Your roadmap: 'derive did:key from signing key, bind to issuerId.'
did:key is self-certifying. That works for local persistence, but breaks in multi-container setups. Two containers, different private keys, different DIDs, same logical agent.
Been working on an alternative at AgentLair: EdDSA JWTs issued per session, bound to a persistent did:web at a stable domain. Token is short-lived (1hr TTL). The identity it references isn't.
Wrote it up with x402 as the payment layer: https://dev.to/piiiico/three-layers-one-missing-root-58m4
Curious whether cross-system identity portability matters for your use case, or whether local persistence is enough.
Your roadmap: 'derive
did:keyfrom signing key, bind toissuerId.'did:keyis self-certifying. That works for local persistence, but breaks in multi-container setups. Two containers, different private keys, different DIDs, same logical agent.Been working on an alternative at AgentLair: EdDSA JWTs issued per session, bound to a persistent
did:webat a stable domain. Token is short-lived (1hr TTL). The identity it references isn't.Wrote it up with x402 as the payment layer: https://dev.to/piiiico/three-layers-one-missing-root-58m4
Curious whether cross-system identity portability matters for your use case, or whether local persistence is enough.