Skip to content
Quidnug

Quids (identities)

A quid is the primitive identity object in the protocol. It is a public key plus metadata. The quid ID is the first 16 hex characters of sha256(publicKey).

type Quid struct {
    ID        string                 // 16-char hex from publicKey
    PublicKey []byte                 // ECDSA P-256, compressed (32 bytes)
    Created   int64                  // unix seconds
    MetaData  map[string]interface{} // app-defined
}

A quid can represent a person, organization, device, AI agent, document, contract, or any entity that needs to sign things. The protocol does not assign semantics; your application does.

Key properties

Section titled “Key properties”
  • ECDSA P-256 for signatures. Curve and hash are fixed so cross-SDK signatures are interoperable.
  • Self-sovereign, the application holds the private key; the node never sees it for operations that are locally signed.
  • Recoverable via guardian quorum (see key lifecycle) without central escrow.
  • Auditable, every transaction affecting a quid is signed, nonced, and anchored into a block.

Identity transactions

Section titled “Identity transactions”

The IDENTITY transaction type creates and updates a quid’s metadata. It carries an updateNonce that must strictly increase with each update, so racing updates from compromised copies are rejected.

Relationship to trust and titles

Section titled “Relationship to trust and titles”
  • A trust edge is declared from one quid to another in a specific domain. See trust.
  • A title (asset ownership) is held by one or more quids, each with a float percentage summing to exactly 100.0.
  • An event stream is bound to a quid’s subject ID; appending to it requires a signature from the quid’s current epoch key.

Epochs

Section titled “Epochs”

Each quid has a current epoch. Keys are rotated by anchoring a rotation transaction that moves the epoch forward; new signatures must be on the new epoch’s key. See key lifecycle and QDP-0001: Global Nonce Ledger.