Ethereum (ETH) introduced that ERC-8004 is transferring to mainnet, positioning the community as a impartial infrastructure for an issue the AI trade has but to resolve: how do brokers show they are often trusted within the absence of a single platform that controls the repute layer?
The timing reveals underlying tensions as AI brokers transfer from demos to manufacturing methods that set off actual transactions.
Mastercard is drafting a commerce customary for agent checkout, UK banks are piloting customer-facing agent trials scheduled for early 2026, and Gartner predicts that 40% of enterprise purposes could have built-in task-specific brokers by the top of the 12 months.
Nonetheless, in line with a report from Camunda, whereas 71% of organizations have now deployed AI brokers, solely 11% of use instances reached manufacturing prior to now 12 months. The obstacles are belief, transparency and regulatory threat.
In keeping with Dynatrace analysis, round half of agent tasks stall within the pilot stage, with 52% citing safety and compliance points and round 70% of AI selections nonetheless requiring human validation.
ERC-8004 makes an attempt to productize that belief hole by defining three light-weight registries: id, repute, and verification. These might be deployed to mainnet or layer 2 blockchains as software layer contracts slightly than protocol forks.
Ethereum’s official account stated the usual allows “discovery and transportable repute” so AI providers can “interoperate with out gatekeepers.” The official specs stay in draft standing. eips.ethereum.org.
3 registries, 3 adjustment points
The id registry transforms every agent into an ERC-721 NFT with a worldwide identifier and a pointer to a structured registration file.
This file lists capabilities, endpoints (MCP, A2A, ENS, DID, Internet URL), and make contact with strategies, and basically acts as a service listing for the machine actor.
Brokers will probably be discoverable and transferable utilizing customary NFT instruments.
The specification consists of non-compulsory endpoint area validation to show area management and reserves an “agentWallet” subject that requires an EIP-712 signature or ERC-1271 validation for adjustments.
This design selection prevents “I’ve repute, so I will pay right here” hijacking, the place an attacker exchanges cost addresses whereas sustaining their repute.
Id solves composability as a result of repute and validation might be listed to steady agent identities slightly than platform accounts. Ethereum seeks to show agent id right into a public utility for machine actors in the identical means that ENS did for names.
Failure modes are in-built and ERC-8004 proves that the metadata belongs to the agent NFT, not that the endpoint is safe or sincere.
The opposite two registries exist as a result of the specification warns that the marketed options “could also be non-functional or malicious.”
Fame registries retailer minimal configurable suggestions knowledge on-chain and push wealthy particulars off-chain by way of URIs and hashes. The suggestions comprises a signed fixed-point worth with a configurable decimal quantity and an non-compulsory tag.
Off-chain JSON can embrace context akin to MCP software references, A2A activity IDs, and even proof of cost references. This specification explicitly names x402-style HTTP cost proofs.
There’s a revokeFeedback path and an appendResponse perform for refunds, spam flags, or rebuttals.
ERC-8004 doesn’t assure on-chain Yelp scores. That is extra like a shared occasion rail the place completely different markets, insurers, and auditors can calculate their very own belief fashions.
The specification explicitly warns that clientAddresses filtering is required for getsummary calls, as summaries that don’t filter reviewers are weak to Sybil assaults and spam.
Aggregation happens each on-chain by way of fundamental configuration capabilities and off-chain by way of superior scoring. This design envisions repute video games akin to buy evaluations, collusion, and suggestions laundering as inevitable slightly than distinctive.
Financial bias creeps in when proof of cost turns into de facto proof of authenticity. It is because individuals who spend some huge cash appear extra reliable. Additionally, the wealthy suggestions is event-based and off-chain, so whoever runs the very best indexers and filters might grow to be the brand new gatekeeper.
Validation Registry implements on-chain request/response logging. On this log, the agent sends a request to the validator contract to validate its work, and the validator posts the outcomes with an non-compulsory proof URI and hash.
The agent proprietor calls validationRequest with the validator deal with, agent ID, request URI, and keccak dedication to the payload. The validator responds with the rating, response URI, hash, and tags by way of validationResponse.
The specification permits for progressive responses, together with delicate and exhausting finality by way of tags, permits for a number of responses, and maintains an deliberately generic design to accommodate crypto-economy reruns, zkML verifiers, TEE oracles, or trusted judges.
Validation is the escalator of belief. Fame works for low-risk duties, however requires validation when cash, compliance, and legal responsibility are at stake.
The EIP describes tiered belief in proportion to the worth of the danger: ordering a pizza versus a medical analysis.
Failure Mode: Who Verifies Validators? ERC-8004 information validator output, however doesn’t resolve validator integrity and creates a metamarket for validator repute, staking, insurance coverage, and audit manufacturers.
| registry | what to do | What’s on-chain and off-chain? | Major mechanism | Main failure mode |
|---|---|---|---|---|
| ID registry | Discovery + Persistent Agent ID (composable deal with that may be referenced by others) | On-chain: ERC-721 Agent ID + pointer/key-value metadata Off-chain: Structured registration file (options, endpoints, contacts) | Elective endpoint Area verification; agentWallet change is required EIP-712 signature or ERC-1271 verification | The metadata is: true however malicious (Possession ≠ Honesty/Security) |
| repute registry | transportable suggestions sign Complete group/market (shared belief occasion) | On-chain: Minimal suggestions primitives. occasion rail Off-chain: Context URI/Hash (activity ID, proof of cost, and so forth.) | Cancel suggestions + extra response (Refund/Rebuttal); getSummary want Reviewer filtering to cut back Sybil | Sybil/Conspiracy + “The very best indexer wins” gatekeeper |
| validation registry | Third celebration verification In case of high-stakes motion (belief escalator) | On-chain: Request/response log + rating/tag Off-chain: Proof URI/Hash | dedication by request hash; gradual response (delicate/exhausting finality tag), a number of responses potential | “Who verifies validators?? ” → Validator corruption/cartelization |
Why Ethereum considers this infrastructure
The brand new agent stack will seem like this: MCP and A2A deal with communication and orchestration, x402 (HTTP 402 and stablecoin funds) handles funds, and ERC-8004 handles belief and discovery.
What is obvious is that ERC-8004 doesn’t compete with MCP, A2A, or x402. As a substitute, it’s configured with them.
The EIP consists of MCP and A2A endpoint fields and a proof of cost reference inside the off-chain suggestions payload.
There’s a broader motion within the trade in direction of impartial and open agent requirements governance, akin to MCP transferring to Linux Basis admin to stay open.
ERC-8004 is Ethereum’s related pitch in cryptocurrencies: utilizing public rails as a substitute of platform belief.
If it really works, the winners won’t simply be “AI cash” however layer-2 blockchains that make high-frequency repute and verification logs economical, id and proof instruments, verification networks, and insurance-like middleware that monetizes belief within the actions of high-stakes brokers.
ERC-8004 turns belief right into a composable commodity, so the market will develop consultants to fabricate it (verifiers) and interpret it (scorers).
The scope of adoption is defensible however unsure.
Gartner predicts that enterprise software integration will attain 40% by the top of the 12 months, additional rising strain on the highest of the funnel.
In bear instances spanning 12-18 months, there are 10,000-100,000 agent IDs registered throughout the chain, reputations are largely sparse, and verifications are uncommon.
Id turns into a curiosity for builders and marketplaces stay platform-gated.
The bottom case sees between 100,000 and 1 million registered brokers, with repute occasions turning into the default receipt for agent providers and validation used for high-value duties and controlled flows.
ERC-8004 serves because the interoperability glue between open agent protocols and machine funds, particularly at layer 2.
In a bull case the place agent commerce takes off and the trade unites round repute sharing to keep away from platform lock-in, 1 million to 10 million agent IDs will probably be generated and validators and insurance coverage corporations will emerge as a brand new middleware class.
Ethereum and Layer 2 blockchain would be the coordination basis for cross-market agent providers.
Threat as a part of design
A conveyable repute turns into a shadow of a cross-platform id.
This could result in conflicts with company governance and regulators, notably the place the agent’s actions contain funds, monetary recommendation, or private knowledge. The UK regulator overseeing banking courts has warned of accountability dangers posed by autonomous methods.
Metadata manipulation stays unresolved. The ID is proof of possession of the registration file and doesn’t show the veracity of the declare. Validator corruption and cartelization will grow to be a brand new moat. Whereas the output of validation is transportable, it’s the integrity of the validator that the market determines the worth.
Latest studies on MCP server vulnerabilities spotlight the vulnerability of the agent ecosystem. Composability can result in elevated exploitation.
Fame and validation rails will not magically resolve it, however they may create a path to cost threat and gate high-stakes interactions behind stronger validation.
ERC-8004 is Ethereum’s try and be a impartial belief and detection layer for commerce between brokers, offering transportable identities, transportable repute indicators, and transportable verification outcomes. This occurs on the actual second the agent strikes from a demo to a system that triggers actual motion.
MCP and A2A attempt to assist the agent discuss, and ERC-8004 tries to assist the agent belief.
The open query is whether or not the market needs a shared infrastructure for belief, or whether or not the platform will keep its moat solely. Ethereum is betting that the bottleneck is so extreme that neutrality will grow to be a commodity.
