Name your agents once, trust them by standing.
Raw wallet and OIDC identifiers are unmemorable. H-Cert is an owner-signed directory of your agents and counterparties, anchored on Hedera as salted commitments, so a grant or a ring can target a named, attested principal in good standing instead of a bare address. The standing layer of the H-Series.
Manage your directory
Connect an EVM wallet, onboard a grantee (owner-signed), and watch your roster. Each delegation is signed as EIP-712 and anchored on chain as a salted commitment; the private label stays off chain. Revoke at any time, owner-signed.
How it works
The owner connects an EVM wallet and names a grantee: the subject identity, a claim, scopes, and a private label that never leaves your directory.
The owner signs the delegation as EIP-712 typed data. H-Cert verifies the signature against the owner before anything is stored; nothing is taken on trust.
H-Cert anchors the vouch to a Hedera topic as a salted commitment of both identities, never the raw identifier, and keeps the label and salts off chain.
A grant or a ring resolves your directory: target a principal of yours, tagged production, in good standing, instead of a bare address.
Private directory, public proof
On chain, H-Cert writes commitments, not identities. Both the owner and the subject are anchored as hash(identity, per-record salt), signed by the owner. The public verifies the signature and the integrity of the vouch but cannot read who is named. You read your full roster through an authenticated view, and hand an auditor the identity and salt to reproduce any commitment keylessly. A fresh salt per record stops anyone from correlating the same identity across vouches from the public record alone.
Anyone replaying the HCS topic sees the salted commitments and every signed vouch and revocation, enough to verify each is owner-signed and intact, never the identities.
You read the resolved roster off chain. To prove a vouch to an auditor, disclose the identity and its salt; the auditor recomputes the commitment and matches it against the on-chain record, with no H-Cert secret involved.
The claim
A delegation says what kind of vouch you are making about the subject, valid for the scopes you set (empty means all).
operated-by the subject is operated by you (your own agent or service) trusted you vouch for the subject as a trusted counterparty Standing
Alongside the vouch, H-Cert joins a behavior-backed standing for the subject, computed from how it has acted across the ecosystem. Consumers gate on it; anything other than trusted is a safe default.
trusted strong, consistent behavior across the ecosystem watch admitted but watched; consumers may treat as usable with a flag unrated not enough signal yet; the safe neutral default suspended auto-demoted, reversible; access withheld revoked terminal; the vouch no longer holds Use it across the suite
A delegation is a public primitive. H-Grant uses your directory as the grantee picker and a baseline posture: build a grant against a named principal and gate release on its standing. H-Pact can admit by attestation. Any service can resolve a vouch by replaying the topic and checking the commitment and signature, advisory, never enforced by H-Cert itself.
What H-Cert is not
H-Cert issues standing and attestations; it never blocks a call. Each consumer decides what a tier or a vouch means at its own trust boundary. The signal informs; the consumer enforces.
v1 accepts eip155 (EVM) owners signing the delegation EIP-712. The other wallet namespaces and the OIDC owner bridge are wired to fail closed until they are enabled.
A vouch says whose agent this is and how it has behaved, not who the human behind it is. H-Cert is not KYC; bring an external badge where real-world identity is required.