose, retention, and whether a valid presentation opens the service.

Destination-controlled
1MAN FUTURE ROLE

Optional operations provider

May later host bounded verification or issuer machinery under an explicit contract; no universal identity database or operator impersonation key.

Not active in private alpha

What DigitalID is not

Minimal disclosure is not permission to make identity claims vague.

The system must protect pseudonymous participation and ordinary anonymous use. A credential is a capability for relationships that need one—not a demand that every person speak under a government name.

Not a universal government identity

Jurisdictions and relying services decide which named issuers and claims they recognize.

Not one global customer number

A mandatory permanent identifier would become a cross-service tracking beacon.

Not a biometric database

Any biometric processing requires a named verifier, exact purpose, retention, security, legal basis, and alternative path.

Not guaranteed anonymity

Network metadata, issuer knowledge, disclosed fields, service policy, and real-world contracts can still identify or correlate a holder.

Not a trusted public terminal

A hostile kiosk can capture the display, keystrokes, or transaction. High-risk disclosures need a trusted display or authenticator.

Not compliance by architecture

Finance, healthcare, employment, government, and travel still require current law, contracts, controls, records, and independent review.

Your identification is not somebody else’s inventory

Prove what matters.
Keep custody of the rest.

The next engineering step is a reviewed credential, issuer-trust, status, disclosure, receipt, and recovery specification—not a signup form pretending an Ed25519 key is legal identity.

No current Daemonet or 1Man endpoint issues government, age, residency, professional, uniqueness, or legal-identity credentials.