Names,

not connections.

Every principal — human, agent, or service — gets a W3C DID. Not an ACL bolted on. The identity layer is the foundation.

Anatomy of a DID

did:oas:zaps:agent:scout

Delegation lineage

Trust flows down. Scopes only narrow.

Human Roots:hmr:k7x9m2

The root of all trust. Every agent traces back here.

admin:*keyspace:*delegate:*

Agent: Scout:agent:scout

Delegated by human. Can only access agent: keyspace. Cannot escalate.

keyspace:agent:*audit:own

Agent: Plannergent:planner

Separate delegation. Read-only on agent: namespace. Full access to plan:.

keyspace:plan:*keyspace:agent:read

Sub-agent: Scout-Workerent:scout-w1

Delegated by Scout. Scopes can only narrow — never widen. Revoke Scout → this dies.

keyspace:agent:ctx:*

Service: Cache-GCice:cache-gc

System service. Can expire keys in any namespace but cannot read values.

keyspace:*:expiresystem:gc

Isolation in action

Who can access what.

agent:ctx:plan

plan:route:a

session:abc

admin:config

cache:user:42

Human

Scout

Planner

Scout-W1

Cache-GC

Agents cannot read other agents' keys. Services cannot read values. Humans see everything.

Redis ACLs vs. Zaps Identity

Aspect

Redis ACL

Zaps Identity

Identity model

Username + password string

W3C DID with Ed25519 signatures

Granularity

Command categories

Per-key, per-principal, per-operation

Lineage

None

Cryptographic chain to human root

Audit

Slowlog only

Every op, hash-chained, exportable

Delegation

Not supported

Scoped, non-amplifiable, revocable

Rotation

Manual password change

Automatic key rotation + HKDF derivation

You would not give a thousand employees a shared password.

Why give it to a thousand agents?

Next: Engine Swap →Back to Purpose Databases