Introducing Vouchsafe

By Jay Kuri
2025-08-28

The idea that identity and trust is hard is a lie.

We’ve known almost since birth how it works. I recognize someone in person… I know who they are because it’s impossible to completely impersonate someone, especially to those who know them. I trust them because of past experiences… or maybe I trust them somewhat (at first) because someone I trust vouches for them.

That’s all there is to it. Trust in software isn’t any different. In spite of the fact that there are a lot of big companies telling you differently and that their very complicated solution is the answer because you can trust them. (nevermind the growing evidence clearly showing that you can’t.)

So… What is Vouchsafe. Vouchsafe is a tool designed to strip away all the BS we’re told is required… and get back to the thing you really need. A way to reliably recognize who someone (or something) is… and whether you can trust them… and who vouches for them.

Because that’s all we really need. And we’ve had the tools for 3+ decades, we just haven’t been using them well. Public-key cryptography, content hashes… those have been around forever.

The hard part has always been the link between identity and the key… and then the key distribution. You trust that a certain key belongs to bob@email.com because a keyserver told you so when you asked. But that means your entire ability to trust rests on the keyserver: that it wasn’t compromised, that the real Bob registered first, that it’s up to date… and that the server is even online when you need it.

Vouchsafe changes that. It ties your identity string directly to the key, cryptographically. It can’t be faked, it can’t be spoofed, and it eliminates the need for key pre-distribution entirely.

And once you do that, something surprising happens: the messy, brittle parts of identity and trust we’ve been dealing with just fall away - leaving us with a way to communicate identity and trust that is easier, stronger, and ready to carry real trust.

Vouchsafe gives us the missing primitives of computing: identity and trust you can prove, carry, and reason about. It looks like JWTs, because it is, but with the nonsense stripped away and the power turned up. At its simplest, it’s just easier JWTs with superpowers: no key distribution headaches, no hidden infrastructure.

At its most powerful, Vouchsafe changes how we can build systems altogether and it enables types of applications that were difficult or impossible before, simply because all the parties couldn’t easily agree and verify who someone was.

Vouchsafe tokens let us represent trust, delegation, and revocation directly - the same way we already understand trust in real life - but now in code, portable, self-verifying and without the need for complex infrastructure or even central servers.

That’s the shift: identity and trust become first-class, universally understood primitives, not vendor products. And once you see it that way, you can’t unsee it.