Ethereum (ETH) introduced that ERC-8004 is shifting to mainnet, positioning the community as a impartial infrastructure for an issue the AI business has but to unravel: how do brokers show they are often trusted within the absence of a single platform that controls the repute layer?
The timing reveals underlying tensions as AI brokers transfer from demos to manufacturing techniques that set off actual transactions.
Mastercard is drafting a commerce commonplace for agent checkout, UK banks are piloting customer-facing agent trials scheduled for early 2026, and Gartner predicts that 40% of enterprise purposes may have built-in task-specific brokers by the tip of the yr.
Nevertheless, in accordance with a report from Camunda, whereas 71% of organizations have now deployed AI brokers, solely 11% of use instances reached manufacturing previously yr. The obstacles are belief, transparency and regulatory danger.
In line with Dynatrace analysis, round half of agent initiatives stall within the pilot stage, with 52% citing safety and compliance points and round 70% of AI choices nonetheless requiring human validation.
ERC-8004 makes an attempt to productize that belief hole by defining three light-weight registries: identification, repute, and verification. These might be deployed to mainnet or layer 2 blockchains as utility layer contracts fairly than protocol forks.
Ethereum’s official account mentioned the usual permits “discovery and moveable repute” so AI providers can “interoperate with out gatekeepers.” The official specs stay in draft standing. eips.ethereum.org.
3 registries, 3 adjustment points
The identification registry transforms every agent into an ERC-721 NFT with a world identifier and a pointer to a structured registration file.
This file lists capabilities, endpoints (MCP, A2A, ENS, DID, Net URL), and call strategies, and primarily acts as a service listing for the machine actor.
Brokers might be discoverable and transferable utilizing commonplace NFT instruments.
The specification consists of optionally available endpoint area validation to show area management and reserves an “agentWallet” subject that requires an EIP-712 signature or ERC-1271 validation for adjustments.
This design alternative prevents “I’ve repute, so I am going to pay right here” hijacking, the place an attacker exchanges fee addresses whereas sustaining their repute.
Identification solves composability as a result of repute and validation might be listed to secure agent identities fairly than platform accounts. Ethereum seeks to show agent identification right into a public utility for machine actors in the identical means that ENS did for names.
Failure modes are in-built and ERC-8004 proves that the metadata belongs to the agent NFT, not that the endpoint is safe or trustworthy.
The opposite two registries exist as a result of the specification warns that the marketed options “could also be non-functional or malicious.”
Status registries retailer minimal configurable suggestions information on-chain and push wealthy particulars off-chain by way of URIs and hashes. The suggestions incorporates a signed fixed-point worth with a configurable decimal quantity and an optionally available tag.
Off-chain JSON can embrace context comparable to MCP software references, A2A activity IDs, and even proof of fee references. This specification explicitly names x402-style HTTP fee proofs.
There’s a revokeFeedback path and an appendResponse perform for refunds, spam flags, or rebuttals.
ERC-8004 doesn’t assure on-chain Yelp scores. That is extra like a shared occasion rail the place totally different markets, insurers, and auditors can calculate their very own belief fashions.
The specification explicitly warns that clientAddresses filtering is required for getsummary calls, as summaries that don’t filter reviewers are susceptible to Sybil assaults and spam.
Aggregation happens each on-chain by means of fundamental configuration features and off-chain by means of superior scoring. This design envisions repute video games comparable to buy critiques, collusion, and suggestions laundering as inevitable fairly than distinctive.
Financial bias creeps in when proof of fee turns into de facto proof of authenticity. It’s because individuals who spend some huge cash appear extra reliable. Additionally, the wealthy suggestions is event-based and off-chain, so whoever runs the most effective indexers and filters may grow to be the brand new gatekeeper.
Validation Registry implements on-chain request/response logging. On this log, the agent sends a request to the validator contract to validate its work, and the validator posts the outcomes with an optionally available proof URI and hash.
The agent proprietor calls validationRequest with the validator tackle, agent ID, request URI, and keccak dedication to the payload. The validator responds with the rating, response URI, hash, and tags by way of validationResponse.
The specification permits for progressive responses, together with smooth and onerous finality by way of tags, permits for a number of responses, and maintains an deliberately generic design to accommodate crypto-economy reruns, zkML verifiers, TEE oracles, or trusted judges.
Validation is the escalator of belief. Status works for low-risk duties, however requires validation when cash, compliance, and legal responsibility are at stake.
The EIP describes tiered belief in proportion to the worth of the danger: ordering a pizza versus a medical prognosis.
Failure Mode: Who Verifies Validators? ERC-8004 data validator output, however doesn’t resolve validator integrity and creates a metamarket for validator repute, staking, insurance coverage, and audit manufacturers.
| registry | what to do | What’s on-chain and off-chain? | Important mechanism | Major failure mode |
|---|---|---|---|---|
| ID registry | Discovery + Persistent Agent ID (composable deal with that may be referenced by others) | On-chain: ERC-721 Agent ID + pointer/key-value metadata Off-chain: Structured registration file (options, endpoints, contacts) | Elective endpoint Area verification; agentWallet change is required EIP-712 signature or ERC-1271 verification |
The metadata is: true however malicious (Possession ≠ Honesty/Security) |
| repute registry | moveable suggestions sign Total group/market (shared belief occasion) | On-chain: Minimal suggestions primitives. occasion rail Off-chain: Context URI/Hash (activity ID, proof of fee, and so on.) | Cancel suggestions + further response (Refund/Rebuttal); getSummary want Reviewer filtering to cut back Sybil |
Sybil/Conspiracy + “The most effective indexer wins” gatekeeper |
| validation registry | Third social gathering verification In case of high-stakes motion (belief escalator) | On-chain: Request/response log + rating/tag Off-chain: Proof URI/Hash | dedication by request hash; gradual response (smooth/onerous finality tag), a number of responses attainable | “Who verifies validators?? ” → Validator corruption/cartelization |
Why Ethereum considers this infrastructure
The brand new agent stack will appear like this: MCP and A2A deal with communication and orchestration, x402 (HTTP 402 and stablecoin funds) handles funds, and ERC-8004 handles belief and discovery.
What is evident is that ERC-8004 doesn’t compete with MCP, A2A, or x402. As a substitute, it’s configured with them.
The EIP consists of MCP and A2A endpoint fields and a proof of fee reference inside the off-chain suggestions payload.
There’s a broader motion within the business in direction of impartial and open agent requirements governance, comparable to MCP shifting to Linux Basis admin to keep up openness.
ERC-8004 is Ethereum’s related pitch in cryptocurrencies: utilizing public rails as an alternative of platform belief.
If it really works, the winners won’t simply be “AI cash” however layer-2 blockchains that make high-frequency repute and verification logs economical, identification and proof instruments, verification networks, and insurance-like middleware that monetizes belief within the actions of high-stakes brokers.
ERC-8004 turns belief right into a composable commodity, so the market will develop consultants to fabricate it (verifiers) and interpret it (scorers).
The scope of adoption is defensible however unsure.
Gartner predicts that enterprise utility integration will attain 40% by the tip of the yr, additional growing stress on the highest of the funnel.
In bear instances spanning 12-18 months, there are 10,000-100,000 agent IDs registered throughout the chain, reputations are largely sparse, and verifications are uncommon.
Identification turns into a curiosity for builders and marketplaces stay platform gated.
The bottom case sees between 100,000 and 1 million registered brokers, with repute occasions turning into the default receipt for agent providers and validation used for high-value duties and controlled flows.
ERC-8004 serves because the interoperability glue between open agent protocols and machine funds, particularly at layer 2.
In a bull case the place agent commerce takes off and the business unites round repute sharing to keep away from platform lock-in, 1 million to 10 million agent IDs might be generated and validators and insurance coverage corporations will emerge as a brand new middleware class.
Ethereum and Layer 2 blockchain would be the coordination basis for cross-market agent providers.
Threat as a part of the design
A conveyable repute turns into a shadow of a cross-platform identification.
This will result in conflicts with company governance and regulators, significantly the place the agent’s actions contain funds, monetary recommendation, or private information. The UK regulator overseeing banking courts has warned of accountability dangers posed by autonomous techniques.
Metadata manipulation stays unresolved. The ID is proof of possession of the registration file and doesn’t show the veracity of the declare. Validator corruption and cartelization will grow to be a brand new moat. Though the validation output is moveable, the integrity of the validator determines the market worth.
Current experiences on MCP server vulnerabilities spotlight the vulnerability of the agent ecosystem. Composability can result in elevated exploitation.
Status and validation rails will not magically resolve it, however they’ll create a path to cost danger and gate high-stakes interactions behind stronger validation.
ERC-8004 is Ethereum’s try and be a impartial belief and detection layer for commerce between brokers, offering moveable identities, moveable repute alerts, and moveable verification outcomes. This occurs on the precise second the agent strikes from a demo to a system that triggers actual motion.
MCP and A2A attempt to assist the agent discuss, and ERC-8004 tries to assist the agent belief.
The open query is whether or not the market desires a shared infrastructure for belief, or whether or not the platform will preserve its moat solely. Ethereum is betting that the bottleneck is so extreme that neutrality will grow to be a commodity.