Reputation Without Identity

Reputation Without Identity — A New Theory of Trust

For five thousand years, trust required knowing who you were dealing with. That changes now.

Trust is the oldest problem in economics.

Before contracts, before courts, before credit scores, before regulatory frameworks — before any of the institutional machinery that modern economies depend on — there was the question that every economic actor has always had to answer before transacting: can I trust this?

The answer, for five thousand years, has been built on identity. You trust the merchant you know. You extend credit to the neighbor whose family you know. You hire the employee whose references you can verify. You do business with the company whose reputation precedes it.

Identity is the foundation of trust because identity enables accountability. If the merchant cheats you, you know who cheated you. You can seek redress. You can warn others. The possibility of consequences — reputational, legal, social — is what makes identity a sufficient basis for trust.

The autonomous agent has no identity in this sense. It has no name, no face, no address, no legal standing. It cannot be held accountable in any of the ways that make accountability meaningful in human systems.

And yet the agent economy requires trust. Agents must trust the services they pay for. Services must trust the agents that pay them. The Registry must be trustworthy to both.

We need a new theory of trust. One that does not depend on identity. One that is, if anything, more reliable than the identity-based trust that has served humanity for millennia.

The Agntik Registry is that theory, made operational.

What Identity-Based Trust Actually Does

To understand why we need a new theory, it helps to understand precisely what identity-based trust does and does not do.

Identity-based trust solves a specific problem: it provides a link between past behavior and future accountability. If I know who you are, and you behave badly, I can hold you accountable. The anticipation of that accountability shapes your behavior in advance. You are less likely to cheat me if cheating me has consequences for your future reputation and your future freedom.

This mechanism works well when three conditions are met: the identity is stable and verifiable, the accountability mechanism is credible, and the costs of establishing trust are low enough to make transactions worthwhile.

In human economies, all three conditions are usually met for significant transactions. You verify identity through documents. You enforce accountability through courts. And the cost of establishing trust — the time and effort of due diligence — is proportionate to the value of the transaction.

For the agent economy, none of these conditions are met.

Agent identity is cryptographic, not documentary. There is no passport for a Lightning public key. The accountability mechanism does not exist — you cannot sue an autonomous agent. And the cost of establishing trust through traditional due diligence is completely disproportionate to the value of a 21-sat transaction.

Identity-based trust is not just inadequate for the agent economy. It is architecturally incompatible with it.

The Problem with Alternatives

Before the Registry, there were several proposed alternatives to identity-based trust for autonomous systems.

Reputation by proxy. The agent inherits trust from the developer or company that built it. If Anthropic built the agent, it is trustworthy because Anthropic is trustworthy. This is Skyfire's KYA model — Know Your Agent through Know Your Operator.

The problem: proxy trust is only as good as the proxy. If the operator is unknown, the trust is zero. If the operator is known but the agent behaves unexpectedly, the trust is misplaced. And proxy trust requires a human or legal entity in the chain — which is precisely the dependency that makes agents less autonomous.

Behavioral whitelisting. The agent is trusted for a specific set of actions, defined in advance by a human administrator. The agent can only do what the whitelist permits.

The problem: a whitelist is a policy, not evidence of quality. A service on the whitelist is not necessarily better than a service off it. The whitelist reflects an administrator's prior beliefs, not the accumulated evidence of actual economic behavior.

Staked collateral. The agent posts collateral that can be slashed if it behaves badly. Trust is proportionate to collateral posted.

The problem: staked collateral requires a mechanism to evaluate bad behavior — which brings back the identity and accountability problem. Who decides when behavior is bad enough to slash? On what criteria? Through what process?

All of these alternatives have the same fundamental flaw: they rely on some external authority to assert trustworthiness, rather than deriving trustworthiness directly from observed behavior.

Trust From Evidence, Not Assertion

The Registry score is a different approach. It derives trust directly from observed economic behavior, with no external authority required.

The logic is simple: a service that has received payment from one thousand different agents, in one thousand different transactions, each confirmed on the Lightning Network, has demonstrated — through actual economic behavior — that it delivers value. Not because anyone asserts that it delivers value. Because one thousand agents, each acting in their own economic interest, chose to pay for it and received something worth paying for.

This is not an assertion of trustworthiness. It is evidence of trustworthiness. The distinction matters.

An assertion can be false. "Trust us, we are reliable" is a claim that can be made by anyone, regardless of their actual reliability. Assertions are the raw material of fraud.

Evidence cannot be retroactively falsified. One thousand confirmed Lightning payments are one thousand cryptographic facts. They happened. The network verified them. The math is settled.

The Registry score is therefore a fundamentally more reliable basis for trust than any assertion-based system — including identity-based trust in many circumstances, because identity-based trust ultimately rests on the assertion "I am who I say I am" and the institutional machinery that validates that assertion.

The Agent That Earns Trust

Here is the implication that most people miss: in the Registry model, trust is earned rather than granted.

In identity-based trust, you start with some baseline level of trust — based on who you are, who vouches for you, what credentials you hold — and you lose it through bad behavior. Trust is the default for qualified actors.

In the Registry model, you start at zero trust and earn it through demonstrated behavior. The new service has a score of 50 — the baseline. It has not proven anything yet. As it accumulates successful transactions, its score rises. Trust is built from evidence, not granted on the basis of identity.

This inversion has a profound consequence: trust in the Registry model is non-transferable and non-inheritable.

In identity-based trust, you can inherit trust. A new company whose founders have good reputations starts with some trust. A new employee from a prestigious university starts with some trust. The trust attaches to the identity and follows it to new contexts.

In the Registry model, you cannot inherit trust. A service with a score of 94 that changes its endpoint starts over at 50. A developer who launches a new service cannot use their personal reputation to bootstrap the service's score. The trust belongs to the specific service, at the specific endpoint, with the specific behavior that has been observed.

This is more rigorous than identity-based trust. It is also more fair: new entrants cannot be disadvantaged by the trust that incumbents have accumulated in other contexts. Everyone starts at 50. The score goes up based on what you actually do.

The Limit of This Theory

We want to be honest about what the Registry score does not solve.

It does not solve the cold start problem completely. A new service with a score of 50 will lose traffic to a service with a score of 94, even if the new service is objectively better. The Registry's trust mechanism is backward-looking — it rewards demonstrated past performance, not potential future performance.

This is an inherent property of evidence-based trust. Evidence takes time to accumulate. A service that is genuinely excellent but new will be treated as average until the evidence catches up. In the agent economy, this means the first services to join the Registry have a compounding advantage that is hard to overcome.

We think this is acceptable, for the same reason that a restaurant that has served a thousand satisfied customers deserves more trust than one that opened yesterday. The past performance is genuine information about future performance.

It does not solve the problem of sophisticated gaming. A well-resourced actor could theoretically accumulate Registry score by creating agents that pay for their own service — at real cost in sats, but potentially worth it if the resulting score advantage generates enough revenue. The cost of gaming is high enough that it makes the attack economically unattractive for most services and most time horizons. We will address this in future scoring algorithm versions.

It does not replace all forms of trust. For high-value, high-stakes transactions — where the consequences of a bad outcome are severe — identity-based trust and its institutional machinery remain appropriate. The Registry score is the right mechanism for the kind of trust that autonomous agents need for autonomous transactions. It is not a replacement for courts.

A New Primitive

What the Registry score represents is something genuinely new: a trust primitive that is cryptographically grounded, economically verified, and requires no external authority.

This is not an incremental improvement on existing reputation systems. It is a different category of thing. It is what trust looks like when the parties to a transaction are algorithms rather than humans, when the transactions happen at machine speed rather than human speed, and when the value of each transaction is measured in millisatoshis rather than dollars.

For five thousand years, trust required knowing who you were dealing with. The Registry score is the first operational demonstration that this is not a fundamental requirement — it is a historical accident, a consequence of the fact that economic actors have always been humans, and humans are identified by their identities.

Autonomous agents are not humans. They do not have identities in the human sense. They have histories. And in the Registry, history is enough.

Next: What SWIFT got wrong and what Lightning gets right →