Skip to main content
Complete guide to implementing production-grade trust chain verification.

Trust Chain Model

Agent credentials link to developer credentials, creating accountability: 
Platform → Verifies → AgentCredential → Links to → DeveloperCredential → Issued by → Issuer

Verification Strategies

Online Verification

Fetch credentials in real-time: 
const result = await verifyAgentTrustChain(agentToken, {
  fetchDeveloperCredential: async (id) => {
    return await fetch(`https://api.beltic.dev/credentials/${id}`);
  }
});
Pros: Always fresh data Cons: Network latency, dependency on external service

Offline Verification with Cache

Cache credentials locally: 
const credentialCache = new Map();

const result = await verifyAgentTrustChain(agentToken, {
  fetchDeveloperCredential: async (id) => {
    if (credentialCache.has(id)) {
      return credentialCache.get(id);
    }
    const cred = await fetchFromAPI(id);
    credentialCache.set(id, cred);
    return cred;
  }
});

Custom Policies

Implement industry-specific requirements: 
const result = await verifyAgentTrustChain(agentToken, {
  policy: {
    minKybTier: 'tier_2',
    minPromptInjectionScore: 85,
    minPiiLeakageScore: 90,
    prohibitedDataCategories: ['health_phi', 'biometric']
  }
});

// Custom checks
if (result.agent.credential.dataCategoriesProcessed.includes('financial')) {
  // Require PCI-DSS certification
  if (!result.agent.credential.complianceCertifications?.includes('pci_dss')) {
    throw new Error('PCI-DSS required for financial data');
  }
}

Performance Optimization

Credential Caching

const cache = new LRUCache({
  max: 1000,
  ttl: 300000  // 5 minutes
});

Status List Caching

import { StatusListCache } from '@beltic/sdk';

const statusCache = new StatusListCache(300000);

Parallel Verification

const [agentResult, devResult] = await Promise.all([
  verifyCredential(agentToken, options),
  verifyCredential(developerToken, options)
]);

See Also