TRIS Standards

TRIS operates on a unified identity schema combining decentralized identity standards, zero-knowledge proofs, and interoperable authentication protocols.

It ensures that every actor in Tythe’s network — whether human, organization, or AI agent — possesses a verifiable, privacy-preserving, and cross-compatible digital identity.

1. Structural Composition

Each TRIS ID is represented by a DID Document with Tythe-specific metadata extensions.

The document links three core layers of proof:

Layer
Description
Output

Proof Layer

Zero-knowledge or cryptographic verification of origin (zk-KYH / zk-KYC / zk-KYB / zk-KYA).

zk-Proof or Credential Hash

Identity Layer

DID + wallet binding representing the verifiable identity anchor.

TRIS DID Document

Credibility Layer

Links to Trovebook entries, DISC Scores, and policy-based attestations tied to that ID.

DISC Hash References

This layered format allows TRIS to serve as both a credential container and a trust index anchor, capable of linking external attestations (e.g., Reclaim proofs, Chainlink Functions, or organizational validations) without revealing private data.

2. DID Schema and Namespace

TRIS IDs follow Tythe’s DID syntax:

did:tythe:<vm_env>:<actor_type>:<unique_identifier>

Component
Description

did

W3C-compliant Decentralized Identifier prefix

tythe

DID method namespace registered by Tythe

<vm_env>

Environment identifier (e.g., EVM, Wasm, SVM, MoveVM).

<actor_type>

Human, Organization, or AI Agent

<unique_identitfier>

The deterministic identifier derived from public key hash

Example:

did:tythe:evm:human:0xa3c...7b1f did:tythe:evm:org:0xb42...e91a did:tythe:evm:agent:0xc98...af02

All TRIS DIDs are resolvable through the Tythe Registry, which returns the DID Document with active verification proofs, wallet mappings, and associated credential hashes.

3. Proof Schema

TRIS verification uses modular zero-knowledge circuits.

Each verification tier defines its own proof schema:

Verification Tier
Schema Reference
Purpose

zk-KYH

/proofs/human/uniqueness

Confirms “1 human = 1 TRIS” without revealing identity.

zk-KYC (ID only)

/proofs/human/idonly

Confirms verified identity without AML data.

zk-KYC (ID + AML)

/proofs/human/idaml

Adds AML and liveness compliance checks.

zk-KYB

/proofs/org/legitimacy

Confirms organizational ownership and legitimacy.

zk-KYA

/proofs/agent/authenticity

Validates AI Agent linkage and behavioral fingerprint.

All proofs are non-interactive and privacy-preserving.

Only proof hashes are stored; raw data remains off-chain.

4. Authentication Standards (OAuth 2.0 + SIWE)

TRIS Auth bridges decentralized identity and Web2 integration through a dual-standard model:

Standard
Function
Role in Tythe

OAuth 2.0 (PKCE)

Enables secure authorization for Web2 and enterprise integrations.

Used in TRIS Auth API and SDKs for token issuance and refresh.

SIWE (Sign-In With Ethereum)

Wallet-based authentication for on-chain identity proofs.

Used to verify wallet ownership and issue TRIS Access Tokens.

TRIS Auth defines the following sequence:

  1. Auth Start: Issues a nonce + SIWE message.

  2. Auth Verify: Validates wallet signature; issues TRIS Access Token (JWT + DID proof).

  3. Token Refresh: Provides silent session continuity via OAuth 2.0 refresh flow.

This hybrid model makes TRIS compatible with traditional OAuth infrastructures while preserving Web3-native identity sovereignty.

5. DID Document

DID Document includes:

{
  "id": "did:tythe:evm:human:0xa3c...7b1f",
  "controller": "did:tythe:evm:human:0xa3c...7b1f",
  "alsoKnownAs": ["TRIS@alpha01"],
  "verificationMethod": [
    {
      "id": "did:tythe:evm:human:0xa3c...7b1f#key-1",
      "type": "EcdsaSecp256k1VerificationKey2019",
      "controller": "did:tythe:evm:human:0xa3c...7b1f",
      "publicKeyMultibase": "zQ3sh...abc"
    }
  ],
  "authentication": [
    "did:tythe:evm:human:0xa3c...7b1f#key-1"
  ],
  "assertionMethod": [
    "did:tythe:evm:human:0xa3c...7b1f#key-1"
  ],
  "service": [
    {
      "id": "#auth",
      "type": "TRISAuthService",
      "serviceEndpoint": "https://api.tythe.org/v1/tris/auth"
    },
    {
      "id": "#resolve",
      "type": "TRISResolutionService",
      "serviceEndpoint": "https://api.tythe.org/v1/did/resolve"
    }
  ]
}

6. Interoperability Framework

Standard
Integration Role

W3C DID

Base identifier structure for each TRIS.

W3C Verifiable Credentials

Credential issuance and validation layer.

ZK-Proofs (SNARK/STARK)

Privacy-preserving identity validation.

OAuth 2.0 (PKCE)

Secure Web2-compatible session management.

SIWE (EIP-4361)

Wallet signature proof for Web3-native authentication.

EIP-712

Off-chain message signing for verification payloads.

7. Governance Alignment

All changes to the TRIS schema or supported standards follow the Identity Schema Governance Policy, requiring:

  • Version anchoring in the PolicyRegistry contract.

  • 90-day deprecation period for legacy proof schemas.

  • Cross-environment compatibility testing before production deployment.

PreviousTRIS OverviewNextTRIS Compatibility

Last updated

Was this helpful?