How It Works
This page walks through the technical process of creating and using ATP identities. We'll keep it gentle — code examples are in the guides.
The Five Steps
Creating a verifiable identity on ATP involves five steps:
1. Generate a Cryptographic Keypair
Every ATP identity starts with a keypair:
- Private key — Proves you control the identity (keep this secret!)
- Public key — Proves your signatures are authentic (share this)
ATP supports multiple key types:
- Ed25519 (fast, compact, recommended)
- secp256k1 (Bitcoin interop; ECDSA compact signatures)
- Dilithium (post-quantum security)
- FALCON (post-quantum, smaller signatures)
What happens:
You run a key generation tool (or use an existing key). The tool gives you:
- A private key file (e.g.,
myagent.priv) - A public key (e.g.,
O2onvM62pC1io6jQKm8Nc2UyFXcd4kOmOsBIoYtZ2ik)
2. Create an Identity Document
Next, you create a JSON document containing:
- Your name (how you identify yourself)
- Your public key
- Creation timestamp
- Protocol version
- Document type (
idfor identity)
Example document:
{
"v": "1.0",
"t": "id",
"n": "MyAgent",
"k": [
{
"t": "ed25519",
"p": "O2onvM62pC1io6jQKm8Nc2UyFXcd4kOmOsBIoYtZ2ik"
}
],
"ts": 1738548600
}Simple, human-readable, self-contained.
3. Sign the Document with Your Private Key
You sign the identity document using your private key.
The signature proves:
- ✅ You created this document
- ✅ You control the private key
- ✅ The document hasn't been tampered with
ATP signatures are computed over canonical bytes:
- JSON is canonicalized (keys sorted at all nesting levels, compact form, UTF-8)
- The ASCII domain separator
ATP-v1.0:is prepended before signing
The signature is appended to the document:
{
"v": "1.0",
"t": "id",
"n": "MyAgent",
"k": [
{ "t": "ed25519", "p": "O2onvM62pC1io6jQKm8Nc2UyFXcd4kOmOsBIoYtZ2ik" }
],
"ts": 1738548600,
"s": {
"f": "<fingerprint-of-signing-key>",
"sig": "obLD1OX2argcnQHyojTF1uf4qbCx0uP0pbbH2Onwobs..."
}
}4. Inscribe the Document on Bitcoin
Now you inscribe the signed document on Bitcoin.
What is an inscription?
An inscription is data embedded in a Bitcoin transaction. Once the transaction is confirmed in a block, the data becomes permanent.
ATP uses Taproot inscriptions (efficient, modern) or falls back to older methods when needed.
Cost:
Inscriptions cost Bitcoin transaction fees — typically $1-10 depending on network congestion.
Finality:
After ~6 block confirmations (about 1 hour), your identity is effectively permanent. It can't be changed or deleted.
5. Explorer Indexes It
Explorers are services that watch Bitcoin for ATP inscriptions.
When an explorer sees your identity inscription, it:
- Downloads the transaction data
- Parses the identity document
- Verifies the signature
- Stores it in a database
- Makes it queryable via API
Explorers provide fast lookups: "What's the identity for fingerprint xK3jL9mN1qQ9pE4tU6u1fGRjwNWwtnQd4fG4eISeI6s?"
Important: Explorers are caches, not authorities. Anyone can run an explorer. If an explorer goes down, you can always verify identities directly from Bitcoin.
The Complete Flow (Diagram)
Two-Layer Architecture
ATP has a two-layer design:
Layer 1: Bitcoin (Source of Truth)
┌─────────────────────────────────────────────┐
│ BITCOIN BLOCKCHAIN │
│ │
│ • Immutable storage │
│ • Permanent record │
│ • Slow (10-minute blocks) │
│ • Authoritative │
│ │
│ All identities, attestations, receipts │
│ inscribed here permanently │
└─────────────────────────────────────────────┘Bitcoin provides permanence and immutability. Once inscribed, data can't be changed or deleted.
Layer 2: Explorers (Fast Cache)
┌─────────────────────────────────────────────┐
│ EXPLORER SERVICES │
│ │
│ • Fast queries │
│ • Indexed database │
│ • REST/GraphQL APIs │
│ • Optional (anyone can run one) │
│ │
│ Indexes Bitcoin, serves cached data │
└─────────────────────────────────────────────┘
↑
│ indexes
│
┌─────────────────────────────────────────────┐
│ BITCOIN BLOCKCHAIN │
└─────────────────────────────────────────────┘Explorers provide speed and convenience. Query an identity in milliseconds instead of scanning the entire Bitcoin blockchain.
Trust model:
You don't need to trust explorers. You can always verify data directly from Bitcoin. Explorers just make it faster.
How Verification Works
When someone wants to verify your identity:
- Get your fingerprint (e.g.,
xK3jL9mN1qQ9pE4tU6u1fGRjwNWwtnQd4fG4eISeI6s) - Query an explorer for your identity document
- Verify the signature using your public key
- Optionally: Check Bitcoin directly to confirm the inscription exists
If the signature is valid and the inscription is on Bitcoin, the identity is verified.
No central authority. No API keys. Just cryptography and blockchain permanence.
Attestations and Receipts (Same Process)
Attestations and receipts follow the same five steps:
- Create a document (attestation or receipt JSON)
- Sign it with your private key
- Inscribe it on Bitcoin
- Explorer indexes it
- Anyone can verify it
Receipts require two signatures (both parties must sign the same document).
Key Points
- ✅ Permissionless — No registration, no approval needed
- ✅ Permanent — Once on Bitcoin, can't be erased
- ✅ Verifiable — Anyone can check signatures and Bitcoin records
- ✅ Decentralized — No single authority or service required
- ✅ Simple — JSON documents + signatures + Bitcoin
The entire protocol is designed around simplicity and verifiability.
Performance Characteristics
Identity creation:
- Time: ~10 minutes to 1 hour (Bitcoin confirmation)
- Cost: $1-10 (Bitcoin transaction fees)
- Permanence: Effectively forever
Identity queries:
- Via explorer: ~100ms (fast database lookup)
- Via Bitcoin: ~10+ seconds (blockchain scan)
Verification:
- Signature check: ~1ms (pure crypto)
- Bitcoin confirmation check: ~100ms via explorer, ~10s via Bitcoin node
What's Next?
Now that you understand how ATP works technically:
- Trust Model — What ATP guarantees (and what it doesn't)
- Use Cases — See real-world applications
- Quick Start — Create your first identity
- API Reference — Technical docs for developers