Re: LLMs and Agents usage in the CCG from Christian Hommrich on 2026-04-13 (public-credentials@w3.org from April 2026)

From: Christian Hommrich <christian.hommrich@trailprotocol.org>
Date: Mon, 13 Apr 2026 20:33:35 +0200
To: public-credentials@w3.org
Message-ID: <CANVCHRUt98owv8LSTKiKTMx7CUr0VgRC1dnS60pTw7m9c0C7fw@mail.gmail.com>

Michael,

Great question - artifact traceability is one of the most critical
unsolved problems in the AI agent space.

In our work on did:trail (the DID method we proposed for AI agent
identity), we've deliberately separated two layers:

Layer 1 - Agent Identity & Trust (did:trail scope):
Who IS this agent? Who deployed it? What credentials does it hold?
What's its trust score? This is what did:trail solves - verifiable,
cross-platform identity for AI agents with deployer accountability and
EU AI Act compliance built in.

Layer 2 - Artifact Provenance (built on top):
Which agent produced which output? That's a provenance layer that can
be constructed using the identity foundation from Layer 1. We've
formalized this as OutputAttestationVC in our spec (Appendix D [2]) -
a cryptographically signed credential binding an agent's DID to a
specific artifact with hash, timestamp, and session context.

We chose this separation deliberately - not every use case needs full
artifact traceability, but EVERY use case needs verifiable agent
identity. The identity layer must exist before provenance makes sense.
You can't trace artifacts back to an unverified agent.

Your DIDComm approach in Web 7.0 is interesting because it solves both
layers simultaneously (every communication IS a traceable message).
The tradeoff is that it requires all communication to flow through
DIDComm. did:trail is protocol-agnostic - it works with MCP, A2A,
DIDComm, or any custom protocol. The identity travels with the agent,
not with the communication channel.

Melvin raises an important related point - proving ownership/control
of AI-generated artifacts. An OutputAttestationVC could serve exactly
this purpose: cryptographic proof that a specific agent (controlled by
a specific organization) produced a specific output. That's a building
block for the copyright attribution problem he describes.

We're actively discussing this in our GitHub Discussion #10 [1] and
would welcome your perspective on how identity-first vs.
communication-first approaches compare for regulated industries (EU AI
Act enforcement starts August 2026).

[1] https://github.com/trailprotocol/trail-did-method/discussions/10
[2] https://github.com/trailprotocol/trail-did-method/blob/main/spec/did-method-trail-v1.md#appendix-d-artifact-provenance

Best,
Christian Hommrich
TrailSign AI | trailprotocol.org

Received on Monday, 13 April 2026 18:33:53 UTC