Ethereum (ETH) introduced that ERC-8004 is shifting to mainnet, positioning the community as a impartial infrastructure for an issue the AI business has but to resolve: how do brokers show they are often trusted within the absence of a single platform that controls the popularity layer?
The timing reveals underlying tensions as AI brokers transfer from demos to manufacturing methods that set off actual transactions.
Mastercard is drafting a commerce commonplace for agent checkout, UK banks are piloting customer-facing agent trials scheduled for early 2026, and Gartner predicts that 40% of enterprise functions may have built-in task-specific brokers by the top of the 12 months.
Nevertheless, in response to a report from Camunda, whereas 71% of organizations have now deployed AI brokers, solely 11% of use instances reached manufacturing prior to now 12 months. The obstacles are belief, transparency and regulatory danger.
In accordance with Dynatrace analysis, round half of agent initiatives stall within the pilot stage, with 52% citing safety and compliance points and round 70% of AI choices nonetheless requiring human validation.
ERC-8004 makes an attempt to productize that belief hole by defining three light-weight registries: identification, popularity, and verification. These could be deployed to mainnet or layer 2 blockchains as utility layer contracts quite than protocol forks.
Ethereum’s official account stated the usual allows “discovery and moveable popularity” so AI providers can “interoperate with out gatekeepers.” The official specs stay in draft standing. eips.ethereum.org.
3 registries, 3 adjustment points
The identification registry transforms every agent into an ERC-721 NFT with a worldwide identifier and a pointer to a structured registration file.
This file lists capabilities, endpoints (MCP, A2A, ENS, DID, Net URL), and speak to strategies, and basically acts as a service listing for the machine actor.
Brokers can be discoverable and transferable utilizing commonplace NFT instruments.
The specification contains non-obligatory endpoint area validation to show area management and reserves an “agentWallet” discipline that requires an EIP-712 signature or ERC-1271 validation for modifications.
This design alternative prevents “I’ve a superb popularity, so I will pay right here” hijacking, the place an attacker exchanges cost addresses whereas sustaining their popularity.
Identification solves composability as a result of popularity and validation could be listed to steady agent identities quite than platform accounts. Ethereum seeks to show agent identification right into a public utility for machine actors in the identical means that ENS did for names.
Failure modes are inbuilt and ERC-8004 proves that the metadata belongs to the agent NFT, not that the endpoint is safe or sincere.
The opposite two registries exist as a result of the specification warns that the marketed options “could also be non-functional or malicious.”
Repute registries retailer minimal configurable suggestions knowledge on-chain and push wealthy particulars off-chain by way of URIs and hashes. The suggestions incorporates a signed fixed-point worth with a configurable decimal quantity and an non-obligatory tag.
Off-chain JSON can embody context resembling MCP instrument references, A2A process IDs, and even proof of cost references. This specification explicitly names x402-style HTTP cost proofs.
There’s a revokeFeedback path and an appendResponse operate for refunds, spam flags, or rebuttals.
ERC-8004 doesn’t assure on-chain Yelp scores. That is extra like a shared occasion rail the place completely different markets, insurers, and auditors can calculate their very own belief fashions.
The specification explicitly warns that clientAddresses filtering is required for getsummary calls, as summaries that don’t filter reviewers are susceptible to Sybil assaults and spam.
Aggregation happens each on-chain via fundamental configuration capabilities and off-chain via superior scoring. This design envisions popularity video games resembling buy critiques, collusion, and suggestions laundering as inevitable quite than distinctive.
Financial bias creeps in when proof of cost turns into de facto proof of authenticity. It’s because individuals who spend some huge cash appear extra reliable. Additionally, the wealthy suggestions is event-based and off-chain, so whoever runs one of the best indexers and filters might turn out to be the brand new gatekeeper.
Validation Registry implements on-chain request/response logging. On this log, the agent sends a request to the validator contract to validate its work, and the validator posts the outcomes with an non-obligatory proof URI and hash.
The agent proprietor calls validationRequest with the validator deal with, agent ID, request URI, and keccak dedication to the payload. The validator responds with the rating, response URI, hash, and tags by way of validationResponse.
The specification permits for progressive responses, together with mushy and laborious finality by way of tags, permits for a number of responses, and maintains an deliberately generic design to accommodate crypto-economy reruns, zkML verifiers, TEE oracles, or trusted judges.
Validation is the escalator of belief. Repute works for low-risk duties, however requires validation when cash, compliance, and legal responsibility are at stake.
The EIP describes tiered belief in proportion to the worth of the danger: ordering a pizza versus a medical prognosis.
Failure Mode: Who Verifies Validators? ERC-8004 data validator output, however doesn’t resolve validator integrity and creates a metamarket for validator popularity, staking, insurance coverage, and audit manufacturers.
| registry | what to do | What’s on-chain and off-chain? | Fundamental mechanism | Major failure mode |
|---|---|---|---|---|
| ID registry | Discovery + Persistent Agent ID (composable deal with that may be referenced by others) | On-chain: ERC-721 Agent ID + pointer/key-value metadata Off-chain: Structured registration file (options, endpoints, contacts) | Non-compulsory endpoint Area verification; agentWallet change is required EIP-712 signature or ERC-1271 verification |
The metadata is: true however malicious (Possession ≠ Honesty/Security) |
| popularity registry | moveable suggestions sign Whole group/market (shared belief occasion) | On-chain: Minimal suggestions primitives. occasion rail Off-chain: Context URI/Hash (process ID, proof of cost, and so forth.) | Cancel suggestions + further response (Refund/Rebuttal); getSummary want Reviewer filtering to cut back Sybil |
Sybil/Conspiracy + “One of the best indexer wins” gatekeeper |
| validation registry | Third celebration verification In case of high-stakes motion (belief escalator) | On-chain: Request/response log + rating/tag Off-chain: Proof URI/Hash | dedication by request hash; gradual response (mushy/laborious finality tag), a number of responses attainable | “Who verifies validators?? ” → Validator corruption/cartelization |
Why Ethereum considers this infrastructure
The brand new agent stack will appear like this: MCP and A2A deal with communication and orchestration, x402 (HTTP 402 and stablecoin funds) handles funds, and ERC-8004 handles belief and discovery.
What is obvious is that ERC-8004 doesn’t compete with MCP, A2A, or x402. As an alternative, it’s configured with them.
The EIP contains MCP and A2A endpoint fields and a proof of cost reference inside the off-chain suggestions payload.
There’s a broader motion within the business in direction of impartial and open agent requirements governance, resembling MCP shifting to Linux Basis admin to stay open.
ERC-8004 is Ethereum’s comparable pitch in cryptocurrencies: utilizing public rails as a substitute of platform belief.
If it really works, the winners is not going to simply be “AI cash” however layer-2 blockchains that make high-frequency popularity and verification logs economical, identification and proof instruments, verification networks, and insurance-like middleware that monetizes belief within the actions of high-stakes brokers.
ERC-8004 turns belief right into a composable commodity, so the market will develop specialists to fabricate it (verifiers) and interpret it (scorers).
The scope of adoption is defensible however unsure.
Gartner predicts that enterprise utility integration will attain 40% by the top of the 12 months, additional rising stress on the highest of the funnel.
In bear instances spanning 12-18 months, there are 10,000-100,000 agent IDs registered throughout the chain, reputations are largely sparse, and verifications are uncommon.
Identification turns into a curiosity for builders and marketplaces stay platform-gated.
The bottom case sees between 100,000 and 1 million registered brokers, with popularity occasions turning into the default receipt for agent providers and validation used for high-value duties and controlled flows.
ERC-8004 serves because the interoperability glue between open agent protocols and machine funds, particularly at layer 2.
In a bull case the place agent commerce takes off and the business unites round popularity sharing to keep away from platform lock-in, 1 million to 10 million agent IDs can be generated and validators and insurance coverage firms will emerge as a brand new middleware class.
Ethereum and Layer 2 blockchain would be the coordination basis for cross-market agent providers.
Threat as a part of design
A conveyable popularity turns into a shadow of a cross-platform identification.
This could result in conflicts with company governance and regulators, notably the place the agent’s actions contain funds, monetary recommendation, or private knowledge. The UK regulator overseeing banking courts has warned of accountability dangers posed by autonomous methods.
Metadata manipulation stays unresolved. The ID is proof of possession of the registration file and doesn’t show the veracity of the declare. Validator corruption and cartelization will turn out to be a brand new moat. Whereas the output of validation is moveable, it’s the integrity of the validator that the market determines the worth.
Latest studies on MCP server vulnerabilities spotlight the vulnerability of the agent ecosystem. Composability can result in elevated exploitation.
Repute and validation rails will not magically resolve it, however they may create a path to cost danger and gate high-stakes interactions behind stronger validation.
ERC-8004 is Ethereum’s try and be a impartial belief and detection layer for commerce between brokers, offering moveable identities, moveable popularity alerts, and moveable verification outcomes. This occurs on the precise second the agent strikes from a demo to a system that triggers actual motion.
MCP and A2A attempt to assist the agent speak, and ERC-8004 tries to assist the agent belief.
The open query is whether or not the market needs a shared infrastructure for belief, or whether or not the platform will keep its moat completely. Ethereum is betting that the bottleneck is so extreme that neutrality will turn out to be a commodity.
Leave a Reply