[RFC] Positioning ENS as a Foundational Layer for AI Agent Identity

estmcmxci · February 20, 2026, 11:13pm

Context

The National Institute of Standards and Technology (NIST), the U.S. body responsible for developing foundational cryptographic and cybersecurity standards, recently announced the AI Agent Standards Initiative for Interoperable and Secure Innovation.

Many of the technical standards that underpin modern digital infrastructure — including FIPS cryptographic standards, NIST digital identity guidelines (SP 800-63), and widely adopted security frameworks — have emerged from or been shaped by NIST processes. Decisions made at this stage often influence government, enterprise, and vendor adoption for years.

Early input at this stage can meaningfully influence how the problem is framed.

Opportunity

NIST is currently soliciting public comments to inform a potential National Cybersecurity Center of Excellence (NCCoE) project focused on applying identity standards and best practices to AI agents. The NCCoE is seeking feedback to determine the project’s scope, feasibility, and potential value, and to assess whether a demonstration effort or other NCCoE outputs would best address the challenge.

I view this as a key opportunity for ENS to help define the canonical principal layer for AI agent identity, positioning ENS for broader adoption as AI agent identity matures while NIST and enterprise frameworks standardize the surrounding trust, credentialing, and authorization layers.

Call to Action

I delivered a short presentation during the Ecosystem Working Group meeting outlining the context and opportunity behind the initiative, and proposing a first step: align on a minimal ENS agent profile and discovery pattern, publish it as a draft reference architecture, and submit it as input to NIST’s open RFIs.

The discussion surfaced valuable insights, including the suggestion that the organizational metadata standard led by @jkm.eth and @Arnold could inform how structured identity metadata can be applied to AI agents within the NCCoE effort.

Recent work by @Premm.eth (ENSIP-24 and ENSIP-25) was also identified as relevant input.

While there was no consensus on formalizing an “Agent Identity Profile” standard at this stage, the general sentiment supported submitting coordinated ENS commentary ahead of the NCCoE effort.

Request for Comment

Given the importance of early-stage input in shaping NCCoE scoping decisions, it may be appropriate for ENS to submit a single, well-structured response on behalf of the protocol.

I am seeking input on whether the community believes this commentary should:

Be coordinated and submitted by a designated representative, or
Remain an open, multi-author community contribution.

If there is alignment to submit commentary, we should identify the appropriate lead and review path to ensure it reflects the protocol’s position.

estmcmxci · March 13, 2026, 5:26pm

Update: March 13, 2026

Three proposals have emerged that directly address the agent identity problem framed here:

ENSIP-26 (agent-context + agent-endpoint[<protocol>]) — minimal routing and discovery layer, open keyspace by convention, flat text records
Agent Identity Profile — security-oriented, three required keys plus a cryptographically signed off-chain manifest
Node Metadata Standard (NMS) — general-purpose node classification, typed JSON Schemas traveling with the node at runtime

The discussion is active. The most productive framing may not be “which proposal wins” but a separation of concerns:

NMS handles the identity and metadata layer — what the agent is, who controls it, how capabilities are typed and described. Runtime discoverability is its strongest feature.
ENSIP-26 handles routing and discovery — how clients find and connect to agents across protocols, with an open keyspace designed to grow as new protocols emerge without coordination overhead.

These are complementary and operate at different layers of the same stack.

This is directly relevant to the NCCoE submission.

“The NCCoE is interested in exploring standards-based approaches to identify, manage, and authorize access and actions taken by software agents, including AI agents, and provide practical guidelines for organizations to securely implement AI agents and benefit from their improved productivity, efficiency, and decision-making.”

ENS can respond with a layered architecture — a typed metadata layer (NMS) alongside a minimal routing layer (ENSIP-26), with the Agent Identity Profile providing cryptographic identity verification, version lineage, and signed policy declarations (chain scope, capabilities, spending limits).

That’s a credible, differentiated input — not a single monolithic standard, but a stack with the right tool at each layer.

The comment period closes April 2nd. If the community wants to submit coordinated input, we need alignment on this framing in the next two weeks.

Happy to take point on drafting if there’s appetite.

estmcmxci · April 2, 2026, 3:47am

Update: The public comment period for NCCoE’s concept paper, “Accelerating the Adoption of Software and AI Agent Identity and Authorization,” closes tomorrow (April 2).

ENS submission package (now available):

Technical Brief — “ENS: A Naming Layer for AI Agent Identity.” This is the formal filing. It articulates the core thesis: ENS delivers the naming layer for AI agents with three properties DNS lacks (self-service registration, cryptographic ownership, on-chain auditability) and shows how that layer sits beneath OAuth/OIDC/SPIFFE/SCIM/NGAC, analogous to DNS → HTTP.
Companion Paper — “ENS as a Naming Layer for AI Agent Identity: Production Infrastructure for Agent Identification, Authentication, and Authorization” (12 pp.). This document maps the seven-layer ENS stack to NIST’s six question areas and five areas of interest, and outlines a demonstration plan combining deployed infrastructure with the draft extensions:

ENS Registry: Human-readable names mapped to on-chain owners (identity baseline).
ENSIP‑24 (arbitrary data records): Metadata/address storage.
Chain Registry-Resolver: Canonical cross-chain directory (ERC‑7930/EIP‑7828).
ENSIP‑25 (agent registry verification): Links ENS names to on-chain agent registries.
ENSIP‑26 (routing & discovery): Protocol-specific endpoint discovery (MCP/A2A/OASF/web).
Node Metadata Standard: Typed classification + JSON Schema validation for agent metadata.
Agent Identity Profile: Signed manifests + version lineage (default-deny verification).

Both documents (with an AI assistant for interactive querying) are available here, along with ENS gateway mirrors:

Full research suite: https://nncoe.vercel.app
Technical brief: https://nccoe-brief.emilemarcelagustin.eth.link
ENS as a Naming Layer for AI Agent Identity: https://nccoe.emilemarcelagustin.eth.link

I will submit the brief tomorrow as an independent on behalf of the ENS ecosystem.

For final additions or quotations, please contact @estmcmxci on Telegram today.

estmcmxci · April 2, 2026, 5:52pm

Update: I’ve submitted the comment via email. This concludes my effort in positioning ENS as a foundation layer for AI agent identity.

Next steps, should there be any, will be the NCCoE considering instantiating a project to engage in building an example solution using commercially available technology.

If I receive any communication from the body, I’ll share an update with the developer community via the forum.