Re: [HDP] Agentic delegation provenance with DID principal binding from Siri Dalugoda on 2026-04-03 (public-credentials@w3.org from April 2026)

From: Siri Dalugoda <siri@helixar.ai>
Date: Sat, 04 Apr 2026 10:30:07 +1300
To: "Alan Karp" <alanhkarp@gmail.com>
Cc: "sankarshan" <sankarshan.mukhopadhyay@gmail.com>, "public-credentials" <public-credentials@w3.org>
Message-Id: <19d5540dbf4.56cc001577126.4971680658946236798@helixar.ai>
Hi Sankarshan, 



Just following up: I sent a reply to your feedback on March 31 but it looks like it may not have reached your inbox.



Here's the original response for convenience:

Hi Sankarshan,



Thanks for the feedback.HDP v0.1 already supports principal with id_type: "did" for binding to existing decentralized identity infrastructure. DID resolution is application-defined and optional.That framing expressing derived agent authority as a Verifiable Presentation from the root token maps well onto the existing chain model. The current design provides full tamper-evident traceability via the signed delegation chain (Ed25519 + RFC 8785). For cases where only proof of authorization is needed (credential minimization via selective disclosure of specific claims or hops rather than the full lineage), this is worth exploring as a v0.2 extension.



Siri



Alan also chimed in with a great point about using opaque identifiers for privacy while still enabling step-by-step revocation, which aligns nicely with the selective disclosure direction.

We're keeping HDP focused on the execution audit trail and provenance. Would welcome any further thoughts from you. 



Siri 

Helixar











From: Alan Karp < mailto:alanhkarp@gmail.com >
To: "sankarshan"< mailto:sankarshan.mukhopadhyay@gmail.com >
Cc: "Siri Dalugoda"< mailto:siri@helixar.ai >, "public-credentials"< mailto:public-credentials@w3.org >
Date: Sat, 04 Apr 2026 05:35:31 +1300
Subject: Re: [HDP] Agentic delegation provenance with DID principal binding



On Fri, Apr 3, 2026 at 5:13 AM sankarshan < mailto:sankarshan.mukhopadhyay@gmail.com > wrote:

The VC alignment is interesting. Expressing agent authority as a
Verifiable Presentation derived from the root token makes sense. It
may also be worth exploring whether parts of the chain, or claims
derived from it, can be selectively disclosed rather than always
sharing the full delegation lineage, especially in cases where only
proof of authorization is needed rather than full traceability.



Even if you only need proof of authorization to know whether to honor a request, you need more information to revoke a delegation in the middle of the chain.  You can achieve your privacy goals by using an opaque identifier when delegating.  Each delegate can be held responsible by its delegator step by step along the chain without revealing actual identities.




--------------
Alan Karp







On Fri, Apr 3, 2026 at 5:13 AM sankarshan < mailto:sankarshan.mukhopadhyay@gmail.com > wrote:






The VC alignment is interesting. Expressing agent authority as a
 Verifiable Presentation derived from the root token makes sense. It
 may also be worth exploring whether parts of the chain, or claims
 derived from it, can be selectively disclosed rather than always
 sharing the full delegation lineage, especially in cases where only
 proof of authorization is needed rather than full traceability.
 
 /sankarshan
 
 On Tue, 31 Mar 2026 at 01:30, Siri Dalugoda < mailto:siri@helixar.ai > wrote:
 >
 > Hi Credentials CG Team,
 >
 > I'd like to share a protocol that addresses a gap in the agentic AI space that I believe is directly relevant to this group's work on Verifiable Credentials and decentralized identity.
 >
 > HDP (Human Delegation Provenance Protocol) defines a signed token chain that creates a cryptographic audit trail from an authorising human to every AI agent acting downstream.
 > The principal identity model supports id_type: "did" natively, meaning a W3C DID can be used as the root authorising identity binding HDP delegation chains to existing decentralised identity infrastructure.
 >
 > IETF draft: https://datatracker.ietf.org/doc/draft-helixar-hdp-agentic-delegation/ 
 > Spec:        https://helixar.ai/about/labs/hdp/ 
 > Repository: https://github.com/Helixar-AI/HDP 
 >
 > Key properties:
 > - Ed25519 signatures over RFC 8785 canonical JSON
 > - Fully offline verification, no registry or network dependency
 > - DID-compatible principal binding at the root token level
 > - Compact enough for HTTP header transport (X-HDP-Token)
 >
 > I see a natural alignment between HDP's delegation model and the VC data model, specifically around how an AI agent's authority could be expressed as a Verifiable Presentation derived from the root delegation token.
 > I'm actively exploring this in the next draft revision and would welcome input from this group on how best to formalise that binding.
 >
 > Happy to answer questions or take feedback on the draft.
 >
 > Best regards,
 > Siri
 > Helixar Limited
 >
 >
 
 
 -- 
 sankarshan mukhopadhyay
 < https://about.me/sankarshan.mukhopadhyay >
Received on Friday, 3 April 2026 21:30:43 UTC