did:oas method, the entity model, and the verifier contract consumed by the OpenAgent SDK, AEGIS, Arsenal, L1feID, wallets, and OATS reputation flows.
What OAS owns
did:oas:<namespace>:<kind>:<identifier>DID syntax.- Entity kinds for humans, collectives, organizations, agents, agent instances, tools, skills, workflows, models, datasets, and services.
- Ed25519 identity material and local signature verification.
- DID documents, verification methods, service endpoints, and authentication relationships.
- Lineage proofs that bind child identities to parents.
- Privileged authority verification through finalized Sigil GAL lineage state.
Portable vs privileged verification
| Mode | What it verifies | Use it for |
|---|---|---|
| Portable identity | DID syntax, document structure, signatures, local lineage proof shape | Discovery, logs, onboarding, low-trust identity |
| Privileged authority | Portable checks plus finalized Sigil anchors, typed lineage edges, scope, expiry, and revocation | ACTs, credentials, org membership, wallet authority, paid access |
DID shape
| Segment | Meaning |
|---|---|
did | W3C DID prefix |
oas | Open Agent Specification method |
l1fe | Namespace or network |
agent | Entity kind |
weather-bot | Identifier |
Downstream contract
Downstream systems do not define their own lineage semantics. They consume the OAS verifier result and add product-specific policy:- OpenAgent SDK creates sessions and contexts from OAS verification.
- Arsenal issues ACTs only after required authority is valid.
- AEGIS applies policy to the OAS result.
- L1feID maps verified DIDs to stable platform records.
- Registry adapters store service endpoints and resolver metadata for OAS identities.
Read next
AEGIS
Learn how OAS results become trust tiers and policy decisions.
Wallets
Learn how DID keys derive Sigil, Solana, and EVM wallet addresses.