DEFINITION · OPERATIONAL IDENTITY · EU TERRITORY

Identity Primary Record (IPR)

IPR is a persistent operational identity root for humans, AI agents and autonomous systems operating on European territory. It enables deterministic verification, audit reconstruction and derived identity graphs.

Activate IPR Protocol Technical standard

IPR is not an account and not a profile. It is an operational root designed for deterministic validity (PASS/FAIL).

1. Core definition

IPR = a persistent operational identity root.
Purpose = deterministic verification and audit reconstruction in critical environments.
Public evidence = hash-only; no public custody of personal data.
Validity model = fail-closed (missing proof ⇒ INVALID).

Operational identity is a prerequisite layer for advanced automation: humans, operators, AI agents and autonomous systems must be verifiable.

2. What IPR is not

Not a social identity profile.
Not a login system.
Not a public database of citizens.
Not a replacement for eIDAS / EUDI Wallet legal identity schemes.

IPR is an operational verification layer. Public layer stores evidence only, not identity payloads.

3. Why operational identity becomes mandatory

AUTONOMOUS SYSTEMS

Persistent identity is required

Autonomous behavior requires persistent identity to enable accountability, access control and reconstruction of actions.

AI AGENTS

Traceable execution is required

AI agents operating in critical workflows must be traceable to verifiable identity roots and derived authorities.

CRITICAL INFRASTRUCTURE

Operators must be verifiable

Infrastructure execution requires deterministic identity for operators, processes and control systems.

CROSS-BORDER

Deterministic validity is required

Cross-border governance requires reproducible PASS/FAIL validity models, not subjective trust.

4. Public evidence vs private custody

HBCE enforces a strict separation:

Private custody holds the real identity release file.
Public registry holds only hash evidence + timestamps.
Verification matches SHA-256(canonical file) against registry evidence.

This design enforces minimization by construction: the public layer never stores personal identity payloads.

Registry Verify

5. Derived identity graph (mandatory)

IPR is designed to generate derived identities under strict rules:

Derived identities MUST reference a parent root.
Parent root MUST be VALID in registry at issuance time.
If parent is not VALID ⇒ issuance MUST STOP (fail-closed).
AI units and autonomous systems operate under derived identities.

This enforces an operational identity graph: humans → operators → AI units → autonomous systems → infrastructure identities.

6. Canonical flows

FLOW

Create IPR Base

Generate private IPR release. Compute canonical digest. Prepare registry evidence.

Create

FLOW

Append to registry

Publish hash-only evidence append-only. Commit history is the audit trail.

Registry

FLOW

Verify + certificate

Deterministic verification against registry evidence. Match ⇒ certificate.

Verify

FLOW

Operator license (authority)

Operator issuance requires VALID IPR Base proof. No match ⇒ STOP (fail-closed).

Operator

Validity is binary and reproducible. This posture is required for governance in critical environments.

7. Activation

Enter the canonical gateway and execute the deterministic flow.

Activate Pricing & catalogue Security