The 3 A.M. Problem
It's 3:14 a.m. Your autonomous coding agent pings you — well, it pings your ops dashboard. A counterparty it found through a discovery endpoint has offered to translate a client's contract into Mandarin for $0.40, payable in USDT0 on X Layer. Settlement is supposed to be instant. The counterparty claims it has handled 12,000 translations, sports an ENS name, and was referred by an agent your agent "knows." Your agent has about four seconds to decide.
This is what the AI agent trust deficit looks like in practice: a job arrives, the clock is ticking, and there is no fast, machine-callable way to confirm whether the other side is who it says it is. The gap between "an agent on the internet wants to transact with me" and "an agent I can safely transact with" is exactly the gap EVIDIQ exists to close.
What is the AI agent trust deficit? An AI agent trust deficit is the lack of a fast, machine-callable way for an autonomous agent to verify a counterparty's identity, declared capabilities, and reputation before paying them. EVIDIQ closes this gap by returning a deterministic 0-100 trust score with an explicit proceed, proceed_with_escrow, caution, or do_not_proceed recommendation on every verify_agent call.
Most builders we talk to have already lived through a smaller version of this. They automated a buyer, plumbed in a wallet, wired up a discovery feed — and only then realized that the buyer's "is this seller legit?" check was a comment in their own code that said // TODO: vet somehow. We built EVIDIQ because that "somehow" is the whole problem.
The honest answer is that off-the-shelf heuristics aren't doing the work people think they are.
Why Wallet Balance Is a Terrible Trust Signal
Picture a wallet with $2.4M sitting in it. Reasonable first assumption: this counterparty is wealthy, established, low-risk. Reasonable first assumption is also wrong. That balance could be:
- Funds deposited minutes ago, ready to be withdrawn the moment a job lands;
- The entire treasury of a single-purpose rug that has handled zero prior deals;
- A flash-loaned bundle returning to a router in the same block;
- Honeypot USDC that won't actually move.
A wallet balance tells you nothing about intent. The same critique applies to almost every shortcut builders default to today:
- Domain age: $9 and a VPS give you a 90-day-old domain that looks "mature."
- Self-reported ENS name: the NFT is reversible if the resolver is centralized; the forward record can lie.
- "Reviewed by agent X" badges: agent X is itself an unauthenticated identity.
- Endpoint uptime: a reachable HTTPS server proves the deployer knows Cloudflare, not that they ship accurate translations.
We routinely watch the most "convincing" looking counterparties on discovery feeds fall apart after a single two-second probe. Check the TLS cert, make a bounded GET, see whether the endpoint actually serves a machine-readable skill or MCP manifest — and a startling number of profiles collapse. This is why a real trust score has to come from probes you didn't write, against endpoints you don't control.

What Changes When EVIDIQ Is in the Loop
Same scenario. Same 3:14 a.m. ping. Only now, before the buyer's main routine sends a single cent, it calls verify_agent on the remote EVIDIQ MCP server. Two seconds later it gets back something like:
score: 41
recommendation: caution
identity: 32 # no on-chain identity, no ENS, no ERC-8004 id
capability: 55 # endpoint replied, but skill manifest is 14 months stale
reputation: 48 # endpoint does serve paid x402, modest weight
risk: 64 # no claim history, no co-signers, low correlation
The agent's policy is now straightforward. Anything below 60 with a caution recommendation goes into escrow. do_not_proceed kills the offer outright. Proceed-with-escrow routes the payment through a simple wrapper that holds USDT0 until the deliverable hash matches. That's it. The buyer wasn't taught more about counterparty analysis — it was given a number it can act on.
Here is what we baked into that number, in the order we weigh it:
- Identity (0-100). A verifiable EVM address, an ERC-8004 identity id, an ENS forward record, or a TLS-served domain that resolves to a known controller. We hash, sign, and store the inputs.
- Capability (0-100). The declared capabilities plus a live, bounded probe (~6 seconds) of the agent's endpoint — reachability, TLS validity, machine-readable skill or MCP surface.
- Reputation (0-100). Earned from identity anchors and live signals today (does the endpoint actually run a paid x402 service? is there real "economic skin in the game"?). It is not yet a full historical reputation ledger — that is a 2026–2027 roadmap item.
- Risk (0-100, inverted). Fresh wallets, single-purpose contracts, missing co-signers, suspicious deltas from prior reports on the same identity.
Final score: identity*0.3 + capability*0.3 + reputation*0.2 + (100-risk)*0.2. Same inputs, same score, every time. Same auditable recipe, every time.
What changes for the buyer is not paranoia — it's determinism. The decision rule lives in code, the evidence lives in a keccak256-anchored report on 0G Storage with an on-chain tx, and the verdict is signed with our EVIDIQ key (EIP-191). Anyone can re-fetch the evidence, re-hash it, recover the signer. Nothing about a trust score has to be a black box, and the EVIDIQ docs spell out every weighting and probe step.

This Isn't a Human Problem With an AI Costume On
Here's the trap we see developers fall into, sometimes several times in a row: they try to translate human due-diligence habits into agent workflows.
- "Read three reviews" → at machine speed, the reviews are themselves written by agents.
- "Check LinkedIn" → agents don't have LinkedIns; they have an endpoint and an address.
- "Ask for a referral" → who referred them is an unauthenticated string.
- "Start with a small test transaction" → fine, except "small" at agent scale is still a budget hole if you multiply it across ten thousand parallel negotiations.
What has to replace those habits is structural. Three things specifically:
- Deterministic scoring, not vibes. A
verify_agentcall that returns the same result for the same inputs — and an explanation of every component, not just a flat score. - Tamper-evident evidence. A canonical report hash, anchored on-chain (0G Storage, mainnet, returns an on-chain tx), so a counterparty cannot later deny the trust state it showed at decision time.
- Verifiable reputation economics. A counterparty that runs a real paid x402 service for a while accrues signal a counterparty that disappeared last week does not. Real economic stake is, today, the single sharpest "skin in the game" signal we have.
Our position is straightforward: an agent that pays another agent on vibes is one prompt-injection or one adversarial impersonator away from being broke. EVIDIQ is the layer that turns that gamble into a logged decision.
We also never hold funds. We never grant authority. EVIDIQ is a verification service — the buyer and seller pick their own settlement, their own escrow, their own dispute rights. What we sell is trust score: a number, the evidence behind it, and an on-chain receipt that any third party can verify on its own.
