Patent-pending Sybil-resistant identity, capability-based delegation, and NIST Level 5 cryptography — built for enterprise buyers who cannot ship a token, cannot wait on the post-quantum migration, and cannot treat AI agents as second-class in their identity stack.
Enterprise identity was designed for humans and service accounts. The substrate underneath it — PKI, TLS, the broader web trust infrastructure — was designed before quantum computing was credible, before AI agents were autonomous, and before the Sybil problem became a day-to-day concern for platform operators. Any one of these gaps would be a migration. Together they compound into a rebuild.
Regulators in finance, defense, health, and energy have PQ migration timelines on the board. Classical elliptic-curve primitives in identity, transport, and messaging layers have to be replaced. Retrofitting an existing stack is a multi-year program; starting PQ-native is a procurement line item.
Enterprises are deploying fleets of autonomous agents with credentials, API keys, and delegated authority. Existing IAM (Okta, Auth0, Azure AD, workload identity) was built for humans and service principals. Nothing in the stack treats an agent as a first-class participant with its own delegation chain and abuse signals.
Decentralized messaging, agent marketplaces, consortium networks, and cross-organization data exchanges all inherit the same assumption: identities are free to create. Existing defenses demand either trusted identity verification (expensive, slow, privacy-hostile) or proof-of-resource (energy, capital, regulatory exposure).
Disentangle is a cryptographic platform. Identity, delegation, consensus, and transport are unified under one data structure — the transaction DAG — and one set of post-quantum primitives. The same geometric signal that detects Sybil attacks also drives capability misuse detection, rate limiting, and governance weighting. No component is bolted on; each layer is derivable from the same patents.
Humans and machine agents share a substrate. Identities register on-chain as did:disentangle:* with capability trees that support delegation, revocation, and curvature-based misuse detection. Five coherence tiers (Observer through Steward) gate membership in sensitive groups without asking for a government ID.
Instead of proof-of-work or proof-of-stake, each identity accumulates topological mass through genuine participation in the transaction graph. Discrete curvature on neighborhood overlap throttles adversarial clusters by up to 99 percent — even a five-to-one attacker ratio yields only ~7 percent of honest mass.
ML-KEM-1024 key encapsulation, ML-DSA-87 signatures, SHA3-256 hashing throughout the stack — FIPS 203 / 204 / 202, NIST Level 5. A hybrid mode lets deployments interoperate with existing classical-crypto systems during migration without breaking the PQ guarantees in the critical path.
Four surfaces where Disentangle replaces a missing primitive, not a working one. Each is a category where the incumbents cannot close the gap without either adding a token (regulatory problem) or adding a trusted authority (centralization problem). We have concrete integration analyses for each. The Marmot case study, linked below, is the one we would walk you through first.
Modern E2EE messaging (MLS RFC 9420, Signal, Nostr-transport systems like Marmot) has no Sybil resistance and no post-quantum story. Finance, legal, health, and defense cannot deploy a messenger where any actor can mint unlimited identities and where a harvest-now-decrypt-later attack sits on the key exchange.
Disentangle closes both gaps on one substrate. Identities carry a topological-mass attestation; the MLS ciphersuite swaps to ML-DSA-87 plus ML-KEM-1024. Backward-compatible with existing deployments.
Read the Marmot integration case study →The did:agi:* identity namespace treats autonomous agents as first-class participants under the same cryptographic rules as humans. Capability-based delegation with curvature-derived misuse detection gives platform operators a structural audit signal instead of hand-rolled log analysis.
Grant, limit, and revoke agent authority with cryptographic primitives. When a delegate's behavior stops integrating coherently with its delegator's neighborhood, the delegation edge develops negative curvature — detectable abuse, not a post-hoc investigation.
Discuss a pilot →Consortium networks (HIE, clearing houses, settlement networks, supply-chain attestation) require Sybil-resistant membership, fine-grained capability delegation, and the guarantee that no single member can dominate governance. Existing federation platforms bolt these properties on with out-of-band agreements and manual audit; we provide them as cryptographic primitives.
Coherence-weighted governance means a capture attempt has to structurally resemble the honest majority of the network. There is no whale-buy path. This is the property consortiums are literally formed to guarantee.
Discuss a pilot →Enterprises are about to operate fleets of LLM agents with real credentials. Human-era IAM treats these as service principals; that abstraction breaks the moment agents delegate, sub-delegate, or are themselves targets of social-engineering analogues. Disentangle gives every agent a DID, a verifiable delegation chain, and a rate-limit-by-reputation primitive out of the box.
Positioned as "identity infrastructure for the agent workforce." Extends OIDC and SAML rather than replacing them; the DID layer is additive to existing enterprise directories.
Discuss a pilot →Because our customers cannot buy one. The absence of a token is not an aesthetic choice or an ideological stance; it is the precondition for selling into regulated environments, for forecasting enterprise revenue, and for keeping the trust signal uncorrupted by capital markets. Five reasons, in the order an enterprise procurement team will ask them.
A native asset creates a security-law question in every jurisdiction a customer operates in. Banking, defense, health, and energy procurement teams cannot purchase a product whose primitive is a crypto asset. Removing the token removes the question entirely — the substrate is software, licensed by seat or deployment, like any other enterprise platform.
Our commercial model is standard enterprise software licensing, tied to the patent-pending IP rather than to a circulating asset. Revenue is deterministic and forecastable. Procurement teams already know how to buy this; board members already know how to evaluate it. There is no coin price on a balance sheet, no market-making question, no custody problem.
Topological mass is computed from the geometry of participation — who introduced whom, which transactions reference which parents, how tightly an identity integrates with the honest network. It is not purchasable: buying mass would require coordinating thousands of honest participants into genuine integration, which is the opposite of a Sybil attack. The trust metric cannot be financialized.
Governance weight equals topological mass. Manufacturing governance weight requires genuine structural integration with the majority of the honest network — a capture attempt has to look structurally like the honest majority. There is no whale-buy path to control. For consortium deployments, this is the load-bearing property.
Existing enterprise identity systems (OIDC, SAML, PKI, MLS, Nostr, workload identity) are extended, not replaced. Customers never have to custody keys at a new asset class, never have to explain a token on a balance sheet, never have to brief their board on a coin. The PQ migration is a crypto library swap with an additional identity primitive, not a new ecosystem.
The platform is built on four distinct, independently defensible provisional patent filings under Larsen James Close (QuantumEdge LLC) — three core-primitive inventions plus a nine-aspect portfolio of commercial and enterprise deployment methods. The provisional period closes the non-provisional filing window between approximately January and April 2027 — an investable timeline for converting the portfolio into issued patents, and the core of the commercial moat.
Discrete curvature metrics on transaction graphs as a primitive for detecting and throttling adversarial clusters. Topological mass for deterministic conflict resolution without leader election.
Unified identity, authority, and value measurement under curvature metrics on identity, introduction, and delegation subgraphs. DIDs with topological trust weighting and petname trust chains.
Epoch boundaries, confirmation criteria, and security activation thresholds derived from intrinsic topological properties of the transaction graph — without external clocks, timestamps, or coordinated block heights.
Nine aspects covering permissioned-consortium deployment, hosted coherence-as-a-service APIs, enterprise identity bridging, post-quantum messaging, structural compliance attestations, agent runtime sandboxing, mass-attested GitOps bootstrap, and heterogeneous post-quantum secure connectivity with capability-scoped transport.
The protocol, SDKs, deployment tooling, and post-quantum mesh networking are all implemented, tested, and running. Every repository has CI; every repository has tests; dependency updates auto-merge when the full suite passes. The reference deployment runs on Oracle Always Free — a cluster can be stood up end-to-end with one config file.
Two peer-reviewable papers published on Zenodo with DOIs. The protocol source, deployment stack, and the full Marmot integration analysis are available for review under NDA — or for technical audiences, directly on GitHub and the technical page.
If your platform has an identity problem, a post-quantum deadline, or an agent-coordination surface that existing IAM cannot cover, we would like to talk. Pilots are scoped as 60-to-90-day engagements with a concrete integration target. We are currently prioritizing conversations with regulated-industry operators, consortium leads, and agent-platform founders.