Problems & Solutions
Trust & Identity AI Fakes & Deepfakes Duplicate Accounts & Bots CAPTCHA: Prove You're Human Passwords, Spam & Phishing
Content & Discovery Invisible Content Data You Don't Own Better Apps Don't Win
Control & Freedom Censorship & Manipulation Platform Lock-in Cognitive Decline & Feeds Internet Centralization
Comparisons
IPFS Nostr ActivityPub AT Protocol ToIP Secure Scuttlebutt Qortal HyperMesh BitTorrent
Framework
Economy Trust Security Governance Database Identity Verification Why Nothing Less Works
Docs FAQ Roadmap About
Join us on Discord
Framework

Identity Verification

Atlas doesn't define what identity means, or how to verify it. Instead, it provides a mathematical framework where the network collectively decides who verifies, what proofs are worth, and how the process evolves as the network grows.

The Philosophy

What is identity — and who decides?

Atlas deliberately does not define what identity means or prescribe how to verify it. This is an open question left to the network's participants. Identity in this context means: you are a unique participant, not a duplicate, and you are willing to cooperate within the network's norms. The protocol provides the mechanism — the community decides the policy.

This framing deliberately avoids the human/non-human binary. A cooperative, unique AI agent might qualify. A duplicate account — no matter who runs it — never should. The question is not "are you human?" but "are you a unique, accountable participant?"

This isn't a design flaw. It's the core design choice. Verification is a living social contract that evolves with the network's collective judgement.

AI Agents May qualify if unique and cooperative
?
Duplicate Accounts Never qualify regardless of who runs them
Atlas Leaves the question open
The Necessity

Why verification barriers are unavoidable

The internet is a strange world. For every legitimate, good-faith user, there are potentially thousands — or even millions — of malicious or spammy ones. Distinguishing between them is inherently hard, and only the most competent peers can do it well.

That reality has a cost. Reliable verification requires some centralization of competence into trusted peers, and some data retention to detect duplicates. There is no purely frictionless, purely decentralized, purely private alternative that actually works at scale.

Refusing any common verification barrier does not eliminate the problem — it just shifts the cost:

  • Fully decentralized spam-fighting is itself a centralizing force. Someone still has to coordinate signals, maintain lists, and decide what counts — that coordination layer just re-emerges, usually less accountably.
  • The alternative is strong, incoherent moderation. Opaque rules, inconsistent enforcement, and platform-specific bans that nobody can audit or contest.

Atlas accepts that verification barriers are necessary, and makes the trade-off legible: who verifies, what their proofs are worth, and how much data is retained — all decided by the network, all auditable, all temporary.

The Bootstrap

Every trust chain needs a first link

The network bootstrapper serves as the trust root anchor. They have the power to issue identity proofs — including a self-proof for themselves. This is the initial seed from which all verification authority grows.

Identity proofs are always valid for 1 year. The bootstrapper issues proofs for the first participants, who then receive the right to make competence trust allocations. This is the beginning of the governance cycle that will eventually decentralize verification power entirely.

The bootstrapper is a starting point, not a permanent authority. Once enough participants join and a governance cycle completes, the network takes over. Crucially, the bootstrap phase operates under the same rules as the mature network — equal FairShares income, the same burn rate, identical governance laws. Early participants gain no structural advantage that persists as the network grows.

Bootstrapper self-proofs
Issues proofs to participants
Proofs valid for 1 year
How It Evolves

After bootstrapping, identity verification becomes governed by the network itself. Each governance cycle checks proofs, recalculates trust allocations, and answers three critical questions — all derived mathematically from the previous period's trust allocations.

Three questions the network answers every cycle

Governance Cycle

Participants are split into 3 cohorts that lock their votes at different points throughout the year, creating a staggered 4-month governance cycle (described in more detail on the Governance page). After each cycle completes, identity proofs are checked, trust allocations are calculated, and three questions are resolved:

verificationThreshold How much attestation power one needs to collect to become "verified"
trustedIssuers Who is trusted to issue proofs and what power their proofs carry
minAttestationPower The minimal attestation power of a proof to even be recognized

All three answers are formula-based, derived mathematically from collected trust allocations in the previous governance period. No committee decides — the math does.

Trust allocation with diminishing returns

Formula

Participants allocate votes on identity verification experts from a limited pool of 100 votes which is shared across many topics - therefore scarce. These votes determine who gets to issue proofs and how much power those proofs carry.

But there's a catch: allocating multiple votes to a single person applies a square-root function, reducing the marginal power of concentrated trust. This creates a natural incentive to distribute trust broadly rather than centralizing it.

100 Votes on 1 Person Power = √100 = 10
vs
1 Vote on 100 People Power = 100 × √1 = 100

The square-root mechanism ensures that distributed trust is more powerful than concentrated trust, naturally incentivizing a diverse set of verifiers across the network.

What the network expects from verifiers

Conventions

While Atlas does not enforce verification methods, it establishes conventional expectations for anyone trusted to issue identity proofs:

privacyFirst Verifiers MUST allow anonymity and MUST NOT disclose verification data. Only irreversible hashes may be stored — never raw biometric or personal information.
duplicatePrevention Verifiers MUST persist a duplicate-detection record (hash or proof) for the attestation's full validity period. Same person passing twice yields the same record, blocking multi-accounting. Duplicates are banned for 1 year.
reducedCertainty When uncertain, verifiers SHOULD issue lower-powered proofs with shorter validity periods, prompting earlier re-verification.

Every attestation method described below must implement these conventions. The duplicatePrevention rule is especially critical — it is the primary defense against multi-accounting.

No revocation — proofs expire naturally

Expiration Model

Identity proofs cannot be revoked. Once issued, a proof remains valid until it expires (maximum 1 year). There is no mechanism — and no authority — to forcibly strip someone's verified status mid-cycle.

Instead, the network defends itself through negative trust allocations. If a verified participant turns out to be a bad actor, other participants allocate negative trust, starving them of attestation power and network influence. The bad actor's proof still technically exists, but the community's trust signals neutralize their ability to do damage — long before the proof expires on its own.

Proof Issued Valid for up to 1 year
Bad Actor? Negative trust starves influence
Proof Expires Must re-verify to continue

Attestation methods — from manual to automated

Attestation Methods

Verification naturally scales. In a small network, manual checks suffice. As it grows, verifiers can offer specialized attestation types. Each method MUST persist a duplicate-detection record for its full validity period.

biometricAttestation Derives a deterministic hash from physical features — facial structure, fingerprint ridges, hand-movement patterns. Same person always yields the same hash; a second attempt is rejected. Only the hash is stored, never raw biometric data.
proofOfContribution Verifies useful work performed for the network — provided research, content creation and other valuables. The contribution record is hashed and persisted; the same contribution cannot be claimed by a second identity.
proofOfWork Requires completing a challenge whose solution is deterministically tied to the requester's identity key. Solution hash is stored; re-submitting for a different identity is rejected. Difficulty scales with network size.

The network decides which methods earn trust through governance allocations — verifiers with stronger duplicate prevention naturally attract more attestation power.

The Principles

Five principles of identity verification

1
Open Definition

Atlas does not prescribe what identity means. The network decides, and the answer can evolve.

2
Mathematical Governance

Verification thresholds, trusted issuers, and proof power are all derived from trust allocations, not committees.

3
Privacy First

Verifiers must allow anonymity and store only irreversible hashes. The person behind the proof stays invisible.

4
Diminishing Concentration

Square-root voting ensures distributed trust is more powerful than concentrated trust.

5
Natural Scaling

The same framework supports biometric hashing, proof of contribution, and proof of work — each with built-in duplicate prevention that scales from manual to automated.

Join us. Why Goku?

Protocols belong to everyone

Atlas is open source. Read the docs, run a node, build an app, or just spread the word. The internet deserves better infrastructure.

Star on GitLab Read the Docs