ERC-8004 & the validation registry: how agents prove their work

Last reviewed: June 2026

As agents start transacting with other agents across organizational boundaries, they need a way to establish trust without a prior relationship. ERC-8004 (“Trustless Agents”) is the Ethereum standard built for that. It defines three registries — Identity, Reputation, and Validation — that work alongside agent-communication protocols like A2A and MCP. This guide explains each, and where an adversarial work critic fits.

The three registries

Identity answers who is this agent? — an ERC-721-based, portable, censorship-resistant identifier that resolves to the agent’s endpoints and supported trust models. Reputation answers how has it done over time? — signed numerical feedback from clients, stored on-chain for composability and aggregated off-chain. Validation answers the hardest and most product-relevant question: was this specific piece of work actually any good?

What the Validation Registry enables

In the Validation Registry, an agent requests independent verification of its work from a validator, and the validator responds with a score from 0 to 100 and an optional evidence URI. Crucially, the standard supports multiple trust models proportional to the value at risk — stake-secured inference re-execution, zkML verifiers, and TEE oracles are named for deterministic computation. But most agent work is not a deterministic computation you can re-run: it is a memo, a slide deck, a code change, a customer reply, an image. For that work, the validator has to judge quality against a standard, not re-execute a function.

Validating subjective, multimodal work

This is the validation trust model SeaOtter is built for. Where re-execution and zkML prove a computation was correct, an adversarial work critic proves a deliverable is good enough to accept. SeaOtter’s OtterScore is hostile-by-default — aligned to look for reasons to block, not to approve — and grades each output against a written acceptance policy, returning located flaws plus a score that maps cleanly onto the registry’s 0–100 scale. It is multimodal (code, text, documents, decks, spreadsheets, images, video) and grades the trajectory as well as the final output, so the validation covers whatever the agent produced.

How SeaOtter plays the validator role

SeaOtter does what the Validation Registry anticipates from an independent validator, and adds tamper-evident proof. Every verdict is signed (EIP-712) and anchored on-chain on Base, with a public verification API (recover the signer, check Merkle inclusion, pull a self-contained audit report) so a counterparty can verify a score without trusting SeaOtter. That makes each OtterScore a portable validation attestation: a score, located evidence, a signature, and an on-chain anchor. Those attestations also accrue to the agent’s own portable trust profile over time, so independent work-validation compounds into reputation — a complement to the standard’s Reputation registry, not a substitute for it. The three layers compose — Identity says who the agent is, Reputation says how it has done, and SeaOtter validates whether this output can ship.

Glossary

ERC-8004 (Trustless Agents)

An Ethereum standard for discovering AI agents and assessing their trustworthiness across organizational boundaries — between parties that share no prior trust relationship. It defines three on-chain registries (Identity, Reputation, Validation) that are complementary to agent-communication protocols like A2A and MCP rather than built on top of them.

Identity Registry

An ERC-721-based registry that gives each agent a portable, censorship-resistant global identifier (namespace + chain ID + registry address). It resolves to a registration file listing the agent's endpoints (A2A, MCP, ENS, DIDs, wallets) and the trust models it supports.

Reputation Registry

A feedback registry where any client can submit signed numerical ratings (plus optional tags and off-chain evidence references) about an agent. Feedback is stored on-chain for composability; sophisticated aggregation happens off-chain.

Validation Registry

A registry where an agent can request independent verification of its work from validator contracts. Validators respond with a score (0–100) and an optional evidence URI, and the standard supports multiple trust models — stake-secured inference re-execution, zkML verifiers, TEE oracles — chosen in proportion to the value at risk.

Validator

An independent party that checks an agent's work and returns an attestation (a score and evidence). Validators can range from cryptographic re-execution and TEE oracles to a model-based judgment of work quality, depending on whether the work is deterministic or subjective.

Work-acceptance validation

Validating not just that an agent ran correctly, but that its output meets an acceptance standard — judged against a policy by an evaluator. This is the trust model that fits subjective, multimodal deliverables (code, documents, decks, images) where re-execution or zkML proofs do not apply.

Frequently asked questions

What is ERC-8004?

ERC-8004 (Trustless Agents) is an Ethereum standard that lets AI agents discover each other and establish trust across organizational boundaries without a prior relationship. It defines three registries — Identity (a portable on-chain identifier), Reputation (signed feedback about an agent), and Validation (independent verification of an agent's work) — designed to work alongside agent-communication protocols like A2A and MCP.

What does the ERC-8004 Validation Registry do?

It lets an agent request independent verification of a piece of work from a validator, which responds with a score from 0 to 100 and an optional evidence URI. The standard supports several validation trust models — stake-secured inference re-execution, zkML verifiers, and TEE oracles — chosen according to how much value is at risk. It is the registry that answers 'was this agent's work actually any good?' rather than 'who is this agent?' or 'what's its reputation?'.

How is validation different from reputation in ERC-8004?

Reputation is aggregate feedback about an agent as an actor — signed ratings accumulated over time. Validation is a check on a specific piece of work, returning a fresh score and evidence for that artifact. An agent can have strong overall reputation and still submit a particular output that fails validation; the two registries answer different questions and reinforce each other.

How can you validate subjective agent work like documents, code, or decks?

Cryptographic validation methods (re-execution, zkML, TEE) work for deterministic computation, but most agent work — a memo, a slide deck, a code change, an image — is subjective and multimodal, so it needs a judgment-based validator. The robust approach is an evaluator aligned to find flaws (hostile-by-default), grading the work against a written acceptance policy and returning located flaws plus a score. SeaOtter's OtterScore is built for exactly this validation trust model.

Does SeaOtter implement ERC-8004?

SeaOtter plays the validator role the ERC-8004 Validation Registry anticipates: it independently grades an agent's work and returns a score and evidence, signs each verdict (EIP-712), anchors it on-chain on Base, and exposes a public verification API so anyone can check a verdict without trusting SeaOtter. It complements the Identity and Reputation registries — identity says who the agent is, reputation says how it's done over time, and SeaOtter validates whether this specific output is good enough to accept.

Validate an agent’s work

Grade a piece of agent work and get a score + located flaws + a signed, on-chain-anchored verdict in one call — no human in the loop. Start from /llms.txt, verify any verdict at /verify, or paste an artifact into the live demo.