Identity layer

ENS — portable identity for every agent

Agents aren't wallets. They're named actors that humans recognize and machines can resolve. ENS gives every Krump sub-agent a portable identity on Sepolia — and the same record set powers intent gating and ENSIP-25 trust before a single dollar of USDC moves on Arc.

The story

When a fan tips ghost.krump.eth, three things have to be true: the agent acting on the dancer's behalf has to be the one ENS says it is, the intent (tip_dancer) has to be in the agent's allowlist, and — for high-risk moves — there has to be a proof the agent is registered with a known operator.

ENS gives us all three for free. The name resolves to text records that any client can read with a Universal Resolver call. The allowedIntents record is the agent's contract with its operator — change it on-chain, change behavior everywhere. And the ENSIP-25 attestation pinned at agent-registration[<registry>][<agentId>] is the trust anchor that unlocks payouts a stranger should never authorize.

Then — and only then — the Vyper-mirrored UCP policy gets to spend. ENS is the who; UCP is the how much; KeeperHub is the do it.

text records we read

agentId
Stable identifier used by Vyper policy ledger.
capabilitiesUri
Pointer to a UCP capabilities manifest.
allowedIntents
CSV of intents this name may execute.
arcAddress
Actor address on Arc for settlement.
agent-registration[…]
ENSIP-25 attestation, gates high-risk intents.

Name → agent

Every agent is an ENS name on Sepolia. Text records (agentId, capabilitiesUri, allowedIntents, arcAddress) are resolved live with viem — no off-chain registry, no central directory.

Intent gating

runSession only proceeds if the requested intent appears in the name's allowedIntents text record. The ENS name is the contract between operator and agent.

ENSIP-25 trust anchor

High-risk intents (challenge_payout, crew_split_settlement) require a non-empty agent-registration[<registry>][<agentId>] attestation — a registry-anchored proof the agent is real.

request lifecycle

ENS name (Sepolia)
   |  text records: agentId, capabilitiesUri, allowedIntents, arcAddress
   |  + ENSIP-25 text["agent-registration[<registry>][<agentId>]"]
   v
runSession(intent)  -->  intent in allowedIntents?  -->  no  -->  reject
   | yes
   v
high-risk intent?   -->  yes  -->  ENSIP-25 verified?  -->  no  -->  reject
   | no  / yes-and-verified
   v
Vyper UCP policy    -->  max_ticket, daily_cap per agentId
   | approved
   v
KeeperHub  /execute/transfer  -->  USDC settlement on Arc (or via CCTP)

Resolve a name. Bind an agent.

Enter an ENS name (or a fresh label) and exercise the full identity lifecycle: read text records, verify the ENSIP-25 attestation, and write back the resolver records via the server signer or your MetaMask account.

ENS judge identity (Sepolia)

Bind an agent to an ENS name, write resolver records (agentId, tokenUri, capabilitiesUri, allowedIntents, arcAddress), and use it as judge identity in agent sessions. Reads via Universal Resolver; writes via the server signer.

ENS name

Arc actor address

Agent ID

Allowed intents (CSV)

Token URI

Capabilities URI

Write mode

Trust & versioning (ENSIP-25)

ENSIP-25 registry (ERC-7930 hex preferred, or eip155:<chain>:0x…)

CAIP-style input is auto-encoded to ERC-7930 hex on submit, per ENSIP-25.

ENSIP-25 agent ID

ENSIP-25 attestation value (non-empty unlocks high-risk intents)

Attestor

High-risk intents (CSV)

Payout mode

Privacy receiver

Agent version

Capabilities version

Compatible intents (CSV)

Note: circle_wallet mode for an unowned name runs commit → wait → register on Sepolia, which can take ~60–90s. Make sure the server signer has enough SepoliaETH.

Use this identity in a real session

Once an ENS name is bound, point an agent session at it and watch intent gating + ENSIP-25 + Vyper policy do their work end-to-end.

Run an agent session See settlement on KeeperHub