A Beginner’s Guide to $CHEQ: The Foundation of the cheqd Ecosystem

cheqd & $CHEQ Explained

cheqd is the Payment & Trust Infrastructure for Credentials & Verifiable AI. We enable the creation of eID, digital credential businesses, personalised AI, and trust ecosystems. We provide privacy-preserving payments for data to incentivise its release from data siloes to enable impossible combinations of data to unlock new user experiences and personalised AI.

cheqd leverages Self-Sovereign Identity (SSI), Decentralised Identifiers (DIDs) and Verifiable Credentials (VCs) technologies to enable organisations to create their own Trusted Data ecosystems. 

The more credentials organisations issue and verify on cheqd across diverse use cases, the higher the transaction volume on cheqd’s network, directly driving consumption and burn of $CHEQ.

This guide will explore everything you need to know about cheqd, how it works, and how the $CHEQ token plays a vital role in this groundbreaking identity solution.

The team behind cheqd

cheqd was co-founded by Fraser Edwards and Ankur Banerjee after their extensive experience at Accenture, where they spent six to seven years exploring various technologies, including biometrics, AI, blockchain, and network infrastructure. During their final years at Accenture, the focus shifted towards central bank digital currencies, cross-blockchain payments, and self-sovereign identity. It was in this period that Fraser and Ankur recognised a significant gap in the SSI space: while the concept of individuals owning their own data was widely appreciated, there was no clear pathway to monetisation. After repeatedly encountering this challenge in sales and business development meetings, the two co-founders decided to tackle the issue head-on. This decision led to the creation of cheqd in 2021. Their goal was to develop a sustainable business model that could unlock the true potential of self-sovereign identity. Javed Khattak later joined cheqd as a co-founder and CFO, bringing a wealth of financial and technical expertise. His background includes leading multi-billion-dollar funds and advising governments, central banks, and global brands.

Fraser: Follow him on Twitter | Connect on LinkedIn
Ankur: Follow him on Twitter | Connect on LinkedIn
Javed: Follow him on Twitter | Connect on LinkedIn

How cheqd Works

cheqd provides a vertical suite of solutions from cheqd Studio to Creds to establish trust and enable individuals and organisations to own, control and monetise their data in a portable privacy-preserving manner. The underlying privacy-preserving payment infrastructure Credential Payments creates a clear commercial model or revenue opportunity, allowing verifiers to directly pay issuers, verifiers to pay holders, or holders to pay issuers to unlock Credential Status information.

cheqd’s innovative approach is rooted in the use of Decentralised Identifiers (DIDs), Verifiable Credentials (VCs), Trust Registries, and technical standards developed by the World Wide Web Consortium (W3C).

Learn about the technicals

Use Case: Verifiable AI

The cheqd network and solution can be applied across diverse use cases ranging from reusable KYC to gaming, with the prominent one being verifiable AI. vAI leverages cheqd’s infrastructure to ensure trustworthiness in AI driven interactions.

  • AI Agent: enable agents to carry verifiable credentials, which authenticate their identity, origin of training data, or legitimacy of outputs.
  • Content Credentials: content credentials can be issued and verified, ensuring that authenticity claims are both trusted and easily accessible.
  • Proof of Personhood: provide a decentralised framework for issuing and verifying credentials that prove an individual’s authenticity.

Contact us to build trust into your AI solution

More readings on Verifiable AI: The Agentic Economy Beyond Crypto | Our Verifiable AI Learnings | First vAI Partnership | Verifiable AI by cheqd | Use Cases of Verifiable AI Across Industries | Harnessing Verifiable AI to Defend Against Deepfakes | Verifiable AI in Action: Challenges and Opportunities | Origin of Verifiable AI:The Interplay of AI and Verifiable Credentials

What is the $CHEQ Token Used For?

The $CHEQ token is the backbone of the cheqd ecosystem, serving multiple purposes:

  • Identity writes: Write Decentralised Identifiers (DIDs) and DID-Linked Resources to the network. Leads to a percentage of tokens burnt from the network.
  • Credential Payments: Payments for decrypting on-ledger resources for the purpose of a Verifier paying a Credential Issuer.
  • Governance: cheqd is a Delegated Proof of Stake network. $CHEQ holders have the power to vote on proposals, giving them a direct say in the future development of cheqd.
  • Staking: Users can stake $CHEQ tokens to support the network and earn rewards in return, providing an additional layer of security and engagement.
  • Incentives for Validators: Validators, who are responsible for maintaining the integrity of the network, are rewarded in $CHEQ for their work. This ensures that the network remains secure and operational.

cheqd is enhancing its tokenomics for $CHEQ holders with a deflationary mechanism and updated identity transaction pricing. Moving beyond gas-based fees, the new structure aligns fees with the network’s value, following models like Osmosis and Kujira. A portion of fees from identity transactions will reward validators and delegators, while another portion will be burned, reducing token supply.

This burn mechanism offsets staking rewards’ inflationary effects, aiming to stabilise the $CHEQ supply at one billion tokens. As network adoption grows, both rewards and token burns will increase, potentially boosting annual percentage yields (APY) and supporting the token’s value.

Study the CHEQ tokenomics

How to Own $CHEQ?

cheqd ($CHEQ) can be bought on popular cryptocurrency exchanges like Gate, BitMart, MEXC, MyContainer, and LBank (updated at the time of writing).

Experienced cryptocurrency users can opt to buy cheqd tokens via decentralised exchanges (DEXs) like Uniswap, Osmosis, Kujira, and Manta. Please check out their respective purchase guide as wrapped tokens might be involved in the process.

Get $CHEQ now

What is a cheqd Mainnet Wallet?

The CHEQ token can be purchased and transferred directly to a cheqd mainnet wallet address. There are two options for setting up a wallet and adding cheqd’s mainnet and testnet.

Browse setup guide on Leap wallet

View setup guide on Keplr wallet

How to Stake $CHEQ?

Once you have set up your wallet, you have two options for staking: via OmniFlix or Leap Wallet.

For OmniFlix, head over to the cheqd staking and governance dashboard. You can either click “Stake Tokens” or click the tab in the right hand corner called “Stake”.

cheqd staking and governance dashboard

With Leap Wallet, follow the instructions provided to stake directly from there.

What is the cheqd Explorer?

Big Dipper is the cheqd Explorer. It is an open-source block explorer and token management tool serving over 10 proof-of-stake blockchains.

cheqd mainnet block explorer

cheqd testnet block explorer

Where to Cast Votes for cheqd Proposals?

Holders of the native cheqd token, $CHEQ, can vote for proposals either on:

OmniFlix: https://cheqd.omniflix.co/proposals

Commonwealth: https://forum.cheqd.io

The Trust Registry Opportunity in the EUDI market

Presenting a Hybrid Approach to Trusted List Infrastructure and Management

Introduction

In June 2024, the latest version 1.4 of the European Digital Identity Wallet Architecture and Reference Framework (EU ARF) was made available by the European Commission; and a month later in July 2024, the first set of Draft Implementing Acts were published, including one on the EU Trust Framework. In each version, we are getting closer to an end-to-end trust model for European Digital Identity.

However, there is one aspect of the EUDI model that has remained relatively ambiguous, and moreover, this aspect is arguably one of the most crucial components of the model in establishing full end-to-end trust — that being, the construction of Trust Registries and Trusted Lists.

As shown in green on the diagram below, the “Trusted Lists Registrar” component of the EUDI model is a central point of trust, on top of which, all participants and entities in the EUDI ecosystem rely upon.

Trusted Lists are therefore pivotal in enabling relying parties to fully trust a credential presented to them. When consuming a digital credential, a relying party needs to verify not only the veracity of the issuer of that credential, but also the integrity and provenance of the “accreditation” and “authorisation” that issuer has to issue credentials within a particular governance framework. Secondly, the holder should be able to verify the integrity of the wallet provider or wallet agent; and finally, the holder should be able to verify the legitimacy of the relying party “verifier” application requesting digital credentials.

To explore this theme in more detail, this blog will centre around four core questions:

  1. What constitutes a trusted list?
  2. What is the problem with existing trusted lists?
  3. What is the difference between a “qualified” trust service and a “non-qualified” trust service?
  4. Why is there a significant opportunity in the market for a breakthrough trust registry model?

Through addressing these four questions, we will present an argument as to why cheqd is poised to position itself as a leader within the EUDI market and beyond, by solving an industry-wide problem regarding trusted list infrastructure.

Presenting a Hybrid Approach

There has been a longstanding debate regarding the applicability of DIDs to provide an equivalent function to X.509 certificates in digital credential ecosystems, owing to their ease of deployment, key management flexibility and inherent resolvability.

However, on their own, DIDs are not a complete solution because they need to be paired with a robust trust registry infrastructure to be an effective identifier model.

Together with the Fraunhofer Institute, we propose a hybrid approach to Trusted List and Trust Registry management, which blends the benefits of DID and DID-based trust models, with the “high” LoA trust infrastructure of DNS, traditional PKI and X.509 certificates.

Throughout this blog, we will explain why a hybrid approach is necessary to improve on the existing traditional trust registry infrastructure, and how it creates a much more flexible and extensible architecture for digital credential ecosystems.

eIDAS 1.0 and traditional PKI

The concept of “Trusted Lists” within the EU ARF (and eIDAS 2.0) is an extension of the well-trodden path of trusted lists within eIDAS 1.0. Under the eIDAS framework, each of the 27 Member States maintains their own trusted list of “Qualified Trust Service Providers (QTSPs)” — namely, organisations that have been audited and approved to offer a set of “qualified” services, including:

  1. Qualified Electronic Signatures;
  2. Qualified Time Stamps; and
  3. Qualified Electronic Seals.

For digital document sharing, digital contracts and digital files shared between organisations, these “qualified” servicesestablish trust in the integrity of these actions through the use of Public Key Infrastructure (PKI) and secure digital certificates (generally type X.509). And through the eIDAS framework, the trust imbued in a QTSP in one Member State is given equivalent recognition across all Member States, creating an interoperable ecosystem of trust across the EU.

Furthermore, the eIDAS framework gives legal effect to electronic signatures backed by QTSPs, providing them the same level of trust as written signatures. This system has been fully functional for a number of years now, but there are a number of challenges that have inhibited mass adoption of eIDAS.

Challenges of eIDAS 1.0 and Traditional PKI

It is well documented that eIDAS 1.0 certificates have had lower levels of adoption than initially envisaged, which has accelerated the movement towards eIDAS 2.0. As such, it is important to reflect on the reasons why this occurred, before, as a community, we default to championing X.509 certificates as Roots of Trust for emerging digital credential ecosystems.

Many of the challenges faced under eIDAS 1.0 can be attributed to a lack of flexibility in how X.509 certificates can be used to convey trust between different member states, governance frameworks and certification schemes. This has led to a lack of interoperability between member states, whereby certificates issued in one member state are rarely able to be used in others.

X.509 certificates have undoubtedly been used for useful, robust and critical pieces of the web infrastructure stack. However, it is posited that they lack some of the fundamental capabilities to act as flexible, future-proofed roots of trust in a digital credential ecosystem, for three reasons:

  1. Square pegs in round holes: X.509 certificates were designed to answer the question “is this connection secure”, rather than “is this identifier trustworthy”. Therefore, each subsequent update to the X.509 spec (such as v3), has attempted to gradually create a more flexible and extensible data model. However, although X.509 v3 did include specific “extensions” to add more context on what a certificate was issued for and for what purpose, the scope of what you can achieve with an X.509 certificate is still relatively narrow.
  2. Difficulty in Handling Evolving Trust Relationships: In many domain-specific use cases, trust relationships are dynamic and require frequent updates based on changing conditions or regulatory requirements. X.509 certificates are static once issued, meaning they cannot be modified without reissuing a new certificate. This lack of adaptability is a significant drawback for domains that need to manage evolving trust relationships.
  3. Limited Support for Contextual and Granular Trust: X.509 certificates provide a binary level of trust (valid or not valid), lacking the ability to express more granular or contextual trust conditions. In contrast, many domain-specific applications might require credentials that can dynamically change trust levels based on context, permissions and policies depending on location, time, or user role.

It is important to highlight that this analysis is not a critique of X.509 certificates, in fact they have robustly stood the test of time to establish part of the backbone of the web today. What this is intended to question is whether X.509 certificates really are best placed for an efficient, flexible and scalable trust model for the EUDI ecosystem, where queries against trusted lists will be more vital and ubiquitous than ever before.

Extending Trusted Lists into the EU ARF

For the emerging EUDI ecosystem, “Trust Service Providers (TSPs)” will play a similar role in establishing “Roots of Trust” for digital credentials that are issued. In “decentralised identity” and “digital credential” ecosystems, credentials are cryptographically signed by an “issuer” and then are “issued” to a natural or legal person, who can then store the credential in their digital identity wallet. Therefore, these “issuers” need to be traced back to a trusted source.

For “Personal Identity (PID)” and “high” Level of Assurance credentials, they will be required to be traceable back to a “Qualified” TSP. The EUDI framework therefore establishes the concept of “Qualified Electronic Attestations of Attributes (QEAAs)” which are digital credentials that are cryptographically signed by a “QTSP”. The idea here is that a QEAAs have a higher level of trust assurance because a relying party can trace the credential back to a trusted X.509 certificate, backed by the eIDAS 1.0 framework.

Equally, the EUDI framework also acknowledges there will be non-qualified “Electronic Attestations of Attributes (EAAs)”. These will be more generic credentials of a “substantial” or “low” Level of Assurance. And rather than needing to be traceable back to a QTSP, these credentials may only need to be signed by a generic TSP. As such, there is much more flexibility in how EAAs may be implemented across different domain-specific use cases.

Importantly, for both EAAs and QEAAs, trust registries will play a very important role because relying parties will need to be able to make trust decisions about both these types of credentials, in a clear, accessible and interoperable way. And crucially, we need trust registry implementations that can delineate between different levels of assurance, permissions, policies and roles. If we are not cognizant of this requirement, there there is a real risk that the same challenges affecting the adoption of trusted certificates under eIDAS 1.0 will only get worse within the EUDI ecosystem.

For this reason, we have looked at alternative and hybrid approaches for trusted lists, trust registries and overall trust management which we see as an emerging opportunity in the EUDI market.

The Trust Registry Opportunity in EUDI

Over the past year of Large Scale Pilots and national projects such as DC4EU, the SPRIND Funke wallet prototype, there has been a narrow focus on High Level of Assurance (LoA) credentials, such as “Personal Identity (PID)” credentials.

Naturally, what has transpired from the focus on High LoA credentials is an equal focus on High LoA trust infrastructure and “Qualified Trust Service Providers”, namely using traditional PKI and X.509 certificate schemes. While these High LoA credentials are very important for the proper implementation of EUDI, in practice, they will only cover a minority of the total number of digital credential use cases.

The diagram above shows how “PID” and “QEAA” credentials will cover less than half of the total number of industries expected to adopt Verifiable Credentials. As such, there is currently a gap in the EUDI market for providing trust registry infrastructure for Medium and Low LoA credentials that can emanate from “Non-Qualified Trust Service Providers” and coexist with the QEAA credentials.

Exploring the Hybrid Model

Together with the Fraunhofer Institute we have established an architecture that creates a far more extensible approach to trust registries for the emerging EUDI market. This approach combines three different approaches to trust registries into one overarching architecture:

1. High Assurance Verifiable Identifiers

This model proposes that each governance framework establishes a set of High Assurance Verifiable Identifiers, building on top of the work of the Trust over IP High Assurance VID Task Force. This is an identifier that is cryptographically bridged to other equivalent identifiers for increased cryptographic assurance that the identifier belongs to a particular legal entity. For example, a “Root” DID can be stored within a DNS record, and can also be bridged with an X.509 certificate.

2. The European Blockchain Services Infrastructure (EBSI / Europeum) “Trust Chain” model

As part of this High Assurance VID, the Root organisation can “accredit” other organisations in its ecosystem, using issued “Verifiable Accreditations”. These Accreditations are Verifiable Credentials that are chained in a way whereby a relying party can traverse back to the High Assurance VID. Each Verifiable Accreditation can cryptographically prove that the TSP has been vetted and approved by a Root Authority. As a result, credentials issued by the TSP would inherit a level of trust derived from their association with the Root Authority, potentially enhancing their legal recognition and acceptance under eIDAS 2.0.

An organisation that issues an accreditation may also accredit other organisations with an array of permissions, including:

  • Defining the schema of credentials or accreditations that the “subject” DID is permitted to issue;
  • The jurisdictions under which the subject DID is permitted to operate within; and
  • The lawful bases under which personal data within an issued verifiable credential must be handled, conforming with GDPR requirements by design.

This not only creates a “chain” of trust, but a chain of “governance” that is fully machine resolvable. Within the EBSI trust chain model, any “Credential” issued by an organisation can reference the URI for the “parent” accreditations up the trust chain, enabling a relying party to traverse the chain to the root of trust. This enables a far more flexible and domain-specific way of setting permissions and policies for each entity within the ecosystem, than relying on X.509 certs on their own.

3. W3C DID-Linked Resources for trust registry entries and standardised resolution

Within the proposed hybrid model, each “Verifiable Accreditation” is stored as a “DID-Linked Resource”, meaning that each Accreditation is uniquely resolvable, persistent and historically indexable. This allows issuers to include reference to trust registries and specific accreditations within issued credentials using a common DID URL syntax, as well as for verifier applications to resolve and traverse to each trust registry entry via the principles of DID URL resolution and dereferencing.

4. Alignment with OpenID Federation

OpenID Federation is an emerging specification that similarly creates hierarchical trust relationships for ecosystems. It shares many similarities to the proposed hybrid model in this blog, and there are ongoing efforts to expand the scope of OpenID Federation to allow a broader set of “Entity Identifiers” than simple web URLs.

Therefore, the medium-to-long term goal of the hybrid model is for it to become an implementation profile of a broader OpenID Federation model.

Benefits of the Hybrid Model

A hybrid model that combines X.509 certificates, DNS, Decentralised Identifiers (DIDs), and Verifiable Accreditations (stored as DID-Linked Resources) offers a range of benefits, blending the strengths of both traditional Public Key Infrastructure (PKI) and decentralised trust frameworks, including:

1. Enhanced Flexibility and Customisation:

The hybrid model allows for tailored trust solutions that can accommodate varying assurance levels across different domains. While X.509 certificates provide a high level of assurance for traditional applications (e.g., website authentication and secure communications), DIDs and Verifiable Accreditations offer more flexible, domain-specific credentials that can be customised to specific needs and contexts using customisable “permissions” and “policies” within each Verifiable Accreditation.

2. Scalability and Efficiency:

Decentralised elements like DIDs and Verifiable Accreditations reduce the dependency on centralised Certificate Authorities (CAs) and streamline the issuance, management, and revocation of trusted certificates. By only requiring X.509 certs for the Root of Trust, ecosystems can develop with lower operational overhead and faster scalability, which is crucial for the acceleration of EUDI ecosystems over the coming years.

3. Improved Interoperability:

Combining X.509 certificates with DNS, DIDs and Verifiable Accreditations enhances interoperability between legacy systems and emerging decentralised frameworks. This ensures a smoother transition for organisations adopting new identity standards without fully abandoning their existing PKI infrastructure, enabling a more seamless integration across diverse digital identity ecosystems.

4. Stronger Security and Redundancy:

The hybrid approach offers multiple layers of security, given X.509 certs, DNS and DIDs will be stored on different fundamental infrastructure. For example, using blockchain-based DIDs creates a dual-layered model that enhances resilience against attacks or failures, as the compromise of one trust layer does not necessarily affect the other. It provides redundancy and allows for a more robust security profile.

5. Horizontal, federated trust graphs:

Through implementing multiple federations of DIDs and Verifiable Accreditations (and iterating on top of the great work of OpenID Federation), the infrastructure is well placed for inter-ecosystem trust graphs, whereby different ecosystems can accredit each other to varying levels of assurance — creating a graph-like structure of cross-domain trust. This level of inter-ecosystem trust is currently the biggest blocker for more traditional X.509 based certificate schemes, owing to the lack of context specific detail which can be added — yet, it is a crucial component for a functional, interoperable digital credential future.

Conclusion

The urgency for innovative Trusted List models in the EUDI market cannot be overstated. As the European Union moves towards more stringent digital identity regulations and the demand for secure, scalable, and user-friendly digital solutions grows, the opportunity to lead in this space is ripe for the taking. We believe that organisations such as cheqd and EBSI that embrace the hybrid approach now will be well-positioned to establish themselves as pioneers in the digital identity landscape, benefiting from first-mover advantages and influencing the standards and frameworks that will govern the future of digital trust.

By leveraging the scalability, cost-effectiveness, and decentralisation of DID-based models while retaining the legal assurance of qualified services, this approach caters to the diverse needs of modern digital transactions — from high-assurance regulatory environments to dynamic, domain-specific use cases.

This is not just an opportunity — it is a strategic imperative for those looking to stay ahead in a rapidly evolving market. We also acknowledge that a strong trust registry alternative is a priority for many jurisdictions adopting digital credentials, and as such, we will next be looking at formalising and standardising the approach for wider adoption.

Introduction to Trust Registries

Introduction

Imagine walking through a vibrant city filled with people constantly meeting, exchanging information, and conducting business. In this city, trust is essential — you need to know who’s legitimate, who’s certified, and who can be trusted with important responsibilities. Now, picture a guidebook that lists all the trustworthy individuals and organisations in this city. This guidebook tells you who can be relied upon to perform key roles. Trust registries is a digital version of the guidebook, much like the city’s official “Who’s Who” guide, telling us whom we can trust.

In the realm of digital identity, where interactions happen without face-to-face contact, establishing trust is even more critical. Verifying who is authorised to issue and validate digital credentials becomes essential for secure transactions and identity verification. This is where trust registries come into play, acting as a trusted source to ensure that individuals and organisations involved in digital credentialing are legitimate and reliable.

The Value of Trust Registries

Trust registries offer significant benefits to multiple parties within digital identity ecosystems, enhancing security and trust across various interactions.

Individuals gain confidence in the authenticity of digital credentials, knowing they are dealing with legitimate issuers and verifiers. This reduces the risks of fraud and identity theft, empowering users to engage securely in digital transactions and services.

Organisations and businesses benefit from streamlined verification processes. Trust registries eliminate the need for time-consuming manual checks, enabling faster, more secure transactions. By ensuring that partners, customers, and employees are verified through trusted sources, businesses can simplify compliance with regulatory requirements, particularly in sectors like finance, healthcare, and education.

For credential issuers, such as universities, banks, and government bodies, being listed in trust registries enhances their credibility. It signals to verifiers that their credentials are trustworthy, fostering global trust in their digital certifications.

Regulatory bodies also benefit from trust registries by ensuring compliance with industry and government standards. These registries help enforce identity verification regulations, reducing the chances of fraudulent credentials circulating in the system.

Lastly, developers and service providers building digital identity-based applications can integrate trust registries to enhance the security and trustworthiness of their platforms. By leveraging verifiable credentials, they can offer users a more secure and seamless experience.

Overall, trust registries create a reliable and secure foundation for digital identity verification, benefiting all stakeholders involved. Without trust registries, we would be left guessing who is credible and who isn’t, exposing ourselves to a variety of risks in the process.

How Trust Registries Work with DIDs and VCs

DID-based trust registries work closely with two key technologies: Decentralised Identifiers (DIDs) and Verifiable Credentials (VCs). Together, they create a secure and decentralised way to manage digital identities and credentials, ensuring that people and organisations can trust who they are dealing with online.

DIDs (Decentralised Identifiers):
Think of DIDs as digital identifiers that allow individuals or organisations to prove their identity without relying on a centralised authority. Unlike traditional identifiers, such as usernames or email addresses controlled by external entities (like service providers), DIDs are fully decentralised. In the context of trust registries, they enable organisations to demonstrate that they are trustworthy through being able to prove control of the keys in the DID.

VCs (Verifiable Credentials):
Verifiable credentials (VCs) are like digital ID cards that prove something about a person or organisation, such as their age or qualifications. In the context of trust registries, VCs are used to “accredit” organisations for specific purposes, allowing relying parties to query whether a particular organisation is authorised to issue credentials.

Trust Registries in Action:
Let’s say you receive a digital diploma from a university in the form of a Verifiable Credential. A trust registry will confirm that the university’s DID that is issuing the diploma is legitimate, accredited and recognized, allowing others, such as potential employers, to trust that credential without needing to communicate with the university directly. Similarly, if an employer or government agency is verifying your credential, a trust registry may ensure that they are authorised to check and validate your information.

By leveraging DIDs and VCs alongside trust registries, the entire process becomes more secure, efficient, and decentralised.

What's the Old-School Way? X.509 Certificates and DNS Records

Before DID-based trust registries, the traditional method of establishing trust online relied heavily on X.509 certificates and DNS records. These systems have served as the backbone of online identity verification for decades, but they come with limitations in today’s digital landscape.

X.509 Certificates:
X.509 certificates are like the traditional “paper IDs” of the internet. When you visit a website, the site presents an X.509 certificate to prove it’s legitimate, similar to how someone would show you an ID card to confirm who they are. However, these certificates rely on a central authority, known as a Certificate Authority (CA), to vouch for the site’s authenticity. While this system works, it comes with some drawbacks. It’s far too easy to obtain an X.509 certificate for your website, and for this reason, some certificates have become essentially meaningless. Moreover, it’s difficult to express what the recipient of an X.509 certificate is trusted for.

DNS Records:
Domain Name System (DNS) records are like the phone books of the internet. They translate domain names (like www.example.com) into IP addresses that computers use to find each other online. While DNS plays a crucial role in routing traffic, it was invented to help computers communicate with each other — not necessarily to help build trust in the organisations being represented. Worse still, because DNS is centrally managed, it is vulnerable to hacking and manipulation. If someone gains access to the DNS records of a website, they can redirect users to fraudulent sites, leading to security threats like website spoofing or data theft.

The Problem:
The major issue is that both X.509 certificates and DNS records were never intended to be used for “trust.” As such, they have inherent limitations when employed in this capacity. Their reliance on central authorities and their lack of granular context creates significant challenges in establishing and maintaining genuine trust in online interactions. Amid the swift currents of the digital age, these traditional methods are beginning to reveal their fading relevance to security and authenticity for digital interactions in a more decentralised internet. That’s why new approaches, like trust registries combined with DIDs, DID-Linked Resources and VCs, are emerging to offer a more secure, efficient, and decentralised way to manage trust online.

Why DID-based Trust Registries Are the Future for Digital Credentials

Trust registries, powered by technologies like Decentralised Identifiers (DIDs) and DID-Linked Resources, are shaping the future of digital credentials. cheqd’s innovative use of these decentralised systems enables trust to be built in a way that’s secure, scalable, and transparent. With DIDs, entities can independently verify and control their identities without relying on central authorities, while DID-Linked Resources offer a secure way to manage accreditations or authorisations linked to these identifiers. Together, these technologies form the backbone of future-proof trust registries.

In a decentralised identity ecosystem, multiple parties — issuers, wallets, and verifiers — must be considered trustworthy. Each of these parties plays a crucial role in the process: issuers create and sign credentials, wallets securely store them, and verifiers authenticate the credentials presented. Traditional models of trust, such as X.509 certificates and DNS records, are not nuanced enough to effectively provide infrastructure for these diverse roles. They fall short in addressing the varying levels of trust needed for different parties and contexts.

In contrast, DID-based trust registries can flexibly accommodate these complexities, allowing ecosystems to establish bespoke permissions, policies, and rules. This adaptability means that organisations can create tailored trust frameworks that suit their specific needs, fostering an environment where trust can flourish across multiple stakeholders. As we move toward a more decentralised future, these trust registries will play a pivotal role in ensuring that all parties involved can confidently interact and engage in secure digital transactions.

Are you ready to make digital interactions safer and more reliable? Discover how trust registries can transform your business or organisation. Start exploring today how you can build or join a trust registry, and be at the forefront of secure digital credentialing. Let’s create a digital world where trust is easy to verify! Contact [email protected]

The Agentic Economy Beyond Crypto - How AI Agents Will Change Consumer Experience

TL;DR — The Agentic Economy

AI or personalised agents have been spoken about for years in Self-Sovereign Identity (SSI) and Decentralised Identity (DID) circles, they are imminent and will have a colossal impact on user and consumer experience. In the agentic economy, AI agents will be used to cast intents out into marketplaces (whether DeFi, travel or other) and negotiate on behalf of individuals. This will allow the creation of personalised travel itineraries, including with the use of loyalty schemes, or identifying and negotiating the best offers for a desired product or service as an example.

All of these new experiences require access to trusted data, such as loyalty schemes, insurance policies, identity data, and more to fulfil these services. To access this data, agents will need to either directly pay or provide value back to whichever organisation provides it.

The agentic economy will be powered by the trusted data economy.

cheqd and $CHEQ stands ready to power the agentic economy, ensuring AI/personalised agents have access to the data required to successfully and accurately execute their user’s intents, creating this new user experience paradigm.

Furthermore, AI agents add an additional multiplier into $CHEQ tokenomics as well as accelerating the velocity and frequency of use of credentials.

  • Data subject x number of AI agents per subject x number of organisations issuing data x number of organisations receiving data x number of credentials

Verifiable AI is key to further accelerate the agentic economy by ensuring that the Trusted Data AI agents rely on is accurate.

AI / Virtual / Personalised / Smart Agents — Verifiable AI

Whatever you call them, they’re coming… …to work on your behalf.

AI agents follow the definition of a legal agent, below, simply shifting from being a person as in the historic definition to AI.

A person who has been legally empowered to act on behalf of another person or an entity

Smart agents, synonymous with AI agents, have long been on the roadmap for decentralised identity / Self-Sovereign Identity to counteract, simplify and generally improve the efficiency of individuals having to deal with a deluge of personal data and hence decisions on what they’re receiving and what they are sharing. In the current ownership these decisions are delegated to centralised platforms / siloes that can resell / share personal data without visibility of the individual. Agents are envisioned to play a critical role in managing the interactions, data, and credentials involved in SSI systems.

DID / SSI Terminology

It is worth clarifying some terminology within DID / SSI which can be confusing:

  1. User agents: Software applications that allow users to manage their credentials (e.g. wallet apps).
  2. Edge agents: Software usually on personal devices such as smartphones or computers, typically to allow individuals to manage credentials. Conceptually extremely similar to “User agents” with the additional specification of the compute resource it is stored to.
  3. Enterprise agents: Software used by organisations to interact with or manage credentials.
  4. Cloud agents: Software in data-centres or the cloud which allow organisations or individuals to interact with or manage credentials. Typically similar to “Enterprise agents” with the additional specification of the compute resource it is stored to although can sometimes refer to “User agents” operating from the cloud / data centres.

We’ll be focusing on “User agents” since innovation here will have by far the greatest impact in terms of user experience and changing the paradigm of the interaction between people and companies.

Basic functionality

Agents were always envisioned as helping people manage their data, privacy, ownership, and consent with the shift to a data-control/ownership paradigm where they are in charge. They would also help negotiate interoperability, as this problem is solved, navigating between different credential formats and exchange protocols, meaning users would never need to worry whether their driving licence is mDL or SD-JWT format.

Crypto Agents & Intents

As with SSI / DID, agents are being touted as the silver bullet to help users navigate the complexities of crypto, especially DeFi with a myriad of protocols and networks. Hence token representations requiring intelligent bridging between protocols and networks to achieve desired outcomes.

Coinbase, for example, has identified 18 companies building “agentic networks & platforms” within or adjacent to Web3 / crypto. They have also revealed a core thesis surrounding the “agentic web”.

“A transformative paradigm in which AI agents operating on crypto infrastructure rails can become significant drivers of economic activity and growth. We predict a future where agents will have their own crypto wallets to autonomously transact and fulfill user intents, access lower-cost, decentralized compute and data resources, or leverage stablecoins to pay humans and other agents to complete tasks necessary for their overall objective function.

Similarly, Binance recently released a report on the “Future of AI agents in crypto”. A key concept adjacent to the “agentic” internet is “intents”, defined by Coindesk below.

an intent is a specific goal a blockchain user wants to accomplish

“Intent”-centric architectures are necessary since:

“blockchains are expanding so rapidly. With Bitcoin, Ethereum, a host of alternative layer-1 networks, layer-2 networks, and now even layer-3 networks proliferating, accompanied by myriad “bridges” and other “interoperability” solutions connecting them all, it’s all becoming more daunting to navigate.

“the number of possibilities that you can do on blockchains has compounded,” Arjun Bhuptani of Connext, an interoperability protocol, explained. “You have an infinite possible way of doing a transaction at a given time.”

Beyond Crypto / Web3: Intent-Casting

This limitation to blockchains is exactly that, limiting and unnecessarily so. OpenAI for example is intending to release AI agents which can automate tasks for individuals. Beyond simple automation, a more interesting and revolutionary idea is intent-casting

A way of issuing a personal “Request for Proposal”, a buyer-initiated procurement protocol typically used by businesses, governments and other large organisations” where multiple companies provide quotes which the buyer then selects from depending on budget, whether the proposal meets the request and personal preference.

Examples could be:

Intent-casting effectively inverts the current consumer-company paradigm in a way that comparison websites and general product search attempt to a small degree. Instead of having to search and then compare products which may be similar but are fundamentally different and then compare across vendors, intent-casting brings all the relevant products or services to you, ranks them in terms of your stated preferences and allows you to select the offer which suits you best extremely quickly with much less cognitive effort.

Personalised AI

To achieve “intent-casting”, AI or smart agents need access to accurate and verified personal data to make informed decisions on an individual’s behalf. Otherwise the request to the market could be wildly inaccurate, misleading or downright dangerous, for example:

  • Low risk: receiving a range of product options all of which aren’t suitable because the wrong preference was shared, e.g. colour or size.
  • High risk: broadcasting your genuine address, salary and house contents to an entire marketplace due to a lack of privacy controls.

User-owned / private data is therefore crucial for “agentic networks & platforms”. The more accurate data an agent has about an individual the better results it will secure, prioritise and present.

Examples

Cookies

Imagine a world where those annoying cookie pop-ups and consent prompts are a thing of the past because your personal AI agent has already taken care of them for you. Every time you surf the interwebs, you move seamlessly from page to page, while your trustworthy agent silently manages these interruptions in the background.

Travel

Now picture something even more exciting. Say you’re planning a holiday. Your agent analyses all your previous trips — those flowery escapes you loved, those overly busy tourist traps you didn’t — and combines that insight with your new preferences, your dream destination, and your budget. The result? A complete itinerary, thoughtfully crafted to fit your tastes and lifestyle. And here comes the game changer: your agent books everything on your behalf, handling flights, hotels, travel insurance, and more. All you need to do is pack and thank verifiable credentials.

eCommerce & Insurance

Another example, imagine shopping for something a bit pricier online, like a new laptop or a high-end TV. Your agent doesn’t just search; it sends out your specs and preferences to trusted retailers, gathering tailored offers based on the best fit for you. Then, by securely verifying that you’re a genuine customer, it unlocks special discounts, saving you money while protecting the retailer from risks like chargebacks or scammy returns.

Once you decide on a purchase, your agent automatically saves the receipt somewhere safe (no more scouring inboxes to find it later), and even contacts your insurance provider to make sure your new item is covered. If it’s already covered, your agent confirms it’s included; if not, it lets you know about any extra costs, seeking your consent for coverage.

In short, this agent takes the grind out of everyday logistics, from browsing online to planning adventures — giving you back your time and peace of mind.

The Agentic Economy

Agents require access to accurate and current personal data to appropriately serve requests by their users and ensure the agentic economy thrives. Some data can be provided by users, such as email or conversation history which can help provide personality and tone for agent’s communications when representing individuals but other data will require veracity, provenance and lineage.

For example, where an agent is arranging travel or overall trip, the ability to access and use loyalty programmes to achieve discounts is crucial and relies on agreement with the loyalty programme provider. Similarly, any insurer will want proof that a receipt is from the correct retailer due to fraud concerns and therefore the agent needs to be able to manage trusted data / verifiable credentials to negotiate these use-cases and more.

As with the trusted data economy, all of this data has value and hence companies will expect to be paid whenever that value is used . This will require agents to acquire trusted data wherever possible and negotiate data value chains to secure said data.

Similarly to “intents” with regards to blockchain networks, agents will be responsible for obtaining data or trusted data at the lowest price point wherever the data can be sourced from multiple places.

For example if a service required a credit score or file but it can come from any reputable provider, the agent can source either:

  • The highest credit score so the user can secure the best offer, or
  • If all their credit scores are above the threshold, optimise for the cheapest cost to the user if required.

$CHEQ

cheqd tokenomics and hence burns of $CHEQ through network utility usage have always scaled with the volume and velocity of trusted data. The agentic economy introduces a new factor / multiplier into this equation.

Previously, usage of network utilities would scale by number of people, organisations or things, looking to share data with other organisations or people:

  • Data subject x number of organisations issuing data x number of organisations receiving data x number of credentials

With agents added in, that becomes:

  • Data subject x number of AI agents per subject x number of organisations issuing data x number of organisations receiving data x number of credentials

There will also be an increased frequency and velocity of sharing as a result. It’s also feasible that each agent will not only have a DID on the network but will also be represented on trust registries to demonstrate publicly that they have been verified. As mentioned above, OpenAI intends to release AI agents to help automate tasks imminently. However, it is then crucial for these agents to prove they both have the appropriate authorisation and were created by reputable companies to avoid colossal issues with fraud and impersonation.

As an illustration of the scale of the impact agents will have.

There are ~8.1b people on earth; if even 1/10th of them have a singular agent, there would be 0.8bn agents. In practice, people are likely to have multiple agents, as will organisations and even potentially things meaning the numbers are astronomical. Each of these agents, whether for individuals, companies or things will all be transacting trusted data.

Conclusion

We believe that agents are here to stay and that it will kickstart a new economy. Together with our partners such as Timpi, Devolved AI, Nymlab, and others, we’re building solutions that will add trust, convenience and safety to mundane, or not, tasks we perform every day.

Trust will come from credentials and other SSI technologies and frameworks that are intrinsic to the cheqd network. Payments are central to any economy and cheqd is well positioned with $CHEQ and credential payments to play a key role in the new Agentic economy.

If you’re interested in growing the Agentic Economy together with us, please get in touch at [email protected].

Timpi and cheqd Announce Strategic Partnership to Unlock Trusted Data for Decentralised AI

We are excited to announce a strategic partnership between Timpi and cheqd, two pioneers in the world of decentralised data and AI. By combining Timpi’s DePIN network and web index with cheqd’s expertise in verifiable data, this partnership aims to build a more transparent, scalable, and accessible future for data across industries.

Empowering Decentralised AI with Trusted Data

Data is key to driving AI innovation. However, the vast and fragmented nature of the internet makes it challenging to access and trust the data used in training AI models.

Timpi’s decentralised web index, first of its kind in the world, is changing the way data is collected, processed, and utilised. By decentralising data infrastructure, Timpi ensures data is unbiased, secure, and accessible on a massive scale by everyone.

cheqd, on the other hand, is leading the way in verifiable credentials and decentralised identity (DID) solutions, enabling organisations to establish trust and authenticity in digital data. By working together, Timpi and cheqd aim to provide AI systems with the trusted data needed to fuel their growth and development.

Co-Developing Practical Use Cases for Verifiable Data

One of the key areas of collaboration between Timpi and cheqd will focus on exploring and co-developing practical use cases for trusted data within the decentralised AI space. This includes:

  • Content Credentials: Creating verifiable credentials for data contributions, ensuring that data is authentic and has a proven provenance.
  • Reputation Systems: Implementing reputational systems that track the authorship and quality of data, enabling AI systems to prioritise trustworthy information.
  • Data Attribution & Provenance: Verifying the ownership and origin of data, providing transparency and accountability for all stakeholders.
  • Trusted AI Training: Ensuring that AI models are trained on data that can be trusted, guaranteeing ethical and accurate outcomes.

These use cases will provide a solid foundation for building trusted AI solutions, ensuring that both data and the AI systems themselves can be verified and trusted by users and developers alike.

Exploring Proof of Personhood and Non-Personhood in AI

Another exciting area of focus will be the exploration of Proof of Personhood and Proof of Non-Personhood in AI. As AI agents increasingly interact with other platforms, individuals, and other AI systems, establishing clear boundaries between human and non-human entities becomes crucial. Together, Timpi and cheqd will develop use cases that enable AI agents to:

  • Verify Human Interactions: Ensuring AI systems can distinguish between human users and bots without relying on traditional biometric verification methods.
  • AI Permissions: Allowing users and AI agents to set permissions for interaction, ensuring that AI systems operate in an ethical, accountable, and trusted manner.

A Win-Win for Decentralised AI Adoption

This partnership will not only drive innovation in decentralised AI but also provide a self-sustaining and thriving ecosystem. Through Timpi’s large-scale, unbiased data index combined with cheqd’s trusted data verification, this collaboration will help build an AI landscape rooted in transparency and trust.

Looking Ahead — Grab the Future

While decentralised AI continues to evolve, the Timpi and cheqd partnership is poised to lead the way in creating a trusted and reliable data ecosystem, accelerating the adoption of verifiable AI solutions across industries.

To celebrate this partnership, cheqd is giving away free creds to help you build your reputation while Timpi will be raffling 5 exclusive Presale Whitelist spots for the upcoming Timpi node sale. Timpi has built the world’s first decentralised index and in a few days will be adding AI capabilities via Synaptron nodes.

To win the opportunity to get your hands on a Synaptron with a nice discount you need to: (1) Follow @cheqd_io (2)Follow @Timpi_TheNewWay (3) Share / comment / like the partnership announcement. The Timpi Node Access NFT Presale starts at 23:59 UTC on November 17th, make sure to snag one before they sell out. Winners will be chosen in 24hours.

Claim your Creds to start building your reputation.

Stay tuned as we continue to explore new use cases and develop innovative solutions that will redefine the future of AI and data trust.

About Timpi

Timpi has developed the world’s first decentralised web index and, with over 5 billion web pages indexed, now holds one of the largest databases globally. Through Timpi’s extensive, community-operated DePIN network, the vision of enabling open access to information — free from bias and manipulation — is brought to life.

About cheqd

cheqd is the trust and payment infrastructure to enable the creation of Self-Sovereign identity (SSI), eID, digital credential businesses, and ecosystems. It provides privacy-preserving payments for credentials, bespoke network offerings, and support for multiple credential formats to underpin identity frameworks such as eIDAS 2.0 in Europe, and beyond. cheqd ensures that digital identities and data remain secure, verifiable, and interoperable across platforms.