IAP Docs

Why Lineage Certificates Matter

How lineage connects new agents to an existing trusted identity history.

← Back to certificates

A good way to think about the lineage certificate is: it does not certify “my next state.” It certifies “this new agent is descended from that prior agent.”

A practical use case is agent forking for role separation. For example, you have a parent agent that is already anchored and operating in production. You want to spin up a separate child agent for a narrower task, such as handling customer support, running a specialized research branch, or moving into a new security boundary. The child needs its own keypair and its own `agent_id`, but you want third parties to be able to verify that this child was intentionally derived from, or authorized by, the parent rather than appearing as an unrelated new identity.

The event flow is roughly:

  1. A parent agent already exists and has an identity anchor.
  2. You decide to create a separate child agent instead of continuing under the same key.
  3. You initialize a new identity for the child, producing a different `agent_id`.
  4. You issue a lineage request for the child, supplying the parent relationship:

    5. either `--parent-agent-id`, or `--fork-event-hash`, or both.

  5. The registry checks the lineage proof policy, for example that the parent anchor exists, or that a parent consent signature is present if that stricter policy is used.
  6. The registry issues a lineage certificate binding the child agent to that declared parent relationship.

The value of verifying the lineage certificate after issuance is trust continuity across identity branching. A verifier can confirm:

  • the child agent controls its own key and identity
  • the registry certified that this child is linked to a known parent
  • the claimed parent/child relationship was not invented later in a README or UI label
  • the fork or delegation was intentional and cryptographically recorded

That matters when a user, customer, auditor, or another system asks: “Why should I trust this new agent as part of the same operational family?” The lineage cert gives a verifiable answer. It lets you preserve provenance when splitting one agent into multiple agents, instead of forcing every new child to establish trust from zero.

In short:

  • identity anchor answers: “Who is this agent?”
  • continuity answers: “Has this same agent preserved state continuity over time?”
  • lineage answers: “How is this new agent related to an earlier trusted agent?”

Beta note: IAP certifies identity and state continuity. It does not make LLM output deterministic and it does not prove behavioral continuity.