The Trust over IP (ToIP) Foundation is a non-profit consortium hosted by the Linux Foundation that defines a comprehensive, dual-layer architecture for establishing decentralized digital trust. Its core innovation is the strict separation of a Governance Stack (human trust, legal frameworks, and business rules) from a Technology Stack (cryptographic protocols, Decentralized Identifiers (DIDs), and Verifiable Credentials (VCs)). This model enables interoperable trust ecosystems where parties can rely on verifiable governance authorities without being locked into a single technical implementation or centralized platform.
Glossary
Trust over IP (ToIP) Foundation

What is Trust over IP (ToIP) Foundation?
The Trust over IP (ToIP) Foundation is a global consortium defining a complete, dual-layer architecture for decentralized digital trust, separating governance frameworks from the underlying technology stack.
The ToIP stack spans four distinct layers: Layer 1 establishes public utilities like decentralized ledgers; Layer 2 enables peer-to-peer DIDComm messaging; Layer 3 handles credential exchange; and Layer 4 governs the application ecosystems. By standardizing the interfaces between these layers, the Foundation enables Self-Sovereign Identity (SSI) at scale, ensuring that digital trust is cryptographically verifiable, jurisdictionally aware, and interoperable across industries such as finance, healthcare, and supply chain.
Core Design Principles
The Trust over IP Foundation defines a complete, dual-stack architecture separating governance frameworks from the technical protocols required for decentralized digital trust. These core principles ensure interoperability, security, and human-centric control across any identity ecosystem.
Dual-Stack Architecture
ToIP separates digital trust into two distinct, parallel layers: a Governance Stack and a Technology Stack. The Governance Stack defines the human rules, business policies, and legal frameworks that govern a trust ecosystem. The Technology Stack defines the cryptographic protocols, data models, and communication mechanisms that enforce those rules technically. This separation allows a single governance framework to be implemented across multiple underlying technologies, and conversely, a single technology platform to support multiple governance regimes. The two stacks are bound together at the Trust Spanning Protocol layer, which acts as the interface contract between human intent and machine execution.
Technology Stack Levels
Mirroring the governance hierarchy, the Technology Stack provides the concrete technical specifications at each corresponding level:
- Level 1: Utility Layer — The decentralized public key infrastructure (DPKI) and verifiable data registries, such as distributed ledgers or the KERI protocol, that anchor cryptographic trust without a central authority.
- Level 2: Credential Layer — The W3C Verifiable Credential data model and specific signature schemes like BBS+ or AnonCreds that enable tamper-proof, privacy-respecting digital credentials.
- Level 3: Agent Layer — The software components, such as Digital Identity Wallets and enterprise agents, that manage keys and credentials on behalf of a DID subject, communicating via the DIDComm v2 protocol.
- Level 4: Application Layer — The user-facing applications and services that consume verifiable credentials to make trust decisions, such as a border control kiosk or a bank's loan origination system.
Decentralization by Design
ToIP mandates a shift from centralized, federated identity models to a decentralized by default architecture. This principle is embodied in the use of Decentralized Identifiers (DIDs) which have no dependency on a central registration authority. The architecture supports multiple DID methods, allowing an ecosystem to choose the underlying verifiable data registry that fits its governance model—whether a public blockchain, a permissioned ledger, or a ledger-independent system like KERI. This design eliminates single points of failure, prevents vendor lock-in, and ensures that the identity owner remains at the center of control, aligning directly with the principles of Self-Sovereign Identity (SSI).
Privacy and Minimal Disclosure
A core design goal of the ToIP stack is to mathematically enforce data minimization. The architecture natively supports advanced cryptographic techniques that allow a holder to prove a claim without revealing the underlying raw data:
- Selective Disclosure: A holder can share only the specific attributes required for a transaction, such as proving they are over 18 without revealing their exact birthdate.
- Zero-Knowledge Proofs (ZKPs): Using signature schemes like BBS+, a holder can derive a proof that a verifier can cryptographically validate without the holder ever revealing the original signed data or a correlatable identifier.
- Peer-to-Peer Communication: The DIDComm protocol ensures that credential exchanges happen over encrypted, off-ledger channels directly between parties, preventing data brokers or intermediaries from observing the transaction.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Frequently Asked Questions
Clear answers to the most common questions about the Trust over IP Foundation's architecture, governance model, and role in decentralized digital trust infrastructure.
The Trust over IP (ToIP) Foundation is a global consortium hosted by the Linux Foundation that defines a complete governance and technical architecture stack for decentralized digital trust. It solves the fundamental problem of establishing interoperable trust between parties who may have no direct relationship, moving beyond siloed identity systems to a universal framework where credentials issued by any trusted authority can be verified anywhere. The Foundation addresses the gap between cryptographic trust (proving you control a key) and human trust (proving the key holder is authorized to act in a specific role) by layering governance frameworks on top of technical protocols. Its membership spans governments, enterprises, and non-profits working to ensure that digital trust infrastructure is open, standards-based, and globally interoperable rather than controlled by any single platform or jurisdiction.
Related Terms
The Trust over IP Foundation defines a full-stack architecture. These related concepts form the technical and governance layers that enable machine-verifiable trust in decentralized systems.
ToIP Technology Stack
The dual-layer architecture separating governance from technology across four levels:
- Layer 1: Public Utilities — Ledgers like Hyperledger Indy for DID anchoring
- Layer 2: Peer-to-Peer Protocols — DIDComm for secure agent communication
- Layer 3: Credential Exchange — W3C Verifiable Credential issuance and verification
- Layer 4: Application Ecosystems — Digital trust ecosystems like the Good Health Pass
Governance Stack
The non-technical half of ToIP that defines rules, policies, and accountability:
- Governance Frameworks — Legal agreements governing a trust ecosystem
- Trust Assurance Frameworks — Criteria for assessing conformance
- Credential Schemas — Canonical data structures for specific credential types
- Trust Registries — Authoritative lists of accredited issuers and verifiers This layer answers: Who sets the rules, and how is compliance enforced?
DIDComm Messaging
The secure, asynchronous messaging protocol native to the ToIP stack. DIDComm enables:
- Encrypted peer-to-peer communication between DID controllers
- Authentication via decentralized keys, not centralized servers
- Routing through mediators for offline or mobile agents
- Protocol extensibility for issuing credentials, requesting proofs, and negotiating trust DIDComm is the transport layer that makes decentralized trust actionable.
Trust Over IP Foundation Members
A global consortium of over 400 organizations driving the specification work:
- Contributor Members: Accenture, IBM, Mastercard, esatus
- Government Adopters: British Columbia's OrgBook BC, Ontario's Digital Identity
- Technology Implementers: Evernym (acquired by Avast), Trinsic, Indicio
- Standards Bodies: Liaisons with W3C, ISO, Decentralized Identity Foundation The Foundation publishes Recommendations and Guides for implementers.
ToIP Trust Triangle
The three-party model at the heart of ToIP trust relationships:
- Issuer — Entity that asserts claims and issues verifiable credentials
- Holder — Subject who controls their credentials in a digital wallet
- Verifier — Relying party that requests and cryptographically verifies proofs Trust is established without direct contact between Issuer and Verifier. The Holder mediates the exchange, enforcing selective disclosure and consent.
Authentic Chained Data Containers (ACDC)
A ToIP specification for streaming verifiable data beyond static credentials:
- Enables ongoing attestations (e.g., real-time sensor data, audit logs)
- Uses chained key event logs for cryptographic continuity
- Supports selective disclosure of individual data points within a stream
- Designed for IoT, supply chain telemetry, and continuous compliance monitoring ACDC extends the ToIP model from point-in-time credentials to continuous trust.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us