FR EN

Unlinkability

Company-side and citizen-side records are indexed separately and cannot be trivially joined through Agreely. This protects the link between a citizen's DID and a company's customer reference: neither Agreely, nor a leak of one side, can stitch the two graphs back together. This is not a policy promise; it falls out of how the two sides are keyed.

The precise boundary

Unlinkability is a specific property, and overclaiming it would be dishonest.

What unlinkability does and does not do

Unlinkability protects the citizen-DID-to-company-customer correlation: it stops Agreely, or a leak of one side, from joining a person's DID to a company's customer record. It does not hide the company's own customer_id from the company itself. The company already knows its own customers; Agreely does not, and cannot, change that. Agreely is not an anonymity system, and it does not claim the person is anonymous to the company they transact with.

Next

  • Privacy and erasure: how the same property lets erasure keep proof while destroying the readable claim.
  • Honest boundaries: the full honesty posture, including what is and is not written on-chain.
  • The protocol for the DID and commitment construction.