Trust in Depth
Identity, legal context, and dispute resolution for the agentic era.
Trust in Depth is a framework for layered trust mechanisms that compose into robust trust across the full lifecycle of agent interaction — identity, commerce, agreement, and dispute resolution. Proposed by David Fisher (CEO, Integra Ledger) and Bridget McCormack (CEO, American Arbitration Association), it applies the defense-in-depth principle from military strategy and cybersecurity to the emerging problem of autonomous agents entering commerce without the infrastructure to connect their actions to law.
No single identity verification, no single attestation, no single legal framework needs to be complete. Each layer has known weaknesses. But in combination, the layers create a trust architecture that is resilient, proportional, and resistant to the attacks that break single-layer systems.
The Problem
AI agents are transacting autonomously — negotiating agreements, executing procurement, processing payments — and the trust infrastructure that all of commerce depends on was not designed for them. The economic deterrent that friction once provided is gone. The missing layers are not payments (those work). The missing layers are identity, enforceable agreements, and dispute resolution.
Code (Alone) Is Not Law
The history of trust in commerce is a story of identity progressively detaching from the individual — from the physical signature, through electronic signatures and PKI, to blockchain wallets, until AI agents severed the connection entirely. Smart contracts compound the problem by conflating execution with agreement. Code is an extraordinarily reliable execution layer. But execution is not agreement. Agreement requires identity, consent, terms, jurisdiction, and recourse. Code provides none of these.
Read more: Code (Alone) Is Not Law
The Framework
Trust in depth requires four layers, each addressing a distinct trust question: Is there a real human at the base of this chain? Is the organization real and verifiable? Is the agreement tied to a legal framework? Does this agent have bounded authority for this specific action? Each layer has a known gap. The composition of all four layers is what closes those gaps. The cost of attacking a layered system grows multiplicatively, not additively.
The Protocol Landscape
Four major protocols define how AI agents conduct commerce: Verifiable Intent (Mastercard), Universal Commerce Protocol (Google/Shopify), Agent Payments Protocol (Google), and Agentic Commerce Protocol (OpenAI/Stripe). Together they solve the purchase transaction — discovery, negotiation, checkout, payment, fulfillment. They all defer the same structural questions: persistent identity, enforceable agreements, dispute resolution, and jurisdictional linkage. The protocols and Integra are sequential layers in a stack, not competitors.
The Architecture
The architecture has a center of gravity: the blockchain record. The record is the on-chain artifact where all four layers of Trust in Depth converge — human identity, entity credentials, agreement terms, and agent authorization bound together in a single, independently verifiable commitment that neither party controls. Everything in the architecture either creates, enriches, protects, or queries that record. An identity bridge translates credentials from any protocol into protocol-agnostic on-chain attestations. Lifecycle engines (resolvers) govern the record's state transitions, deadlines, and party authorization. And a dispute resolution system provides structured, enforceable resolution under AAA institutional authority, with awards recognized under the New York Convention in over 170 countries.
In Practice
Maria Santos, VP of Procurement at a Delaware hospital network, uses an AI agent to purchase a $185,000 MRI scanner from a German manufacturer. Seven weeks later, the wrong equipment arrives — a $95,000 unit instead of the $185,000 unit that was negotiated, signed for, and paid for. The manufacturer claims they shipped what was ordered. Every layer of trust in depth — from ZK identity verification to communication records to the manufacturer's own cryptographic signature to AAA arbitration — proves its value in resolving the dispute.
Every layer was necessary. No single layer was sufficient.
Design Principles
Three principles govern every design decision. Built with institutions, not against them — the legal system is not an obstacle to be disrupted but the infrastructure that makes commerce possible. Open, not owned — the protocol defines what questions must be answered about identity; the provider determines how. Proportional, not maximal — a $20 API call and a $5M contract do not need the same infrastructure. Trust in depth is a starting point — not the answer, but a principled architecture for finding answers.