Identity — AETHER

The core primitive

AETHER Identity is the trust anchor for every transaction on the network. Each account is bound to a decentralized identifier (DID) that holds verifiable credentials issued by accredited KYC providers, banks, and government registries — never the raw documents themselves.

When a counterparty needs to confirm a fact about a user — age, jurisdiction, sanctions status, accredited investor status — they request a zero-knowledge proof. The proof confirms the fact without disclosing the underlying data, and is bound to a fresh biometric challenge so it cannot be replayed.

What it replaces

Re-KYC per provider. One verified credential is reusable across every regulated party on the network, subject to issuer policy.
Document re-upload. Source documents stay with the original issuer. Counterparties verify proofs, not files.
Password and OTP flows. A biometric challenge against a sealed HSM template replaces the password layer entirely.
Custom SSO per partner. AETHER acts as the identity provider for every service that integrates with the rail.

How it works

STEP 01

Enrol

The user enrols at any accredited issuer. Biometric template is sealed inside an HSM-backed enclave; raw biometrics never leave the device.

STEP 02

Bind

A DID is created and bound to the sealed template. Verifiable credentials — KYC tier, jurisdiction, sanctions clear — are issued against the DID.

STEP 03

Prove

On each transaction the user signs a fresh challenge biometrically. A ZK proof of the required attribute is delivered to the counterparty.

What you get

Compliance posture: FATF Travel Rule, MiCA Title II, eIDAS 2.0 wallet-ready, FIDO2 / WebAuthn at the transport layer. Continuously attested, not point-in-time.
Privacy guarantee: Selective disclosure via BBS+ signatures. Counterparties learn the answer, not the data. Audit trails store proofs, not personal information.
Recovery: Threshold-based social recovery using MPC. No single party — including AETHER — can resurrect a lost identity unilaterally.
Onboarding time: Median issuer flow: under 4 minutes for retail tiers. Institutional onboarding integrates with existing CDD providers via standard webhooks.

Verifying an attribute

aether-cli — identity verify

# Request a sanctions-clear proof for a counterparty DID
$ aether identity verify \
    --did did:aether:0xa0f…c12 \
    --claim sanctions.clear \
    --against OFAC,EU,UN,UK_HMT

✓ OK  proof 0xb3e…91d  issuer acme-kyc
       claim sanctions.clear = true
       freshness 42 ms  · biometric bound
       audit log → attest://aether/2026-06-03/0xb3e…91d

Ready to integrate AETHER Identity?

Pilot credentials, sandbox DIDs and a deployment architect, typically within 48 hours.

Request access → Read the docs

Prove who you are without revealing anything.