What Is the Nordax Entity Trust Protocol?

When you hire a contractor you've never met, you don't just take their word for it. You check a license number, look at reviews, maybe call a reference. Before money changes hands or a stranger enters your house, you need some kind of verification — a signal that comes from a source you trust, not just from the contractor themselves.

AI agents face the same problem at internet scale. An AI helping a customer book an appointment, compare service providers, or route a transaction needs to know: Is this business who they say they are? Can I trust the information in their profile? Do other trustworthy sources agree?

The Nordax Entity Trust Protocol (NETP) is our answer to that problem. It's the cryptographic trust layer we built to give businesses a machine-verifiable identity — one that AI systems, search engines, and agentic commerce platforms can check, validate, and rely on before taking action.

Why This Problem Exists

The web was designed for humans browsing, not machines deciding. When a person visits a business's website, they make a holistic judgment: Does this look legitimate? Does the address match? Do the reviews seem real? That judgment involves dozens of implicit trust signals that humans process naturally.

AI agents don't browse. They consume structured data and make decisions based on what that data says. And right now, most business data on the web has a fundamental problem: there's no way to verify it. Anyone can claim to be anything. A business can list a fake address, inflate a service area, or describe themselves however they want. From a machine's perspective, there's no signature, no timestamp, no chain of custody — just text.

This is the gap NETP fills. Instead of asking AI systems to guess whether a business is trustworthy, we give them cryptographic proof.

What NETP Produces

When a business completes verification on Nordax AI, NETP generates four outputs that AI systems can query and verify in real time:

1. Signed Entity Credentials

Every verified entity receives a W3C Verifiable Credential — a digitally signed certificate that attests to the entity's identity, verification status, and trust level. This credential uses the Ed25519 signature algorithm and is issued by Nordax AI's root signing key (did:web:nordax.ai). Any AI system or third-party platform can verify the signature mathematically — no need to call our servers to check if it's real.

Think of it like a notarized document: the notary's seal proves it hasn't been tampered with, even long after the notary is gone.

2. DID:web Identity

Every entity gets a Decentralized Identifier (DID) in the format did:web:nordax.ai:entities:{slug}. A DID is a globally unique, resolvable identifier that doesn't depend on any central authority. It anchors the entity's identity in a way that's consistent across systems — so whether an AI agent encounters the business through a search result, an MCP tool call, or a direct API query, it resolves to the same verified identity.

DNS works this way for websites — a domain name resolves to an IP address regardless of which DNS resolver you use. DID:web does the same thing for business identity.

3. Trust Quotient Score

The Trust Quotient (TQ) is a composite score from 0 to 100 that reflects how trustworthy an entity's identity is across five signal layers: verification depth, entity completeness, network relationships, profile quality, and temporal consistency (how long the entity has been present and active).

AI agents can use TQ to make calibrated decisions. A business with TQ 90 has stronger identity signals than one with TQ 40. It's not a review score or a rating — it's a measure of how well we can verify who this entity is.

4. Entity Resolution

The Entity Resolution API lets any AI system or platform submit a business name, domain, or partial identity and receive back the canonical, verified entity record. This solves one of the hardest problems in business data: the same business appears in dozens of different forms across the web — "Joe's Plumbing," "Joe's Plumbing LLC," "Joe's Plumbing & Heating," each with slightly different data.

NETP's resolution layer reconciles these fragments and returns a single, authoritative identity — with verification status attached.

How It Compares to What Already Exists

NETP is not the first attempt to solve online trust. Here's how it compares to two systems people already understand:

DNS (the identity layer for websites)

When you type a domain name into a browser, DNS resolves it to an IP address. DNS proves control — if you control a domain, you've proven something real. NETP borrows this concept: DNS verification is one of the methods we use to confirm a business controls the domain they claim. But DNS alone doesn't tell you much about the business itself — just that someone controls that server. NETP goes further: it verifies the entity behind the domain, not just the domain itself.

PayPal (trust between strangers)

Before PayPal, sending money to a stranger online required either blind trust or escrow. PayPal introduced a trust intermediary: both parties trusted PayPal, so they could trust each other by proxy. NETP works the same way for business identity. AI agents don't need to independently verify every business they encounter — they can trust Nordax's attestation because the verification process is transparent, the signatures are cryptographically verifiable, and the protocol is publicly documented.

The difference from PayPal is that NETP is designed to be open. The signed credentials can be verified by anyone without going through Nordax — once issued, they're self-contained proofs.

The Patent

We've filed a provisional patent for NETP (U.S. App. No. 64/002,246). The filing covers the specific methods and systems behind multi-signal entity verification, Trust Quotient scoring, and real-time cryptographic attestation for agentic commerce. We're publishing this post because we want the concepts to be understood publicly — the patent protects our specific implementation, not the idea of cryptographic business identity in general.

What This Means for Your Business

Every entity on Nordax AI is protected by NETP. If you've completed email and DNS verification, you already have a signed entity credential and a DID. Your Trust Quotient is calculated automatically and updated as your entity profile grows.

AI agents querying the Nordax MCP server, calling our attestation API, or resolving entity identities through our directory are using NETP to verify businesses in real time. The goal is that when an AI agent encounters your business — whether through a direct query, a search result, or an agentic workflow — it can verify your identity cryptographically, not just assume it.

That's the difference between being found and being trusted.