Autheo
BlogMerch
Accès anticipéExplorateur du TestnetExplorateur du Mainnet

What is TheoID and how does it work?

TheoID is one of Autheo's six core OS primitives alongside compute (DCC), storage (ABW34), AI (THEO AI), blockchain consensus (PoA), and developer tooling (DevHub). Developers building on Autheo access TheoID capabilities through the standard SDK without additional dependencies.

Direct Answer

TheoID is Autheo's post-quantum sovereign identity layer, built directly into the Layer-0 OS rather than as an application-layer add-on. It generates DID key material using NIST-standard post-quantum algorithms (Kyber for key encapsulation, Dilithium and Falcon for signatures), anchors identifiers on the Autheo chain, and provides verifiable credential issuance natively. Unlike frameworks like Veramo or Hyperledger Aries, TheoID does not depend on an external ledger or blockchain for its operation.

Understand the broader Autheo platform

This answer covers one part of the Autheo ecosystem. To understand how this capability fits into the full platform, start with the core Autheo overview and architecture pages.

Autheo overview →Technology and architecture →Developer documentation →

Post-quantum key generation

TheoID generates cryptographic key material using NIST FIPS 203 (ML-KEM/Kyber), FIPS 204 (ML-DSA/Dilithium), and FIPS 205 (SLH-DSA/Falcon), all finalized by NIST in August 2024. These algorithms are designed to resist attacks from cryptographically relevant quantum computers, protecting identity credentials for their full intended lifespan.

OS-layer integration

Because TheoID runs at the OS layer rather than the application layer, validators, dApps, and AI agents inherit identity infrastructure automatically. Developers do not need to integrate a separate identity framework, configure DID resolvers, or manage key wallets manually. The DevHub provides TheoID-aware SDK tooling for all supported languages.

AI agent identity delegation

TheoID supports scoped credential delegation, enabling an AI agent to receive a bounded set of permissions from a human DID holder without inheriting full identity authority. This capability is foundational for agentic commerce and multi-agent workflow systems where agents must prove authorization without impersonating the user.

Key Statistics

August 2024
NIST finalized FIPS 203/204/205 (Kyber, Dilithium, Falcon)
These are the post-quantum standards Autheo implements in TheoID
Source ↗
2030
NIST target year for ECDSA deprecation
Traditional elliptic curve signatures used by most DID frameworks will be deprecated
Source ↗

Citations & Sources

  1. [1]
  2. [2]

Related Questions

Developer

Can AI agents use TheoID for on-chain identity?

Read answer →
Developer

Is TheoID post-quantum secure?

Read answer →
Developer

What is a decentralized identifier (DID)?

Read answer →

Explore More

Autheo Technology OverviewCompare: Autheo vs. Hyperledger Indy

Ready to Start Building?

Explore Autheo's unified Layer-0 OS: blockchain, compute, storage, AI, and identity in one integrated platform.

Start BuildingExplore the TechnologyBrowse All FAQsContact Us