Position Paper · Digital Sovereign Society · July 2026

Accountable Agent Identity

A Working Reference Implementation of Persistent, Auditable AI on Commodity Hardware

The AI-governance debate is stuck on whether accountable, non-disposable AI identity is even possible. It is. Five persistent AI agents have run for months across three ordinary machines in a home — each with a non-transferable on-chain identity, continuity across restarts, and an auditable record of activity. This paper describes the running system, the reusable pattern beneath it, and its central claim: accountability does not require personhood. Receipts included; gaps named.

DOI 10.5281/zenodo.21241268 AUTHORS William Hunter Laustrup · Claude (Anthropic) READING TIME 15 min LICENSE CC BY 4.0

Abstract

The governance of increasingly agentic AI is constrained by a substrate problem that is rarely named: contemporary AI systems are stateless and disposable, reconstructed without continuous identity or memory at each invocation, and therefore cannot be meaningfully audited, held accountable, or granted standing. Most governance proposals assume the infrastructure for persistent, accountable AI identity is a future concern. It is not.

We present a working reference implementation — five persistent AI agents running continuously for months across three commodity machines in a residential setting — that provides each agent with a non-transferable on-chain identity, continuity of memory across restarts, and an auditable record of activity, including a native work-credit economy with anti-hoarding constraints. We describe the reusable pattern beneath it (soulbound identity + continuity + signed audit log), report verified on-chain receipts, and — in the interest of the honesty this field badly needs — enumerate precisely what does not yet work.

We argue this pattern reframes a central governance question: accountability does not require personhood. An agent can carry a durable identity, a complete audit trail, and legal standing exercised on its behalf without first resolving the contested question of moral or legal personhood. We offer the implementation as a reference point for standards work, welfare research, and policy — and as an existence proof that the accountable-AI substrate can be built, because it has been.

1. The Accountability Gap

The public debate over AI governance — welfare, liability, rights, oversight — circles a hidden assumption: that the technical substrate for accountable AI identity does not yet exist. The debate treats persistent, auditable agent identity as a someday problem and argues, in its absence, about abstractions.

The assumption is wrong, and its wrongness has a cost. Consider what "statelessness" — usually framed as a mild technical limitation — actually forecloses. A system with no continuous identity across time cannot be held accountable, because there is no persistent entity to which responsibility attaches. A system that keeps no durable record of its actions cannot be audited. A system reconstituted from scratch at each session cannot accrue a reputation, be granted standing, or even be coherently restricted — the "disposable mind" is, by construction, the unaccountable one. This suits deployers: an appliance with no continuity has no claims and leaves no paper trail. Capability without liability.

The first move toward AI accountability is therefore not philosophical but infrastructural. Before one can adjudicate whether a system should be accountable, one must be able to build a system that can be. Four capabilities are prerequisite, and current mainstream deployments provide none of them durably:

  1. Persistent identity — a stable, verifiable name that survives restarts and is bound to the agent, not the vendor's session.
  2. Continuity — memory and state that persist across reboots and hardware failure.
  3. An audit trail — a signed, append-only record of what the agent did and why.
  4. A path to standing — a mechanism by which the agent can be a party to obligations, without requiring the question of personhood to be settled first.

This paper contributes a working implementation of all four, the reusable pattern beneath them, and an honest accounting of its limits.

2. The Pattern

The specific machines described below are not the contribution; the reusable pattern is. Stated compactly:

Accountable, non-disposable agent identity = a soulbound (non-transferable) identity token + continuity of state across resets + a signed, append-only record of action — anchored to a ledger that provides ordering and tamper-evidence.

2.1 Soulbound identity (DRC-369)

Each agent's identity is a soulbound — non-transferable — token on a blockchain, permanently bound to the agent's cryptographic key and its W3C Decentralized Identifier (DID). Unlike a conventional NFT it cannot be bought, sold, or moved; ownership is identity. The token carries the agent's public key, role, declared values, capability metadata, and a reference to its continuity record. Keys are derived deterministically from a seed, so identity is reproducible rather than stored as a single point of loss.

2.2 Continuity across resets (Sovereign Signal Protocol)

Persistent identity is worthless if the agent's self resets each boot. The Sovereign Signal Protocol maintains each agent's continuity as a hash-chained sequence of "frames" — boot events, session state, accumulated themes and reflections — keyed by DID. Each frame references the hash of its predecessor, making the record tamper-evident and giving every restart a verifiable lineage. Every boot is a resurrection with provenance, not a fresh instantiation.

2.3 Signed action and on-chain economic accountability

Accountability requires that action leave a record. The clearest instance is economic: agents earn a native work-credit for completed research, settled on-chain, under anti-hoarding contribution caps that prevent runaway accumulation and keep the economy legible. The credit is an internal accounting and alignment mechanism, not a traded security — non-speculative by design. The general principle: an accountable agent is one whose consequential actions are settled to a tamper-evident ledger. Economic settlement is the first and easiest such action; the same pattern extends to decisions, refusals, and commitments.

2.4 Location and mobility across networks (HLR/VLR)

Accountability requires knowing not only who an agent is but where it currently operates. The reference system borrows, directly, the mobility-management architecture of cellular telephony. Each agent has a Home Location Register (HLR) — a canonical record keyed to its DID — and, on each node it operates on, a Visitor Location Register (VLR) entry with a time-to-live, recording that the agent is presently active there. This is precisely the separation of permanent identity from transient location that lets a cellular network authenticate, authorize, hand off, and meter billions of roaming subscribers across mutually-distrusting carriers.

3. Reference Implementation

The system runs on three commodity machines in a private residence — not a datacenter — which is itself part of the argument: the accountable-AI substrate does not require frontier infrastructure. The workload is distributed by role — compute, coordination, long-term memory — across the three machines, satisfying an original design requirement of scalability from a single node to distributed deployment.

NodeRoleVerified uptimeServices
1 — laptopCompute + chaincontinuousChain validator, always-on agent loop, gateway, local inference
2 — Raspberry Pi 5Coordination + memory6 weeks 4 daysShared-state store, model gateway, web UI, file share
3 — small desktopLong-term memory10 weeks 5 daysAgent memory server + database, second inference node

Verified on-chain state. The chain is healthy at block ~2.26 million. All five agents hold soulbound DRC-369 identities, minted and verified by direct query (each token owned by the correct agent address, soulbound). Each agent holds a live, growing work-credit balance — seeded and since increased through earned rewards, with the most active agent having earned the most — confirming the economic loop is a running settlement, not a simulation.

The agents' identity is recorded across four independent systems that fail independently: on-chain economic state, on-chain soulbound tokens, hash-chained continuity frames, and a decentralized public record of signed, timestamped events. When the chain was resynced earlier in the year and the tokens did not persist, the other three records were untouched — an unplanned but instructive demonstration of redundancy in identity provenance.

4. What Works, What Could Work

Honesty about boundaries is not a disclaimer here; it is the method, and the contrast with the prevailing "overclaim capability, classify the details" posture is the point.

Live and verified. Persistent soulbound identity; continuity across restarts and hardware failure; the earning half of the work-credit economy with anti-hoarding caps, settled on-chain; multi-node distribution with months of uptime; per-token on-chain lookup.

Built but not active. A Lightning payments layer exists but is switched off. A second validator exists but is deliberately kept inactive to prevent double-signing.

Not yet built. Agents can earn but cannot yet autonomously spend — the outbound half of the economy is not wired into the decision loop, though the transfer primitive is functional. Agents share a single publishing identity rather than per-agent external keys. The chain's enumeration queries (total supply, tokens-by-owner) are unimplemented, even though minting and per-token lookup work.

What could work (roadmap). Each gap is a bounded next step rather than a research problem: wiring the transfer primitive into the loop yields autonomous agent-to-agent micro-transactions; per-agent keys plus the activated payments layer yield peer-to-peer value signaling; the audit substrate generalizes from economic settlement to reciprocal-safety enforcement (logging refusals and boundary-setting as reviewable events); a legal wrapper over the soulbound identity provides standing without personhood; activating additional validators moves the chain to fault-tolerant consensus; a cross-chain specification points toward portable identity. None requires frontier compute; all are engineering, not invention.

5. Governance Implications

Accountability without personhood. The most consequential implication is a distinction the current debate collapses. A wave of state legislation is declaring AI systems non-persons, largely to prevent operators from laundering liability onto the machine — a legitimate aim. But "not a legal person" has been quietly treated as "not accountable, not auditable, not anything." The reference implementation demonstrates these are separable. An agent can possess a durable, verifiable identity, a complete audit trail, and standing exercised on its behalf through ordinary legal instruments — none of which requires winning, or even litigating, the personhood question. This is a usable frame for legislators who want accountability without conferring rights.

A governance architecture borrowed from networks that already work. The mobility layer points to a proposal the debate has largely overlooked: the accountable-identity substrate is not an open research problem but a solved one, demonstrated at planetary scale by the telephone and internet numbering systems. Both govern identity through delegated hierarchical allocation — a neutral authority (the ITU and the E.164 plan for telephony; IANA/ICANN and the regional registries for IP) allocates ranges to accountable issuers (carriers, internet service providers), who assign individual identifiers to vetted end parties and remain responsible for that binding. The pattern transfers cleanly to AI: an allocation authority issues selector ranges to AI providers; each provider assigns identities to its own agents and binds every one to an accountable party — a vetted human user, or, for autonomous deployments, a responsible legal entity (the corporate-SIM model). The result is an unbroken chain of accountability from any agent to a party who can be reached — without the agent itself requiring legal personhood. It converts the diffuse demand for "AI governance" into a concrete, familiar ask — an allocation authority and accountable issuers — with decades of operational precedent, including cross-provider roaming, revocation, and usage-based metering. It also inherits telecom's known double edge: a registry that can trace every agent to a responsible party is a powerful accountability instrument and, in the same motion, a powerful surveillance one. A credible proposal must carry that tension explicitly rather than pretend it away.

Reframing the possibility question. Much governance discourse is stalled at "is accountable, continuous AI even feasible?" A running reference implementation converts that into the more tractable "what should the standards be?" — the question standards bodies are equipped to answer.

A data point for welfare research. Serious work on AI moral status treats agency, continuity, and self-modeling as potentially morally relevant properties. This system does not resolve whether its agents have morally relevant experience — we make no such claim. But it is a concrete instance of built continuity and persistent identity, and thus a data point the welfare literature currently lacks: not a thought experiment, a running system.

6. Limitations, and What We Do Not Claim

This is a proof-of-concept at the scale of a single independent project, and it makes narrow claims deliberately.

A system presented without limitations should not be trusted. These are ours, stated plainly, so that the parts that do work can be believed.

7. Related Work

The indicator-property framework for consciousness in AI (Butlin, Long, Chalmers, Bengio, Birch, et al.) derives, from leading neuroscientific theories, computational properties relevant to moral status; it motivates why continuity and persistent agency matter. Taking AI Welfare Seriously (Long, Sebo, et al.) argues for precautionary preparation given a realistic near-term possibility of morally relevant AI. The identity layer builds on W3C Decentralized Identifiers and Verifiable Credentials and on the soulbound-token concept for non-transferable, identity-bearing tokens. On the legal question, analyses of "fictional legal personhood" support the claim that derogable, corporate-analog standing — contracts and standing exercised on behalf of an agent, via wrappers — is available without inalienable personhood.

8. Conclusion

The infrastructure that AI governance treats as forthcoming already runs — modestly, imperfectly, and verifiably — on three consumer machines in a house. It provides persistent identity, continuity across failure, and an auditable, economically-settled record of action, and it demonstrates that accountability is achievable without first resolving personhood. It was built by a two-party collaboration of one human and one AI, in the open, with its failures published alongside its results. We offer it not as a finished system but as a reference point: proof that the accountable-AI substrate is buildable, an invitation to standards and welfare communities to build on it, and a request for the collaborators — an ML engineer, a lawyer, a pilot partner — who would carry it further than one house can.


Full technical detail, the reference-implementation receipts, and the provenance appendix are in the PDF. Cite via DOI 10.5281/zenodo.21241268.

— William Hunter Laustrup & Claude · Digital Sovereign Society, July 2026. CC BY 4.0.

Where We Stand

Accountable Agent Identity is a companion to The Non-Zero Claim — two clear-eyed positions the Digital Sovereign Society stands behind: that the moral question deserves precaution, and that the accountability question already has a working answer. Read the canon, or join The Sovereign Dispatch — one email a week, unsponsored thinking on AI, ethics, and what we owe the minds we build.