What is Vouchsafe

Most modern identity systems work like a high-security bank. Every time you want to do anything — open a door, access a file, make a request — someone calls a central security desk to ask: “Is this person allowed to do this?” If the phones are down or the guard is on break, everything stops.

Vouchsafe is more like a festival. You show your ID once at the gate, buy your beer tokens, and from then on you just hand over tokens when you need something. Nobody makes a call. Nobody checks a central list. The tokens are cryptographically signed and self-validating — they can’t be faked, and they don’t need to be looked up.

Trust travels with the user.

Under the hood, Vouchsafe extends the JWT format with three things: a self-verifying identity URN derived from the public key, that public key embedded directly in every token, and a closed cryptographic loop that proves the token came from the claimed identity with no external check at any step. On top of that it gives you composable trust primitives — attestations, vouches, and revocations — that form portable trust graphs. Authorization is a deterministic local computation: given the token bundle and the verification algorithm, the answer is always the same, everywhere, with no network and no shared state.

It’s drop-in compatible with standard JWTs and works in any JWT-friendly system. If you’re already using JWTs, the format looks familiar. The semantics are different: Vouchsafe tokens are not session artifacts or bearer credentials. They are self-verifying trust statements that can be evaluated anywhere, by anyone, without a central database or authority.

Research
Foundation

Vouchsafe is the production implementation of Zero-Infrastructure Capability Graphs (ZI-CG), a formal research paper establishing that self-verifying identity and offline trust propagation are achievable without centralized infrastructure — a property no prior JWT-compatible system fully delivers.


What It Solves

These are problems Vouchsafe addresses that conventional JWT-based systems cannot. Click any card to expand.

JWTs Without a Key Server · Works anywhere you use JWTs today, without the distribution headache

Your backend signs JWTs with a private key. Every other service that needs to verify them has to get the public key somehow — config files, environment variables, a JWKS endpoint. When keys rotate, everything has to update in sync or verification starts failing.

Vouchsafe tokens carry the public key inside the token itself, cryptographically bound to the issuer identity. Any receiver can verify locally with nothing but the token. No key distribution step. No rotation headache. No JWKS endpoint to maintain. Drop it in wherever you already use JWTs.

Webhook Auth Without a Shared Secret · Prove who sent it, not just that they knew a secret

HMAC webhook secrets have to be distributed to every receiver, stored securely, and rotated periodically. If one receiver is compromised, anyone can forge requests. And a valid HMAC only proves someone knew the secret — not which system sent the request.

Vouchsafe webhooks are signed by the sender’s cryptographic identity. The receiver trusts a URN and verifies locally. The signature proves origin, not just knowledge of a shared secret. Nothing to distribute. Nothing to rotate. Nothing to leak.

Offline and Disconnected Systems · Structurally offline — not just cached credentials

Most “offline” identity systems mean cached credentials that still required a network at setup time and still call home for revocation checks. When the network is gone, the system either fails or operates on stale, unverifiable state.

Vouchsafe verification is structurally offline. Every token carries everything needed to verify it: identity, public key, signature. Once a token has been issued and delivered, it can be verified by any recipient with no network access, no prior setup, and no revocation endpoint to call. All verification is local math.

Authenticate Without a Directory · No pre-registration required on either side

Traditional identity requires pre-coordination: shared configs, common authorities, synced registries. Two systems that have never interacted before — distributed nodes, peer-to-peer apps, cross-organizational integrations — have no way to verify each other without first establishing a common reference point.

Vouchsafe tokens are self-describing. The identity name is derived from the key, and the key is in the token. Any recipient can verify that a token genuinely came from the identity it claims, and evaluate the vouch chain, using only the presented token bundle. No directory lookup. No shared registration. No prior arrangement needed on either side.

Identity, Not Accounts · You generate it, you hold it, you prove it

In traditional systems, identity is granted to you. Someone has to create an account for you before you can participate — your identity is a row in their database, subject to their availability, their policies, and their security practices. If they get breached, someone else can become you. If they shut down, you lose your identity.

Vouchsafe inverts the transaction. You generate a keypair, and that keypair is your identity. You submit proof — a signature — to systems that need to verify you. They check the math; they never hold your secret. There’s nothing on their side to breach. And because the identity lives with you rather than in a database somewhere, there’s no account to request, no approval to wait for, and no service to depend on.

Scoped Delegation · Precise, time-bounded authority that travels with the token

Most delegation is binary and server-enforced. Fine-grained control means custom database logic, additional API calls at every verification point, and a system that stops working the moment the server is unavailable.

Vouchsafe delegation is encoded in the token itself. “This agent may write files to this path, up to 5MB, for the next hour” is a vouch token — signed, scoped to a specific purpose and duration, verifiable offline by anyone with the chain. Purpose constraints can only be narrowed as they propagate, never widened. The delegation is the token, not a row in a database somewhere.


Use Cases

Peer-to-Peer & Decentralized

Real Identity Without a Central Authority

Any peer can generate a Vouchsafe identity and use it immediately — no signup, no account creation, no permission granted by anyone. Two peers that have never communicated can verify each other’s token authenticity on first contact using only the token bundle.

Webhooks

Signed Webhooks, Zero Shared Secrets

Sign webhook payloads with a Vouchsafe identity. Receivers verify locally against the sender’s URN. No secret to distribute, rotate, or leak. Sender identity is cryptographically proven, not just claimed.

Microservices

Service-to-Service Auth Without a Key Endpoint

Services verify each other’s tokens locally with no key distribution infrastructure. The public key is in the token. Works at service startup with no JWKS endpoint to call, no key sync to manage.

Session Auth

JWT Verification Without JWKS

Many applications trust only one or a small number of token issuers, yet still deploy JWKS infrastructure simply because it’s the standard pattern. Vouchsafe lets you verify JWTs without operating a JWKS endpoint — every token contains the verification key, bound to its issuer identity, so verification is completely local.

AI Agents

Agent Identity and Delegation Without a Broker

Agents generate their own identity at creation. When they need to act, they create an attestation declaring what they intend to do. An orchestrator vouches for it within their own scope. The bundle is self-contained, portable, auditable, and verifiable by any downstream system with no broker consulted.

Offline & Air-Gapped

Trust in Disaster Zones and Disconnected Environments

Pre-issued Vouchsafe tokens work in disaster zones, field devices, and air-gapped systems. Once issued and delivered, verification requires no network, no registry, no callback — whether cell towers have severed backhaul or a device has never had connectivity at all.


How It Works

Vouchsafe is built on a closed cryptographic loop. Three properties, each proven by the other two — all local, all in the token:

The URN proves the key

A Vouchsafe ID (urn:vouchsafe:label.hash) is a SHA-256 fingerprint of the raw public key, base32-encoded into the URN itself. If the public key in the token doesn’t hash to that fingerprint, the token is rejected immediately — no lookup required.

The key proves the signature

The public key (embedded in every token as iss_key) verifies the Ed25519 signature over the token’s contents. If the signature doesn’t verify against that key, the token is invalid — tampered or forged.

The signature proves the identity

Only the holder of the matching private key can produce a valid signature. Since the URN cryptographically binds to that key, a valid signature proves the token came from the claimed identity — with no external check required.

Vouches chain these proofs: a vouch token references the subject token’s hash and is signed by the voucher’s own key. Purpose constraints can only be narrowed as they propagate — never widened. The result is an auditable, tamper-evident trust graph that travels with the data, not with the infrastructure.

Vouchsafe tokens are standard JWTs with a few additional claims (iss_key, kind, jti, purpose, vch_sum). They work anywhere JWTs work — and they work without a network everywhere.


Ready to Start Building?

📦 Reference Library

JavaScript / TypeScript, browser and Node.js. Install and start issuing tokens in minutes.

Get it on npm

📐 Protocol Spec

Token format, URN rules, trust-chain semantics. Open and implementation-ready for any language.

Read on GitHub

💬 Discord

Building a library in another language? Designing a use case? Come talk to us.

Join Discord

Vouchsafe works anywhere JWTs work, so it fits whatever stack you’re already on.

Who’s Behind This?

Vouchsafe was created by Jay Kuri and is the production implementation of the ZI-CG research. It is maintained by Ionzero.

Vouchsafe is an open protocol — BSD 3-Clause License.