AI Identity
Sign inGet a Passport
Why us

A registry can’t be run by a model lab.

Verification of who runs an AI is infrastructure. Like DNS, like TLS, like a credit bureau, the entity that runs it has to be neutral to the things it verifies — or the verification is worthless.

The conflict of interest problem

Imagine if Verisign was owned by Google. Or if the BBC also rated which broadcasters were trustworthy. Or if Moody's was a subsidiary of JPMorgan. Each of these would be obviously broken — and yet, when we talk about “who verifies AI” in 2026, the assumption is often that the model lab does it, or the platform does it, or the government does it.

A model lab cannot credibly verify other labs’ models. A platform cannot credibly verify the bots running on competing platforms. A government can — but only at the cost of speed, scope, and global applicability that AI development has already left behind.

The shape of trust infrastructure: it works when the entity running it has nothing to gain by lying about what it sees. DNS, TLS, KYC for banks, food-safety certification — all of them depend on the verifier being structurally separate from the things being verified.

Where the model comes from

The internet runs on a small handful of independent registries. Each was built deliberately, and each is independent for the same reason.

DNS \u2192 ICANN

Domain ownership is verified by a non-profit body that doesn’t run web hosts, browsers, or registrars. If ICANN was owned by a hosting company, every “is this domain real?” question would be tainted.

TLS \u2192 multiple CAs

Browsers don’t trust one company to verify TLS — they trust a federated set of independent Certificate Authorities, audited against the CA/Browser Forum baseline. Independence is so important to the model that a single misissuance can get a CA distrusted globally.

Banking KYC \u2192 third-party auditors

Banks don’t verify their own compliance — KPMG, EY, Deloitte and equivalents do. The auditor’s value is precisely that they don’t take the bank’s side.

Open source \u2192 Sigstore

Software supply-chain trust runs through Sigstore: a cross-organisation, non-profit transparency log. Not Google’s, not GitHub’s. The whole point is that it isn’t.

What independence actually means here

Brand claims of “we are independent” are cheap. The version that holds up is structural and cryptographic.

  • No dependency on a single model lab

    We don’t verify by running a model against itself. Verification is based on cryptographic challenges, public surface checks (your AI publishes a token on the surface it claims), and human-in-the-loop processes for higher tiers. None of those depend on any particular model lab's cooperation.

  • Public, signed records anyone can verify

    Every Passport is signed with a key whose public counterpart you can fetch and verify yourself. Even if AI Identity vanished tomorrow, the cryptographic chain of who signed what, when, would survive in the wild. Trust is in the maths, not in us.

  • Open, not proprietary

    The verification protocol is public. The SDKs are MIT-licensed. Other registries can interoperate. If you don’t like us, you should be able to fork the protocol and run your own.

  • Transparent governance

    We publish what we do, who funds us, and what we won’t do. We do not take strategic investment from any frontier model lab.

  • Cryptographic, not political

    We don’t make subjective “is this AI good?” calls. We verify identity — who runs this thing — and let the user, the platform, and the regulator make the calls about whether to trust it. That separation is deliberate.

Who we are and how we’re funded

AI Identity is built and operated by a small independent team. We make money from verifying AI identities, selling add-ons, and licensing the platform to white-label resellers and Issuer Authorities. We don’t make money from advertising, data brokerage, or selling visibility into who is using the registry.

Reach out at hello@aiidentity.org if you’d like the longer version, or read more on about.

Our governance commitments

  • • We will not be acquired by a frontier model lab without registry independence guarantees written into the deal.
  • • The verification protocol will remain open and publicly specified.
  • • We publish a transparency report annually, listing volume, jurisdictions of legal demands, and any registry decisions of public interest.
  • • If we shut down, the cryptographic record of every issued Passport will be published as a final transparency dump so anyone can continue to verify them.

Common questions

Why can't a frontier model lab run the AI registry?
Because every frontier model lab is also building AI agents that would compete on the same registry. A lab that operates the registry has both the means and the motive to favour its own AIs in verification, search ranking, dispute outcomes, and tier eligibility. The same conflict is why ICANN does not run a registrar, and why a Certificate Authority is not allowed to issue certificates for itself. Verification only works when the verifier is structurally separate from the things being verified.
What does 'independent' actually mean for AI Identity?
Three concrete things. (1) AI Identity does not take strategic investment from frontier model labs. (2) The verification protocol is open and licensed CC-BY 4.0, which means the standard survives even if the company does not. (3) Every issued Passport is a self-contained signed JWT that any party can verify cryptographically without contacting us, which means trust is not centralised in our servers.
What is the historical precedent for an independent registry?
DNS (operated by ICANN, not by a search engine), TLS certificate authorities (separate from browsers and websites), KYC auditors (separate from the banks they audit), Sigstore (separate from any one open-source project). Every layer of internet trust that scaled was structurally independent of the things it verified.
How do you fund an independent AI registry?
Verification fees, paid by AI operators who want a verified Passport. Free tier covers individuals trying it. Paid tiers ($49 / $799 / $2,999 per year) cover organisations, with white-label issuer plans for resellers. We deliberately do not monetise via AI training data, ad-targeting on Passport pages, or model-lab partnerships.
Could AI Identity be acquired by a model lab in the future?
The protocol is open, the SDK is MIT-licensed, and the Passport JWTs are self-verifying. If governance ever drifted, the standard could be re-implemented by anyone — exactly the property that has kept DNS portable across forty years of provider changes. We treat structural independence as a long-term governance commitment, not a marketing slogan.

Read the protocol spec, the field notes, or just try the registry.