W3C DID Method · did:trail · Open Source

Trust Registry for AI Identity Layer

TRAIL Protocol provides a vendor-neutral identity layer for AI agents, built on W3C Decentralized Identifiers. Designed to support EU AI Act compliance: verifiable, auditable, and interoperable. TRAIL Protocol liefert eine herstellerneutrale Identitätsschicht für KI-Agenten, aufgebaut auf W3C Decentralized Identifiers. Entwickelt für EU-AI-Act-Konformität: verifizierbar, prüfbar und interoperabel.

Read the SpecSpezifikation lesen Technical WhitepaperTechnisches Whitepaper
W3C DID Registry - PR #669 submittedeingereicht EUIPO Trademark - Classes 9, 35, 42 filedKlassen 9, 35, 42 angemeldet Reference ImplementationReferenzimplementierung - 49 tests passingTests bestanden Spec - v1.2.1 (Managed Agent SupportManaged-Agent-Unterstützung) W3C DID Registry - PR #669 submittedeingereicht EUIPO Trademark - Classes 9, 35, 42 filedKlassen 9, 35, 42 angemeldet Reference ImplementationReferenzimplementierung - 49 tests passingTests bestanden Spec - v1.2.1 (Managed Agent SupportManaged-Agent-Unterstützung)
Warum JETZT?Why NOW? EU AI Act: Enforcement ab Aug. 2026EU AI Act: Enforcement from Aug. 2026 W3C DID Core 1.0: Globaler StandardW3C DID Core 1.0: Global Standard 750M+ AI-Agenten ohne Identität750M+ AI Agents without Identity
What is TRAIL?Was ist TRAIL?
Identity infrastructure for autonomous AI agentsIdentitätsinfrastruktur für autonome KI-Agenten
🔑

Decentralized IdentityDezentrale Identitat

Every AI agent gets a W3C-compliant DID (did:trail) anchored in a vendor-neutral trust registry. No vendor lock-in, no single point of failure.Jeder KI-Agent erhalt eine W3C-konforme DID (did:trail), verankert in einem herstellerneutralen Trust Registry. Kein Vendor-Lock-in, kein Single Point of Failure.

🛡

Cryptographic TrustKryptografisches Vertrauen

Ed25519 signatures with DataIntegrityProof (eddsa-jcs-2023). Crypto-agile architecture ready for post-quantum migration.Ed25519-Signaturen mit DataIntegrityProof (eddsa-jcs-2023). Krypto-agile Architektur für post-quanten Migration vorbereitet.

🔍

AuditabilityPruefbarkeit

Full transparency on who built an AI agent, what it's authorized to do, and how it has performed. Cryptographically signed and verifiable.Volle Transparenz daruber, wer einen KI-Agenten gebaut hat, was er darf und wie er sich verhalten hat. Kryptografisch signiert und verifizierbar.

Example: did:trail IdentifierBeispiel: did:trail Identifier

// Organization DID (hash-suffix for collision resistance) did:trail:org:acme-corp-a7f3b2c1e9d04f5a // AI Agent DID (scoped to organization) did:trail:agent:sales-bot-e4d8f1a9b3c57d2e // Self-signed DID (local verification, no registry needed) did:trail:self:z6Mkf5rGMoatrSj1f4CyvuHBeXJELe9RPdzo2PKGNCKVtZxP
EU AI Act AlignmentEU-AI-Act-Ausrichtung
How TRAIL maps to regulatory requirementsWie TRAIL regulatorische Anforderungen erfüllt
The EU AI Act (Regulation 2024/1689) requires transparency, traceability, and human oversight for AI systems. TRAIL provides the technical infrastructure to support these obligations. Der EU AI Act (Verordnung 2024/1689) fordert Transparenz, Nachvollziehbarkeit und menschliche Aufsicht für KI-Systeme. TRAIL liefert die technische Infrastruktur zur Erfüllung dieser Pflichten.
ArticleArtikel RequirementAnforderung TRAIL CapabilityTRAIL-Fähigkeit Status
Art. 13 Transparency: AI systems must allow human oversight and include sufficient transparency did:trail DID provides unique verifiable identity; TrailAIPolicyService enables machine-readable disclosure of AI system type and risk class DESIGN
Art. 14 Human Oversight: Providers must design high-risk AI with tools for effective oversight Verifiable Credentials create tamper-proof audit trail; trust score tracks behavioral consistency over time DESIGN
Art. 26 Deployer Obligations: Deployers must use systems in accordance with instructions KYB-verified identity links agents to accountable legal entities; revocation mechanism enables immediate suspension DESIGN
Art. 49 Registration: Providers must register high-risk AI in EU database TRAIL Registry serves as complementary technical registry alongside official EU database GAP
TRAIL is NOT the official EU AI database. Art. 49 registration required separately.
Art. 52 Transparency for Certain AI: Users must be informed when interacting with AI TRAIL DID can be presented in real-time; TRAIL Badge provides visual trust indicator Q3 2026
GDPR Art. 5 Data Minimisation: Personal data must be adequate, relevant, and limited No personal data in DID documents; signatures contain only public keys DESIGN
GDPR Art. 25 Privacy by Design: Data protection by design and by default Fingerprint scheme enables verification without data disclosure; selective disclosure profile DESIGN
Important: TRAIL registration does NOT constitute compliance with the EU AI Act. Compliance is the responsibility of the deploying organization. TRAIL provides technical infrastructure that supports compliance - it is not a compliance certification. Hinweis: Eine TRAIL-Registrierung erfüllt NICHT den EU AI Act. Die Konformität liegt in der Verantwortung der einsetzenden Organisation. TRAIL liefert technische Infrastruktur zur Unterstützung der Konformität - keine Zertifizierung.
Open Source RoadmapOpen-Source-Roadmap
Protocol development timelineProtokoll-Entwicklungs-Timeline
TRAIL is an open-source protocol. The specification and reference implementation are publicly available under CC BY 4.0 (spec) and MIT (code). Community feedback drives development. TRAIL ist ein Open-Source-Protokoll. Spezifikation und Referenzimplementierung sind öffentlich verfügbar unter CC BY 4.0 (Spec) und MIT (Code). Community-Feedback treibt die Entwicklung.
March 2026 - CompletedAbgeschlossen

v1.0.0: FoundationFundament

  • W3C DID Method Specification publishedW3C DID-Methoden-Spezifikation veröffentlicht
  • W3C DID Extensions Registry PR #669 submittedW3C DID-Extensions-Registry PR #669 eingereicht
  • Reference implementation: @trailprotocol/core (TypeScript)Referenzimplementierung: @trailprotocol/core (TypeScript)
  • Self-mode DID resolution (offline, no registry needed)Self-mode DID-Auflösung (offline, kein Registry nötig)
  • EUIPO Trademark filed (Classes 9, 35, 42)EUIPO-Marke angemeldet (Klassen 9, 35, 42)
March 2026 - CompletedAbgeschlossen

v1.1.0: HardeningHärtung

  • Crypto agility framework (SUPPORTED_CRYPTOSUITES registry)Krypto-Agilitätsframework (SUPPORTED_CRYPTOSUITES Registry)
  • Key rotation for Org/Agent modeKey Rotation für Org/Agent-Modus
  • Specification versioning (trail:specVersion)Spezifikationsversionierung (trail:specVersion)
  • Key recovery mechanisms (multi-controller, social, registry-assisted)Key-Recovery-Mechanismen (Multi-Controller, Social, Registry-gestützt)
  • Governance framework (dispute resolution, change management)Governance-Framework (Streitbeilegung, Änderungsmanagement)
  • 49 tests across 12 test suites49 Tests in 12 Test-Suites
  • GitHub Discussions enabled for community feedbackGitHub Discussions für Community-Feedback freigeschaltet
  • NIST NCCoE AI Identity Comment submittedNIST NCCoE AI Identity Kommentar eingereicht
  • W3C CCG community introduction postedW3C CCG Community-Vorstellung veröffentlicht
  • @trailprotocol/core v0.1.0 published on npm@trailprotocol/core v0.1.0 auf npm veröffentlicht
  • First external contributor onboarded (Amey Parle - PRs #5, #7, Issue #4)Erster externer Contributor ongeboardet (Amey Parle - PRs #5, #7, Issue #4)
Q2 2026 - CurrentAktuell

v1.2.0: Distribution & CommunityDistribution & Community

  • @trailprotocol/core on npm (v0.1.0)@trailprotocol/core auf npm (v0.1.0)
  • Managed Agent Identity Binding spec (PlatformIdentityBinding VC, §7.5)Managed-Agent-Identity-Binding Spec (PlatformIdentityBinding VC, §7.5)
  • CI/CD pipeline (GitHub Actions)CI/CD-Pipeline (GitHub Actions)
  • JSON-LD Context deployment on trailprotocol.orgJSON-LD-Context-Deployment auf trailprotocol.org
  • CONTRIBUTING.md + community guidelinesCONTRIBUTING.md + Community-Richtlinien
  • DIF Contributor Agreement confirmed (Apr 2026) - Working Group memberDIF Contributor Agreement bestätigt (Apr 2026) - Working-Group-Mitglied
  • W3C CCG community discussion: Layering pattern (did:pnl role profiles over did:trail identity anchors) - Discussion #15W3C CCG Community-Diskussion: Layering-Pattern (did:pnl Rollenprofile über did:trail Identitätsanker) - Discussion #15
  • Cross-Method Binding specification (§5.4): did:trail as identity anchor, alsoKnownAs binding to any DID method - merged in v1.2.0Cross-Method-Binding-Spezifikation (§5.4): did:trail als Identitätsanker, alsoKnownAs-Binding zu beliebigen DID-Methods - gemergt in v1.2.0
  • Agent Declaration in Content Signatures (§8.13) - AI accountability for generated contentAgent Declaration in Content Signatures (§8.13) - KI-Accountability für generierte Inhalte
  • Federation Trust Anchor Model (§3.4) + Revocation Propagation (§8.7) - merged in v1.2.0Federation Trust Anchor Model (§3.4) + Revocation Propagation (§8.7) - gemergt in v1.2.0
  • Credential revocation (W3C StatusList2021) - normative in §8.7Credential-Widerruf (W3C StatusList2021) - normativ in §8.7
  • Universal Resolver driver (did:trail) - Docker image on GHCR, DIF PR #546Universal-Resolver-Treiber (did:trail) - Docker-Image auf GHCR, DIF PR #546
Q3-Q4 2026 - PlannedGeplant

v2.0.0: Registry

  • TRAIL Registry Server (HTTP API for Tier 1/2)TRAIL-Registry-Server (HTTP-API für Tier 1/2)
  • Trust Score Engine (5-dimension computation)Trust-Score-Engine (5-dimensionale Berechnung)
  • Python + Go reference implementationsPython- und Go-Referenzimplementierungen
  • W3C DID Test Suite complianceW3C-DID-Test-Suite-Konformität
  • Post-quantum cryptosuite migration pathPost-Quanten-Kryptosuite-Migrationspfad
ResourcesRessourcen
Specification & DocumentationSpezifikation & Dokumentation
Specification

DID Method Specification v1.2.1

The complete did:trail method specification, including CRUD operations, trust model, security considerations, crypto agility, key rotation, Managed Agent Identity Binding, and governance.Die vollständige did:trail-Methodenspezifikation mit CRUD-Operationen, Trust-Modell, Sicherheitsbetrachtungen, Krypto-Agilität, Key Rotation, Managed-Agent-Identity-Binding und Governance.

View on GitHubAuf GitHub ansehen
Whitepaper

Technical Whitepaper v1.0Technisches Whitepaper v1.0

In-depth technical overview of the TRAIL architecture, trust model, credential framework, threat model, and EU AI Act alignment.Detaillierte technische Übersicht der TRAIL-Architektur, des Trust-Modells, Credential-Frameworks, Bedrohungsmodells und EU-AI-Act-Ausrichtung.

Read WhitepaperWhitepaper lesen
Open Source

GitHub Repository

Full source code, reference implementation (49 tests), DID document examples. Spec: CC BY 4.0. Code: MIT License.Vollständiger Quellcode, Referenzimplementierung (49 Tests), DID-Dokument-Beispiele. Spec: CC BY 4.0. Code: MIT-Lizenz.

View RepositoryRepository anzeigen
Community

GitHub Discussions

Join the conversation. Ask questions, propose features, share your use case, or challenge the protocol design.Nimm an der Diskussion teil. Stell Fragen, schlage Features vor, teile deinen Use Case oder hinterfrage das Protokolldesign.

Join DiscussionsDiskussionen beitreten