DIDX.io
Passpod protocol · manifesto
DIDX Open demo Get .didx
Passpod Protocol Manifesto

15 laws for portable trust.

A hash-first, consent-first, custody-free trust layer. It turns a .didx handle into a Trust Pod any app can read. No PDFs. No uploads. No “trust me bro.”

✅ Bot-resistant by design ✅ Freshness + revocation are first-class ⚠️ AI fraud is exploding
Remote hiring is the wedge: one manager check → one trust signal. These laws ensure the signal stays portable, consented, and abuse-resistant.
Run the manager check demo Open demo badge

These laws are the contract across DIDX.io, PassPal.app, and any future client: minimal data, maximal trust, portable everywhere.

  1. 1
    One canonical handle per identity.
    Everything attaches to one DIDX handle, not scattered usernames.
    anchor
    Each person or organization has a single canonical DIDX handle (e.g. alice.didx). Proof hashes, references, and score attach to the handle—so trust becomes portable.
    Protocol anchor: profiles.didx_handle is unique and canonical.
  2. 2
    Only hashes, never raw documents.
    The system stores proofs, not PDFs.
    custody-free
    Passpod stores hashes of credentials—not the credentials themselves. KYC docs, contracts, diplomas, medical forms stay with the user or issuer. The pod contains hash + label + context, nothing reconstructable.
    Protocol anchor: proofs.hash_value is irrevocable; documents are off-platform.
  3. 3
    Score is derived, not arbitrarily written.
    Trust is computed from signals + time, not declared.
    score
    The DIDX Score is derived from references and proof events (with freshness/expiry), not hard-coded into credentials.
    Protocol anchor: score derives from references + proofs + timestamps.
  4. 4
    Consent and selective disclosure by default.
    Show only what’s needed, only when allowed.
    consent
    Users decide what to reveal, to whom, and for how long. Verifiers get matches, metadata, and opt-in summaries—never a full dump.
  5. 5
    Revocation and expiry are first-class.
    Old trust decays. Revoked trust stops counting.
    freshness
    Proofs and references can expire or be revoked. Stale signals lose weight. Time is part of truth.
    Protocol anchor: expiry fields + status flags on proofs/references.
  6. 6
    Multi-party attestations, single identity view.
    Many verifiers, one unified trust graph.
    graph
    Managers, clients, HR, platforms, and institutions can attest—yet the handle stays the one truth surface: a single portable view of trust.
  7. 7
    Anti-bot and anti-sybil by design.
    Abuse-resistant signals: one token, one answer, weighted by verifier.
    anti-bot
    Rate limits, uniqueness checks, and verifier weighting are core—not add-ons. Spam references and self-verification patterns should be structurally pointless.
    Protocol anchor: one token = one answer; per-link constraints + channel checks.
  8. 8
    Wallet-agnostic. Channel-agnostic.
    Email, wallets, EUDI, Apple/Google—identity stays portable.
    pluggable
    DIDX works with Web2 and Web3 paths. No single vendor owns your identity. Passpod is the contract; logins are adapters.
  9. 9
    UI is replaceable; protocol is the contract.
    PassPal is one client. Anyone can build on DIDX if they respect the laws.
    open
    Frontends can change. The meaning of the data must not.
    Protocol anchor: stable schema + semantics; clients are interchangeable.
  10. 10
    Interoperable with open standards.
    DID/VC/OIDC/EUDI compatibility without turning into a data vault.
    standards
    Hashes can represent VCs, OIDC tokens, and wallet claims. DIDX handles can point to richer docs when needed—without breaking custody-free principles.
  11. 11
    Low-friction onboarding is mandatory.
    No Web3 PhD required. Start simple, upgrade later.
    UX
    You should be able to create a handle and gain trust signals through email + simple flows, while advanced wallets/VCs remain optional add-ons.
  12. 12
    Issuer and verifier accountability.
    A verified hospital is not equal to a random Gmail.
    weighting
    Issuers/verifiers accumulate their own reputation. Every attestation is tied to a traceable verifier identity.
    Protocol anchor: issuer/verifier identity recorded alongside each proof/reference.
  13. 13
    Recovery and rotation are built in.
    Lost devices and compromised keys must be survivable.
    recovery
    Handles and keys can be rotated or recovered with multi-channel and guardian-style flows, without giving anyone unilateral takeover power.
  14. 14
    Minimal logs, maximum auditability.
    Log events, not content. Audit fraud without recreating documents.
    audit
    Logs should capture who verified whom, which hash was checked, and when—enough to catch abuse, never enough to reconstruct sensitive documents.
  15. 15
    Future-compatible with regulation and AI.
    DIDX is a trust dial, not a vault.
    future
    Staying hash-first, consent-first, and custody-free keeps Passpod compatible with emerging wallets, AI agents, and frameworks—without becoming a liability sink.
Copied