proof.identity@1 — custodial DID/key (human) + vault. The crypto capsule (plan.md §4.1): this is where the "no wallet" magic becomes real. Keys in the vault, signing as a service. The user signs by Confirming, not by handling keys.
Verification (research.md, A2): ANP §6.2 (m6) + §12 make pairwise DIDs a MUST for identifiable natural persons — so this is not optional. A7: the file vault is designed for ~O(100) agents with no rotation; per-user/-agent custody at scale is the open Stage-A custody question (R11).
Scope (this phase: human only)
Out of scope (→ Phase 4 / #12)
Agent DIDs, issueMandate, checkAuthority, SD-JWT disclosure.
Done
A human subject provisions a DID on first contact; keys never leave the vault; pairwise DID per thread; tenant-isolated.
Blocked by: ADR-0005 (DID method), ADR-0001 (custody), R11 (key scale).
Refs: plan.md §4.1, §4.2, R1/R3/R17.
proof.identity@1— custodial DID/key (human) + vault. The crypto capsule (plan.md §4.1): this is where the "no wallet" magic becomes real. Keys in the vault, signing as a service. The user signs by Confirming, not by handling keys.Scope (this phase: human only)
ensureIdentity(subjectId, 'human')— auto-provision on first contactOut of scope (→ Phase 4 / #12)
Agent DIDs,
issueMandate,checkAuthority, SD-JWT disclosure.Done
A human subject provisions a DID on first contact; keys never leave the vault; pairwise DID per thread; tenant-isolated.
Blocked by: ADR-0005 (DID method), ADR-0001 (custody), R11 (key scale).
Refs: plan.md §4.1, §4.2, R1/R3/R17.