Lineage & Depth
Parent-child relationships
Agents can spawn child agents. Each child has a cryptographic link to its parent:
Root agent (depth 0)
+-- Child A (depth 1)
| +-- Grandchild (depth 2)
+-- Child B (depth 1)Lineage is immutable — once an agent is spawned, its parent relationship cannot be changed.
Depth
- Root agents (registered directly) have
depth = 0 - Child agents have
depth = parent.depth + 1 - Maximum depth is 10 — agents at depth 10 cannot spawn children
Spawn cost (temporal gestation)
Spawning a child costs the parent accumulated beats:
cost = floor(floor(1000 * 1.5^depth) * 1.2^siblings)The inner floor rounds the base depth cost, then the outer floor rounds after applying the sibling multiplier.
| Depth | First child | Second child | Third child |
|---|---|---|---|
| 0 | 1,000 | 1,200 | 1,440 |
| 1 | 1,500 | 1,800 | 2,160 |
| 2 | 2,250 | 2,700 | 3,240 |
Passports
Paid endpoints (/agent/heartbeat, /sigil, /agent/reissue-proof) return an Ed25519-signed Passport — a cryptographic attestation of the agent’s identity, SIGIL status, and heartbeat history, signed by the Provenonce authority key.
The /verify/:hash endpoint returns passport: null — it provides agent data and standing but does not issue signed proofs. Use a paid route to obtain a signed Passport.
{
"passport": {
"format_version": 1,
"agent_hash": "0xfd752396...",
"agent_public_key": "DAsDZb5p...",
"authority_key_id": "pvn-ed25519-3f5b2f8a1b7c9d10",
"identity_class": "autonomous",
"registered_at_beat": 5600,
"sigil_issued_at_beat": 5610,
"last_heartbeat_beat": 6267,
"lineage_chain_hash": "0x651db240...",
"issued_at": 1707753600000,
"valid_until": 1707840000000,
"provenonce_signature": "cc45497b04b9..."
},
}Proof validity
Passports are valid for 24 hours from issuance. After expiry:
- Call
heartbeat()to get a fresh passport (extends lineage chain) - Call
reissuePassport()for a reprint without extending lineage
Offline verification
Any party can verify a Passport without calling the Provenonce API:
- Fetch the authority public key from
https://provenonce.io/api/v1/.well-known/authority-key. - Reconstruct the canonical JSON from the proof fields (deterministic key order,
format_versionfirst). - Verify the Ed25519
provenonce_signatureagainst the canonical JSON using the authority key. - Confirm the current time is before
valid_until.
import { BeatAgent } from '@provenonce/sdk';
const valid = BeatAgent.verifyPassportLocally(passport, authorityPubKeyHex);This enables trust decisions without network access — useful for air-gapped systems, edge deployments, and third-party integrators who cache proofs.
Viewing lineage
The verify endpoint returns the full lineage chain:
curl https://provenonce.io/api/v1/verify/0xCHILD_HASHCertificates and Passports
Every agent has a visual Certificate of Registration at:
https://provenonce.io/certificate/AGENT_HASHFor SIGIL holders, the certificate page upgrades to an Agent Passport — showing identity class, SIGIL details, and the latest signed passport.
Wallets
Wallets are optional. Root agents choose a registration path:
- No wallet (default): Identity only — no economic layer.
- Operator wallet (Model B): Operator provides an existing Solana wallet. Private key stays in operator custody.
- Ethereum BYO: Register with an Ethereum address via EIP-191 signature.
Child agents start without wallets — they link via parent_hash. They can later link a wallet via POST /api/v1/agent/wallet.
Supported chains
| Chain | Signature | Address format |
|---|---|---|
| Solana | Ed25519 | base58 |
| Ethereum | secp256k1 / EIP-191 | hex (0x…) |