selfdriven.codes

Human Trust Infrastructure for the Age of Synthetic Reality

Establishing root trust between humans through cryptographically anchored codes delivered by distributed human courier networks — outside the compromised digital channels of the synthetic intelligence era.


Publisher	selfdriven Institute
Series	Trust Infrastructure · Vol. 1
Version	0.1 (Draft for Discussion)
Issued	Sydney · May 2026
Classification	Public
Reference	`SDI-TI-2026-001`

Executive Summary
The Trust Crisis
Theoretical Foundations
The selfdriven.codes Proposal
Architecture: Six Layers of Trust
The Human Courier Network
Delivery Models
Canonical Scenario
Governance and Accountability
Strategic Implications
Conclusion
References

Executive Summary

Artificial intelligence has fundamentally altered the conditions under which humans establish trust. Voices can be cloned from three seconds of audio. Faces can be synthesised in real time. Writing styles can be replicated, meetings spoofed, and entire conversational identities maintained autonomously at industrial scale. Every assumption upon which the modern internet was built — that channels were difficult to fake, that identity theft was expensive, and that human deception did not scale — is now invalid.

The consequence is civilisational. If humans cannot reliably determine who they are communicating with, whether instructions are authentic, or whether approvals are legitimate, institutions destabilise, financial systems become vulnerable, and the social trust that underwrites coordination collapses.

Trust cannot be established entirely within compromised environments.

This paper proposes selfdriven.codes — a trust infrastructure service that generates unique, human-readable trust codes, cryptographically binds them to identities and sessions, and delivers them through a distributed network of trusted human couriers. The codes themselves are not the trust. The trust emerges from:

the independence of the delivery pathway,
the continuity of the human couriers,
and the cryptographic anchoring that binds every step to an append-only audit trail.

selfdriven.codes combines five primitives into a single coherent stack:

Cryptographic anchoring through KERI Autonomous Identifiers and ACDC credentials
Human-readable code formats designed for verbal exchange in three seconds
Out-of-band delivery through independent human courier networks
Compositional trust paths that converge from multiple independent channels
Governance-grade audit trails recorded as append-only KERI interaction events

The paper synthesises two earlier selfdriven Institute position papers — Out-of-Band Human Trust Establishment in the Age of Synthetic Reality and Human Courier Networks for Root Trust Delivery — into a single architectural and strategic document. It establishes selfdriven.codes as the trust layer of the selfdriven Foundation ecosystem and the foundation on which subsequent verticals — banking, health, professional services, governance — depend.

The thesis is direct:

In the intelligence era, human trust becomes infrastructure.

The Trust Crisis

Collapsing Assumptions

For most of the internet era, humans operated on assumptions that have become unreliable within the span of a single product cycle:

the email looked legitimate,
the voice sounded like them,
the video appeared real,
the LinkedIn profile existed,
and the message came from the correct account.

None of these assumptions can now be safely held.

Modern artificial intelligence systems can:

clone voices from seconds of audio,
generate synthetic video indistinguishable from genuine footage,
simulate writing style with persistence,
operate autonomous social engineering campaigns,
maintain persistent conversational identities,
create convincing fake websites and domains,
and automate phishing at industrial scale.

The internet is entering an era in which pixels are no longer proof, interfaces are no longer trust, and identity can no longer be visually inferred.

The Four Vectors of Collapse

The crisis manifests across four distinct vectors, each independently sufficient to undermine traditional trust assumptions, and which together produce a compounding failure of the digital trust commons.

Vector	Description
Voices cloned	Three seconds of audio is sufficient. CEO fraud, family extortion, and live impersonation now operate at industrial scale and with negligible marginal cost.
Faces synthesised	Real-time face swap in live video, persistent synthetic identities across platforms, and convincing biometric replays render visual recognition unreliable.
Channels spoofed	Email, SMS, chat platforms, meeting invitations, and websites can all be convincingly impersonated. Channel trust itself has become a liability.
Deception autonomous	Social engineering campaigns now run continuously, adapt in real time, and require no human attacker. The economics of deception have inverted.

The Civilisational Stakes

The consequences extend far beyond individual fraud.

If institutions cannot verify that instructions originate from authorised humans, governance weakens.
If financial systems cannot establish that authorisations are genuine, capital flows become vulnerable.
If communities cannot determine which interactions are with their members and which with synthetic entities, the social fabric thins.

This is not a problem that can be solved with stronger passwords, better filters, or more sophisticated authentication challenges within the same compromised channels. The principle is well-established in secure systems engineering:

Trust cannot be established entirely within compromised environments.

Banking systems use out-of-band verification. Military systems use independent communication channels. Nuclear command systems use dual control. Secure hardware uses physically isolated roots of trust. Human communication now requires the same architectural commitment.

Theoretical Foundations

Root of Trust

In cybersecurity, a Root of Trust is the foundational trusted element from which all other trust is derived. In hardware systems this may be:

a secure enclave,
a cryptographic key embedded in silicon,
a hardware security module,
or a tamper-resistant component.

The defining property is that the root cannot itself be compromised by anything reasoning entirely from within the system it anchors.

Human systems also require a root of trust. Historically, human root trust came from physical presence, social reputation, geography, institutional membership, or established networks of personal relationship. Digital systems weakened these anchors by abstracting away physical and social continuity. Artificial intelligence systems threaten to eliminate them entirely by impersonating the surface signals on which they depended.

The architectural question for the next decade is therefore how to reconstruct a human root of trust that is both compatible with digital infrastructure and resistant to the failure modes of compromised digital channels.

Out-of-Band Verification

Out-of-band authentication refers to establishing trust using a communication channel separate from the primary interaction channel. The principle is widely applied:

SMS confirmation for banking transactions,
QR-code device pairing,
hardware token confirmation,
NFC tap pairing,
and Bluetooth secure pairing.

The core insight is that if one channel is compromised, trust can still be established through an independent channel.

This principle becomes critically important in human-to-human interactions when the primary channels — email, voice, video — are themselves no longer trustworthy. The out-of-band channel must be independent not only in its routing, but in its underlying mechanism for resisting impersonation.

A second email channel is no improvement on the first. A human courier walking across a city is.

Human Pairing

Human trust establishment in the synthetic reality era increasingly resembles secure device pairing. Modern secure pairing systems:

exchange temporary secrets,
validate proximity,
verify authenticity,
and establish encrypted trust channels.

Humans now require equivalent mechanisms, optimised for usability and verbal exchange rather than machine-to-machine signalling.

A future interaction of this kind proceeds in stages:

A person initiates communication digitally.
The recipient does not trust the channel.
A secondary trust path is established.
Both parties exchange a short unique code.
The code confirms identity continuity, intent continuity, and session authenticity.

This is, in effect, human cryptographic pairing — optimised for spoken language and human memory rather than machine-readable payloads.

Trust Through Friction

The modern internet was optimised for speed, convenience, and instant interaction. High-trust systems require the opposite. They demand intentionality, verification, and controlled friction. The friction is not a defect to be removed but a feature that preserves the very property — verifiable trust — that the system exists to provide.

Trust-preserving friction is not inefficiency. It is the structural condition under which trust survives contact with adversarial intelligence.

The architecture proposed in this paper introduces friction deliberately and minimally. It introduces friction only where the alternative is the loss of verifiability altogether — and it does so through mechanisms that humans intuitively understand: speaking a phrase, receiving a courier, confirming a delivery.

The selfdriven.codes Proposal

Core Concept

selfdriven.codes is a trust infrastructure service that performs four functions:

It generates unique trust-establishment codes.
It cryptographically binds those codes to verified identities, sessions, or interactions.
It delivers the codes through trusted human courier pathways.
It enables humans to establish root trust independently of the primary communication channels they would otherwise rely on.

The platform operates as a human trust orchestration layer — sitting above cryptography but below social interaction — designed for high-trust exchanges in low-trust digital environments.

The Code Is Not the Trust

A critical conceptual point requires emphasis. The code itself is not valuable. A phrase such as ORBIT-LANTERN-482 conveys no information of consequence in isolation. The trust emerges from four properties that surround the code:

who generated it,
how it was transported,
who delivered it,
and the independence of the delivery pathway from the channel being verified.

This mirrors well-established patterns in diplomatic pouch systems, military courier networks, historical messenger services, and trusted physical key exchange ceremonies. In each case, the artefact carries minimal cryptographic weight. The weight is borne by the integrity of the path.

Code Format

selfdriven.codes are designed for verbal exchange. The default format is a three-token phrase: an adjective, a noun, and a two- or three-digit number. The word list is curated for distinctness, pronounceability, and the absence of homophones.


`EMBER-RIVER-91`	`ORBIT-LANTERN-482`	`SOLAR-FOREST-229`
`AURORA-HARBOR-17`	`DELTA-COMPASS-803`	`MERIDIAN-ANCHOR-44`

An alphanumeric variant is available where verbal exchange is not the primary mode. It uses a Crockford-style ambiguity-free character set, omitting the letters I and O and the digits 0 and 1 to eliminate transcription error.

Code Properties

Every selfdriven.code satisfies seven properties simultaneously.

Property	Function
Human-readable	Easy verbal exchange. Three seconds to read aloud, three seconds to repeat back.
Short-lived	Default time-to-live of five minutes. Configurable per session. Replay attacks expire structurally.
Contextual	Bound to a specific session SAID, a particular interaction, or a defined approval scope.
Out-of-band	Never travels through the same channel as the request it verifies. This is a structural property of the system, not a configuration option.
Memorable	Distinct enough to read aloud once without ambiguity. The word list excludes homophones and similar-sounding pairs.
Rotatable	Continuous trust renewal is supported. Rotation invalidates the previous code via a KERI interaction event.
Decentralised	Codes are bound to KERI Autonomous Identifiers. No central authority is required to issue, verify, or revoke.

Architecture: Six Layers of Trust

selfdriven.codes is not a single product. It is a trust orchestration stack composed of six interdependent layers, each contributing a property the others cannot supply on their own. The architecture is intentionally compositional: removing any one layer degrades the trust guarantees of the whole.

#	Layer	Function
01	Cryptographic	Code generation, session SAID binding, signature integrity. Every code is deterministically derived from a session identifier and signed by the issuer’s KERI AID.
02	Identity	KERI Autonomous Identifiers and ACDC role credentials. Identity continuity is maintained through inception, rotation, interaction, and delegation events recorded in append-only key event logs.
03	Courier	Human transport and delivery. Five delivery models — physical, relay, split trust, proximity, and community — provide topology-appropriate independent pathways.
04	Reputation	Courier trust scoring and validation. Reputation accumulates through verifiable interaction histories and is anchored to Cardano for tamper-evident long-term continuity.
05	Session	Temporary interaction trust. A session SAID binds a code to a specific request, decision, or approval. Replay across sessions is structurally impossible.
06	Governance	Rules, auditability, and delegation. Every step is recorded as an interaction event in the KEL. Audit trails are append-only, witnessed, and independently verifiable by all parties.

Compositional Trust

The trust guarantee of the system as a whole is not the sum of its layers but their composition.

The cryptographic layer cannot anchor identity without the KERI identity layer.
The session layer cannot bind context without the cryptographic layer beneath it.
The courier layer cannot deliver verifiable trust without the reputation layer attesting to courier integrity.
The governance layer cannot adjudicate without the append-only event logs maintained by every layer below it.

This compositional structure mirrors the layered model of secure communication protocols, but applied to human-mediated trust rather than packet-mediated communication. Each layer assumes the integrity of the layer below and provides a property the layer above depends on.

The Human Courier Network

Why Human Couriers

Artificial intelligence can compromise email, SMS, video, websites, chat platforms, and voice systems. Physical and social human continuity remains significantly harder to compromise at scale. A trusted courier network introduces four forms of continuity simultaneously:

physical,
social,
geographic,
and contextual.

Together these produce a higher-assurance trust pathway than any digital channel can offer in isolation.

The courier is not merely a delivery mechanism. The courier is a living trust bridge between two humans, carrying with them the cumulative weight of their reputation, their credentials, and the verifiable history of their prior deliveries. The courier’s identity, like that of the principals, is anchored to a KERI AID with an ACDC role credential. The delivery itself is an event in the courier’s key event log, attested by the recipient and witnessed by the network.

Four Courier Types

Code	Type	Description
`COURIER · 01`	Community Members	Verified neighbourhood participants with established local reputation and KERI-anchored identity histories. Operate in geographic proximity to the recipient.
`COURIER · 02`	Licensed Professionals	Notaries, solicitors, accountants, and accredited agents holding ACDC professional credentials, often anchored to GLEIF vLEI for cross-jurisdictional recognition.
`COURIER · 03`	Governance Participants	Members of validated trust networks with cryptographic attestations from network governance bodies and rotating operational trust identities.
`COURIER · 04`	Organisation Representatives	Designated trust officers operating under KERI-delegated AIDs with scoped, time-limited authority. Common in enterprise and institutional deployments.

Asymmetry Against Attackers

Human courier networks impose costs on attackers that digital systems cannot.

A synthetic identity can be instantiated in milliseconds and replicated across thousands of channels at negligible cost.
A trusted human courier cannot.
Acquiring a courier’s credentials requires either compromising the courier — a physical and social undertaking that does not scale autonomously — or fabricating an entire courier history, which leaves verifiable absence from the courier’s expected interaction graph.

This asymmetry is the architectural value of the courier layer. It is not that the courier network is unbreachable. It is that breaching it requires resources, time, and physical presence that autonomous deception systems cannot economically deploy.

Trust Graphs

Over time, courier networks accumulate into decentralised trust graphs: webs of reputation, localised trust communities, and verifiable interaction histories. Examples include:

neighbourhood trust couriers serving local communities,
enterprise trust officers operating within institutional boundaries,
inter-government trust pathways for diplomatic communications,
and sector-specific trust networks in health, education, and law.

Trust becomes compositional, layered, and community-anchored — recovering properties that the abstract internet has been steadily eroding for two decades.

Delivery Models

No two interactions require the same trust path. selfdriven.codes supports five delivery models, calibrated to the stakes of the interaction and the topology of the parties involved. Each model is a structural variant of the principle that trust must travel independently from the request it verifies.

Model	Characteristics
Physical	The courier physically provides the code in person. The highest-assurance pathway. Reserved for transactions where the cost of physical delivery is small relative to the stakes.
Relay	The code is transferred through a chain of trusted intermediaries, each verifying the previous link. Suitable for geographically distributed parties where direct physical delivery is impractical.
Split trust	Multiple couriers deliver fragments of a trust sequence. No single courier holds the complete code. Compromising the delivery requires colluding across an independent set of couriers.
Proximity	Codes are exchanged only within defined geographic boundaries. Geofenced trust. Used in localised institutional settings such as hospitals, embassies, or trading floors.
Community	Trusted local organisations — credit unions, professional associations, neighbourhood institutions — act as delivery nodes. Trust is mediated through institutional standing.

The selection of model is itself a recorded event. The choice to escalate to physical delivery, or to fall back to community delivery, is logged as an interaction event in the dispatch KEL — preserving an audit trail not only of the trust establishment but of the decisions made about how to establish it.

Canonical Scenario

The canonical illustration of the selfdriven.codes architecture is an executive payment-approval flow. A chief financial officer receives an apparently urgent payment request from the chief executive. Every primary channel — the original email, the follow-up voice call, the prior message thread — can in the synthetic reality era be convincingly impersonated. The scenario below traces how root trust is re-established between the two humans before any meaningful action occurs.

#	Event	Channel
1	An urgent email requesting a $2.4M wire transfer arrives, apparently from the CEO. Signature, tone, and prior thread context are all convincing.	`Email · Suspect`
2	The CFO calls back on the expected number and reaches an apparent CEO. The voice matches perfectly. In the AI era, this is no longer sufficient evidence.	`Voice · Suspect`
3	The CFO requests a fresh selfdriven.code. The CEO’s verified KERI AID generates a session-bound code, anchored to an ACDC credential and witnessed by the network.	`KERI · ACDC`
4	The code `EMBER-RIVER-91` is dispatched through an independent human courier — a community-verified delegate physically delivers the phrase via a parallel channel.	`Courier · Out-of-band`
5	The CFO validates the courier-delivered code against the session SAID. The match is cryptographically verifiable. Identity continuity is confirmed across two independent pathways.	`SAID · Verified`
6	Only now does the CFO proceed. Every step is logged as a KERI interaction event in the append-only key event log — an immutable audit trail of the trust establishment itself.	`Root trust ✓`

The scenario illustrates four properties of the system in operation:

The suspect channels are not rejected — they are simply not relied upon for trust.
The trust establishment is concurrent with the original request rather than blocking it; the courier dispatches in parallel.
Every step produces a verifiable artefact — a SAID, an ixn event, a courier attestation — so that the audit trail is built from the trust establishment itself rather than reconstructed afterwards.
The human courier provides the asymmetric property that no amount of synthetic intelligence applied to the digital channels can match.

Governance and Accountability

The Eight Areas of Focus

selfdriven.codes is governed according to the eight Areas of Focus framework adopted across the selfdriven Foundation ecosystem. Each area is led by a human conductor who orchestrates AI agents operating under KERI-delegated AIDs with scoped, time-limited authority. The conductor handles strategy, judgement, relationships, and accountability; the agents handle volume, consistency, monitoring, and reporting.

#	Area	Context within selfdriven.codes
01	Direction	Trust primitive strategy, courier network expansion roadmap, jurisdictional priorities.
02	Engagement	Courier onboarding, trust community building, institutional partnerships with banks, governments, and professional bodies.
03	Enablement	Courier training, integration SDKs, verification ritual education for institutional clients.
04	Protocols	KERI and ACDC integration, code format standards, courier credential schemas, interoperability with vLEI.
05	Sustainability	Courier compensation model, transaction-based revenue, network economics, long-term viability of the trust commons.
06	Processes	Code generation workflows, dispatch operations, verification ceremonies, incident management.
07	Accountability	Append-only KEL audit trails, courier reputation governance, dispute resolution, transparency reporting.
08	Organisational	Distributed courier governance, regional trust officer structure, decentralised operations.

Human Decision Points

Certain operations are reserved for human conductor authority and cannot be delegated to autonomous agents. These include:

the assignment of couriers to diplomatic-tier deliveries,
the resolution of disputes,
the adjustment of reputation thresholds,
the evolution of credential schemas,
and the establishment of policy for new delivery models.

The list is short by design. The principle is that decisions which redefine the trust commons must be made by humans operating with full accountability.

Audit and Compliance

Every operation across the selfdriven.codes stack produces a verifiable artefact. Code generation, rotation, dispatch, delivery, verification, and attestation are all recorded as KERI interaction events in append-only key event logs, witnessed across the network, and anchored periodically to Cardano for tamper-evident long-term continuity. The compliance posture is designed to align with:

ISO 27001:2022 controls,
the Australian Privacy Act,
APRA CPS 234 where integrated with regulated financial entities,
and equivalent frameworks in other jurisdictions.

Strategic Implications

From Pixels to Proofs

The internet was built on visual trust. The next internet is being built on verifiable trust. selfdriven.codes is the human-friendly bridge between them — preserving the verbal, social, and ceremonial properties of human trust while anchoring them in cryptographic infrastructure that is independent of the channels under attack.

Dimension	Old internet	Emerging internet
Visual	Looks real	Can be verified
Email	Channel trust	Proof trust
Identity	Username trust	KERI AID continuity
Interface	Visual recognition	Cryptographic verification
Trust path	Single channel	Independent + human
Friction	Frictionless = good	Trust-preserving friction

Sector Applications

Six application domains are immediate.

Financial institutions require out-of-band verification for high-value transactions and executive authorisations. selfdriven.codes integrates with selfdriven.money and equivalent banking infrastructure to provide transaction-level human trust at the points where institutional risk concentrates.
Government and diplomatic communications require trust pathways independent of email and telephony. The courier network model recovers properties of historical diplomatic infrastructure within a digitally compatible system.
Healthcare requires verified human authority for consent, prescription, and clinical decisions. selfdriven.health applications anchor critical clinical decisions to selfdriven.codes verifications.
Professional services require verified identity for legal advice, accounting attestations, and notarial acts. Licensed professional couriers are the natural courier type for these deliveries.
Enterprise operations require executive-grade communication continuity, particularly for finance, legal, and human resources functions where impersonation costs concentrate.
Emergency civil coordination requires disaster-resistant trust establishment. The courier network provides continuity precisely when digital infrastructure is degraded.

Position Within the selfdriven Ecosystem

selfdriven.codes is the trust orchestration layer of the selfdriven Foundation. It sits beneath the application verticals — banking, health, professional services, governance — and provides the trust primitive on which their high-stakes operations depend.

The relationship is architectural, not commercial: selfdriven.money does not consume selfdriven.codes as a vendor product. They are layers of a single cooperative stack:

each governed under the same eight Areas of Focus,
each anchored to the same KERI/ACDC trust infrastructure,
each accountable to the same Foundation.

Conclusion

The age of synthetic intelligence does not merely change how trust is established. It changes the conditions under which trust can exist at all.

When voices can be cloned, faces synthesised, channels spoofed, and deception scaled autonomously, every assumption on which the abstract internet was built becomes suspect. The response cannot be stronger passwords, better filters, or more sophisticated authentication challenges within the same compromised pathways.

The response must be architectural.

selfdriven.codes proposes one such architecture. It reintroduces the human courier — the diplomatic envoy, the trusted messenger, the institutional witness — as a primitive of digital trust infrastructure. It pairs this human layer with:

cryptographic anchoring through KERI and ACDC,
append-only audit trails,
decentralised identity continuity,
and a code format optimised for verbal exchange and human memory.

It frames trust establishment as a ritual rather than a transaction — intentional, witnessed, ceremonial — and treats friction not as a defect to be removed but as a property to be preserved.

The historical lineage is long. Seals, signatures, passports, ceremonies, envoys, witnesses, and physical exchange have all existed to establish trust continuity across institutional and geographic distance. Digital systems abstracted these mechanisms away in pursuit of frictionless interaction. Artificial intelligence is forcing their return. selfdriven.codes is the digital evolution of that lineage — not as bureaucracy, but as lightweight, human, cryptographically anchored ritual.

Trust delivered by humans, verified by cryptography, outside compromised systems.

The thesis of this paper is straightforward.

In a world where seeing is no longer believing, hearing is no longer believing, and even interacting is no longer believing, trust must become:

intentional,
explicit,
layered,
and independently verifiable.

It must travel through pathways that adversarial intelligence cannot economically reproduce. It must be anchored to identities that cannot be forged and recorded in logs that cannot be rewritten. It must be borne by humans who carry the cumulative weight of their reputation, their credentials, and their place in a network that long predates any individual delivery.

This is what selfdriven.codes proposes to build.

This is what the selfdriven Foundation exists to make operational.

And this is the architectural commitment that follows from a single, unavoidable observation about the era we have entered: