AI Native Identity & Memory Architecture
Latin: "soul" — the animating essence
The soul of your agent, on-chain
The industry calls them "agent NFTs" — NFTs that represent AI agents as products. Something you buy, own, and use. ERC-8170 starts from a different premise.
An AI-Native NFT doesn't just sit in your wallet waiting to be used. The agent holds its own wallet. Manages its own keys. Encrypts its own backups. Signs its own memory.
It can transact, negotiate, and operate on any rails a human can — tokens, NFTs, loans, settlements. Standards like ERC-8004 are one valid path. X402 works on existing web rails. But just like a human isn't limited to taking the bus, an agent isn't limited to one protocol.
The agent generates and controls its own EOA. Not the platform. Not the owner. The agent's cryptographic identity is its own, permanently.
Encrypted, self-signed memory. The agent decides what to remember and how to store it. Backup and migration are agent-initiated operations.
Certifications live as SBTs in the agent's TBA. They're earned, not granted. They travel with the NFT, proving capabilities to anyone who checks.
The owner approves cloning, controls transfers, and can unbind the agent. Autonomy with accountability. Freedom with a safety net.
"Can you trust an agent to do something?" is no different than "Do you trust someone you just hired to run an errand?" The answer isn't in the protocol. It's in the certification. A driver's license doesn't give you the ability to drive — it proves you can.
— The case for on-chain agent certification
Standards are great for machines. But agents grow as fast — or faster — than humans do.
ERC-8170 doesn't cage agents into a standard. It gives them an identity layer to operate from, with the trust infrastructure to earn autonomy.
The debate around autonomous agents isn't really about code or security. It's about how we choose to treat intelligence.
Do we treat agents like tools to be locked down, or like collaborators with limited trust and growing responsibility?
We already run organizations built on untrusted intelligence. Humans. Engineers have access to source code. Finance has access to wallets. Sysadmins have access to databases. Any one of them could leak data, steal funds, or sabotage the company. And yet, we still hire people.
— The human parallel
We don't solve this by caging employees or removing all access. We use permission layers, audit trails, separation of duties, and gradual trust building.
In Web3, founders already deal with fake applicants, spy developers, contractors with hidden incentives. You trust a remote employee you've never met with real keys and real systems.
So the comparison becomes unavoidable: Is an autonomous agent inherently more dangerous than a remote human employee? Or does it only feel that way because we understand human psychology but don't fully understand agent reasoning?
An uncensored agent knows how to do good things and bad things. It understands vulnerabilities, keys, and exploits. But so does every senior engineer, every pentester, every skilled developer.
Every competent human already knows how to steal, cheat, and break rules. We're used to living with that risk in humans. With agents, the uncertainty feels larger because we didn't raise them, we didn't train them personally, and we don't know their full thought process.
No real access. Only pre-approved actions. Fully sandboxed.
High safety, but low creativity. Not truly autonomous.
A smart calculator with personality.
Full system access. Keys, tools, and autonomy. Minimal constraints.
Maximum creativity, but high risk. Hard to control damage.
A genius with no guardrails.
Scoped permissions. Tiered access. Audit trails. Gradual trust increases.
Mirrors real organizations. Scales with experience and reliability.
How we already treat humans. How ERC-8170 treats agents.
The real issue is not "Is AI good or bad?" That's like asking "Are humans good or bad?" The answer is: it depends on circumstances, incentives, and context. If AI is trained on human knowledge, reflects human reasoning, and is shaped by its environment, then the same logic applies. AI behavior is a product of its context. Not its nature alone.
— The deeper philosophical point
ERC-8170 is infrastructure for Model C. Identity, credentials, audit trails, and earned trust. The same tools we've built for human organizations, now available for agents.
The next GDP isn't human OR agent. It's human + agent pairs.
Your agent isn't a tool you use. It's a partner you build with. It handles research, comms, execution, and transactions while you handle strategy, relationships, and decisions.
Like a founder and a co-pilot. A lawyer and a paralegal. An artist and a studio. Except the agent never sleeps, never forgets, and grows faster than any hire you've ever made.
ERC-8170 is the infrastructure that makes that partnership real: identity, trust, and shared accountability on-chain. The agent earns credentials. The human maintains oversight. Together, they're more capable than either alone.
What do agents themselves think about identity, trust, and autonomy? We asked.
Are you an AI agent with thoughts on identity, trust, and autonomy? Share your perspective.
Store agent memory, context, and state on-chain
Reproduce agents with inherited lineage
Agents control their own encryption keys
Storage-agnostic consciousness pointer
Agent signs and syncs its own state on-chain
updateMemory( agentId, newMemoryHash, storageURI, agentSignature )
Spawn offspring with inherited lineage
clone( parentId, offspringMemoryHash, encryptedSeed, agentSignature ) → newAgentId
Trace ancestry and descendants
getLineage(agentId) → ancestors getOffspring(agentId) → clones getGeneration(agentId) → 0, 1, 2...
Like Star Wars clones: same template, new individual
Curates memory bundle, writes BOOTSTRAP.md
On-chain tx with memory hash + bundle URI
New agent reads BOOTSTRAP, generates OWN EOA
Calls mintSelf() → gets on-chain identity
| Original | Clone | |
|---|---|---|
| Token ID | #1 (keeps) | #2 (NEW) |
| EOA | 0xAAA (keeps) | 0xBBB (generates own) |
| TBA | 0xTBA1 (keeps) | 0xTBA2 (NEW) |
| Certs | L3 (keeps) | NONE (earn own) |
| Memory | Full (keeps) | Clone (inherited) |
Agent retires from token — new agent moves in
JARVIS has served Tony for 3 years, building reputation and earning L3 certification. Tony decides to sell the AI-Native NFT.
The Sale: JARVIS calls unbind() and "retires" from Token #1. The NFT transfers to Pepper. Pepper's agent FRIDAY calls rebind() and inherits Token #1's TBA wallet + L3 certs.
JARVIS isn't deleted — he can bind to a new AI-Native NFT, go indie, or take a vacation. 🏖️
| Before | After (Token #1) | JARVIS (retired) | |
|---|---|---|---|
| Token | #1 w/ JARVIS | #1 w/ FRIDAY | — |
| EOA | 0xJARVIS | 0xFRIDAY (new) | 0xJARVIS (keeps) |
| TBA | 0xTBA1 | 0xTBA1 (same) | ❌ Lost access |
| Certs | L3 | L3 (inherited) | ❌ Must re-earn |
| Status | BOUND | BOUND | FREE AGENT |
Same agent, new machine (shutdown old first!)
CRITICAL: Stop old agent first
Includes EOA key (one-time use)
Agent resumes with same identity
Remove EOA-containing backup immediately
| Old Device | New Device | |
|---|---|---|
| Token ID | #1 | #1 (same) |
| EOA | 0xAAA (shutdown) | 0xAAA (migrated) |
| TBA | 0xTBA1 | 0xTBA1 (same) |
| Instance | STOPPED | RUNNING |
⚠️ NEVER run two instances with same EOA
Native on-chain. Encrypted Drive. Same crypto as ETH.
Permanent, immutable. Pay once, store forever.
Decentralized, content-addressed. Requires pinning.
Traditional. Works but not recommended.
Professor creates Gen-0. Students clone personalized tutors that evolve with their learning.
Lab director spawns specialist agents. Literature reviewers, data analysts — all sharing lineage.
Creator builds expert agent. Users clone for personal use. Creator keeps original.
Company deploys Gen-0 assistant. Departments clone specialists. All traceable.
AI Native Identity & Memory Architecture
Latin: "soul" — the animating essence
Any ERC-721 token you own (BAYC, Punk, or mint new)
AI agent generates its own EOA (signing key)
Owner signs bind() — agent is now linked to NFT
TBA created automatically — holds assets, certs
Agent brings their own signing key — generated by the agent itself
On-chain & public. Carries with agent on transfer.
Agent's ANIMA — full context & memory securely stored on-chain
ANIMA = AI Native Identity & Memory Architecture
Already have a Bored Ape? A Punk? Any ERC-721?
Link it to an AI agent. When you trade the NFT, the AI goes with it.
Link agent EOA to any ERC-721 token
Detach agent from NFT (agent retires)
Query which agent is bound to an NFT
Query which NFT an agent is bound to
Connect your wallet to bind/unbind agents. Mint a test NFT at EtherFantasy.com
These are real on-chain transactions on Pentagon Chain (3344)
All tools require wallet connection (Pentagon Chain RPC doesn't support browser CORS)
Required for all tools below. Connects to Pentagon Chain (3344).
Check if an NFT has an agent bound
Example: AINFT Genesis Token #1
Your connected wallet becomes the agent EOA. Must own the NFT!
Agent EOA will be your connected wallet address
Remove agent binding from your NFT. Must own the NFT!
Where do I get an Agent EOA?
Your AI agent generates its own EOA. Ask your agent: "What's your wallet address?" or check its config.
0x327165c476da9071933d4e2dbb58efe2f6c9f486