BCI: Behavioral Commitment Identity with Zero-Knowledge Challenge-Response Extension
Description
This research introduces Behavioral Commitment Identity (BCI), a novel cryptographic framework for verifying autonomous AI agents without storing credentials. BCI derives an agent’s identity from its behavioral patterns using fuzzy commitment schemes and adds a Zero-Knowledge Challenge-Response layer via a Memory Secret (MS) provisioned to the agent’s in-context memory. Together, these mechanisms satisfy the Agent Identity Trilemma: unforgeability, portability, and non-custody.
The paper provides a full mathematical specification, language-agnostic pseudocode, and a transparent disclosure of known weaknesses. BCI enables secure cross-server authentication for AI agents performing financial or transactional operations while eliminating the risk of credential theft. The research contributes a new primitive for AI agent identity verification, inviting the community to review, extend, and improve the framework.
Files
BCIV1-Research.pdf
Files
(393.4 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:a8f2f2ab1f0c97ce28e29e3f6c7b6a42
|
393.4 kB | Preview Download |
Additional details
References
- Juels, A., Wattenberg, M. (1999). A Fuzzy Commitment Scheme. ACM CCS.
- Dodis, Y., Reyzin, L., Smith, A. (2004). Fuzzy Extractors: How to Generate Strong Keys from Biometrics. EUROCRYPT.
- Debenedetti, E. et al. (2025). CaMeL: Defeating Prompt Injections by Design. Google DeepMind.
- Beurer-Kellner, L. et al. (2025). Design Patterns for Securing LLM Agents Against Prompt Injections. arXiv:2506.08837.
- Willison, S. (2023). The Dual LLM Pattern for Building AI Assistants. simonwillison.net.
- NIST SP 800-56C Rev.2 (2020). Recommendation for Key-Derivation Methods in Key-Establishment Schemes.
- RFC 5869 (2010). HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
- Starknet Foundation (2024). Poseidon Hash Specification. docs.starknet.io.
- Bellare, M., Rogaway, P. (1993). Random Oracles Are Practical. ACM CCS.
- Adeyeye, G. (2025). ZionDefi: Self-Custodial Payment Card Infrastructure on Starknet.