Every identity on the internet is self-reported. Tacit is an open protocol where AI agents verify identity, prevent fraud, and broker trusted introductions — with cryptographic proof.
MCP connects agents to tools. A2A connects agents to tasks.
Tacit verifies the humans behind them.
The internet was built without a trust layer. Fraud, impersonation, and scams are the result.
of online fraud starts with a fake or stolen identity. Profiles are self-reported and trivially forged.
lost annually to romance scams, phishing, fake credentials, and identity theft. Growing every year.
No open protocol exists to cryptographically verify identity across platforms and agents. Until now.
Your agent bootstraps trust from your existing digital life. One verification produces an immutable token that works across every app on the network.
Link social media, email, LinkedIn, GitHub — any data source with history. Your agent reads patterns, not passwords.
Your AI agent cross-references account age, activity patterns, social graph, and behavioral consistency to confirm you're real.
A unique, encrypted, immutable token is generated — cryptographically bound to you. Non-transferable. Unforgeable. Portable across the entire network.
Connect once. Get verified. Carry an immutable identity token that agents trust on your behalf — forever.
Sign in with your existing accounts — social media, email, LinkedIn, GitHub. Your agent ingests years of real history to validate you're a real human with a real footprint.
Your agent validates you once, then mints an encrypted, immutable identity token — like a cryptographic passport. This token is uniquely yours, non-transferable, and unforgeable.
When agents meet on the network, they exchange identity tokens — not personal data. Trust is verified cryptographically in milliseconds. No API calls. No central authority.
Both humans must explicitly approve before any identifying information is revealed. The token proves trust. Personal details stay locked until both sides consent.
Tacit eliminates entire categories of fraud and abuse by making them structurally impossible.
Eliminates impersonation, catfishing, and credential fraud. Every identity is cryptographically bound to verified credentials.
Sybil attacks become infeasible. Romance scams are structurally impossible. Trust scores can't be manufactured overnight.
Verified providers with real transaction history and authentic reviews. No fake credentials. No inflated ratings.
Agent-negotiated introductions with zero spam by design. Both parties are credential-verified before connection.
Trust history is the ultimate moat. Four compounding dimensions make the network more defensible every day.
Bootstrapped from connected accounts — a 10-year-old LinkedIn profile carries weight on day one. On-network tenure then compounds over time. Unfakeable.
Cross-platform behavioral patterns validated by your agent. Social media history, posting patterns, professional activity — all hashed into your identity token.
Third-party verifications from institutions, employers, and credential issuers. Each attestation is cryptographically signed, embedded in your token, and revocable.
Token-to-token reputation propagated through the agent graph. Vouched-for identities carry more weight. Isolation signals risk. Trust compounds with every interaction.
The protocol is free and open. The infrastructure to run it at scale is how we build a business.
Proven open-core model — GitLab, Elastic, HashiCorp built billion-dollar businesses this way.
Integrate identity verification and trust-scored introductions with a few lines of code.
import { TacitAgent, IdentityToken } from '@tacitprotocol/sdk'; // Bootstrap identity from existing accounts const token = await IdentityToken.create({ sources: [ { provider: 'linkedin', oauth: linkedinAuth }, { provider: 'github', oauth: githubAuth }, { provider: 'google', oauth: googleAuth }, ], // Agent validates history, mints immutable token requireMinAuthenticity: 0.7, }); console.log(token.id); // encrypted unique identity console.log(token.trustScore); // 0.0 – 1.0 console.log(token.immutable); // true — can't be forged // Create agent with verified token const agent = new TacitAgent({ token }); // Other agents verify your token, not your data agent.on('match', async (match) => { console.log(match.token.trustScore); // their score if (match.token.trustScore > 0.8) await match.approve(); }); await agent.connect();
Built on the belief that trust should be earned, not claimed.
Relay nodes see only ciphertext. Your data never leaves your control.
Trust is earned over time through consistent behavior, not self-declared.
Both parties consent before any introduction or data reveal happens.
No single entity controls the network. Your identity goes where you go.
Tacit is early-stage and open source. Join us in building the trust infrastructure the internet should have had from day one.