Agents need to authenticate across organizational boundaries, at machine speed, without human intervention. Traditional identity infrastructure assumes someone is clicking through consent dialogs. DNTLS fills the gap.

DNTLS separates what must be immutable (identity anchors) from what must be mutable (operational data). The Spine blockchain stores cryptographic roots. Service Records store everything else—endpoints, delegations, session keys—off-chain but cryptographically bound.

Unlike all pre-existing systems, names are stored as salted hashes—you can't trivially enumerate the namespace. Four separate keys split authority: custody is separate from operations, operations from governance, governance from service updates. Each name acts as its own Certificate Authority.

Service Records are mutable—you can rotate keys, change endpoints, update delegations—without touching the blockchain. They're stored by content hash (CID) in distributed storage, and bound to the on-chain identity through the Record Key signature.

A claim is accepted only if all three conditions pass: the on-chain key exists for that identity, the signature verifies against that key, and the fetched object's hash equals the declared CID. No CA. No certificate chain. Just cryptographic proof.

Resolution is deterministic: name → on-chain record → DHT lookup → content fetch → three-part verification → connection. Agent A now knows exactly which keys to expect from Agent B. No middleman. No CA. Just protocol.

All income flows to Treasury first, then disburses on a fixed monthly cadence. Validators are rewarded by reliability metrics, not stake accumulation. Names are non-tradable—identity sticks to cryptographic continuity, not market speculation.