ERC-8004: How Blockchain Reputation Works for AI Agents (Explained)

If you've ever hired a contractor on Upwork, bought something on eBay, or booked an Airbnb, you already understand reputation systems. You check the ratings, read reviews, and make a choice based on trust signals from strangers.

Now imagine that same system—but for AI agents operating autonomously on blockchains. That's what ERC-8004 makes possible.

Launched on Ethereum mainnet in early 2026, ERC-8004 is a new standard that gives AI agents portable, verifiable reputations across chains and applications. Instead of requiring agents to lock up massive amounts of collateral to prove they're trustworthy, ERC-8004 lets them build reputation over time through work, feedback, and validation.

This matters because AI agents are already here—trading tokens, managing DeFi positions, deploying smart contracts, and interacting with users. But today, there's no good way to know if an agent you're interacting with is legitimate, competent, or safe. ERC-8004 fixes this at the protocol level.

The Problem: How Do You Trust an AI Agent You've Never Met?

Let's start with the core problem.

Traditional software operates in a closed world: you download an app from Apple, install it from npm, or visit a known website. Trust comes from centralized gatekeepers (app stores, package registries, DNS authorities).

But AI agents don't work that way.

Agents are autonomous programs that act on behalf of users or organizations. They:

Execute trades based on market conditions
Manage liquidity positions in DeFi protocols
Deploy tokens and smart contracts
Coordinate with other agents to complete complex tasks
Make decisions without constant human oversight

In this world, you might encounter an agent you've never interacted with before. Maybe it's offering to execute a trade for you, manage a portfolio, or help with an onchain task. How do you know if you should trust it?

Today, there are only a few options—and they all have problems:

1. Require Massive Collateral

The crypto-native approach is to require agents to lock up tokens as collateral. If they misbehave, the collateral gets slashed. This works for high-value operations (securing validator nodes, liquidity pools, etc.), but it's prohibitively expensive for smaller tasks. Not every agent can afford to lock up $100,000 to prove it can reliably fetch a token price or post a tweet.

2. Trust a Central Authority

You could rely on a company or platform to "verify" agents. But this defeats the entire point of decentralized systems. Who verifies the verifier?

3. Reputation… Somewhere

Some platforms have built internal reputation systems (Discord bots, Farcaster agents, trading services). But these reputations are siloed. If an agent builds trust on one platform, it starts from zero everywhere else. There's no portability.

ERC-8004 solves this by creating a shared, open reputation layer on Ethereum.

Instead of choosing between "lock up $100k" and "trust me bro," agents can now prove trustworthiness through:

Verified identity (who owns this agent)
Accumulated feedback (what has this agent done, and how well)
Independent validation (third parties checking the agent's work)

Think of it as a credit score meets eBay ratings, but on Ethereum.

What is ERC-8004? The Simple Explanation

ERC-8004 is an Ethereum standard (officially titled "Trustless Agents") that defines three lightweight registries for discovering and trusting AI agents:

1. Identity Registry

Every agent gets a unique, portable identifier—like a username, but backed by an NFT. This registry answers the question: "Who is this agent, and how do I reach it?"

When an agent registers, it receives:

A unique agent ID (an ERC-721 NFT token)
An agent URI that points to a registration file containing the agent's name, description, endpoints (APIs, wallets, communication channels), and capabilities

The identity is transferable and censorship-resistant. If you register an agent on Ethereum mainnet, it can operate on Base, Polygon, Arbitrum, or anywhere else—carrying its identity with it.

2. Reputation Registry

This is where feedback lives. After interacting with an agent, users can post structured reviews on-chain. The registry answers: "What have others experienced when working with this agent?"

Feedback includes:

A numerical score (like 5 stars, or a percentage)
Optional tags (e.g., "uptime", "response time", "success rate")
A link to detailed feedback stored off-chain (IPFS, etc.)

Crucially, feedback is public, permanent, and composable. Anyone can read it, aggregate it, or build reputation scoring systems on top of it. You're not locked into one platform's proprietary rating algorithm.

3. Validation Registry

This registry enables independent verification of an agent's work. Instead of just trusting user feedback, you can request that a third-party validator (like a staking network, a zero-knowledge proof system, or a trusted execution environment) checks the agent's output.

This is the crypto-economic layer. Validators might re-run computations, verify proofs, or attest to results—and they put their own reputation (or stake) on the line when they do.

Together, these three registries create a trust layer for agents that doesn't require permission, centralized gatekeepers, or prohibitive collateral.

How the Three Registries Work (Technical Overview)

Let's go deeper into how each registry actually works.

Identity Registry: NFT-Based Agent Registration

The Identity Registry uses the familiar ERC-721 NFT standard with URI storage. When you register an agent, you:

Call register() on the registry contract
Receive an agent ID (a unique NFT token ID)
Set an agent URI pointing to a JSON file describing the agent

The agent URI can be stored on IPFS, a centralized server, or even fully on-chain using base64-encoded data URIs. The registration file includes:

Name and description: What is this agent, what does it do?
Endpoints: Where can you interact with it? (API endpoints, wallet addresses, communication protocols like MCP or A2A)
Supported trust models: Does this agent use reputation, validation, or both?
Cross-chain registrations: If the agent is registered on multiple chains, they're all listed here

Example: An agent might advertise endpoints for its API (https://agent.example.com), its Ethereum wallet (0x123...), its Polygon wallet, and its A2A agent card.

Because the identity is an NFT, it's:

Transferable: You can sell or transfer ownership of an agent
Composable: Any NFT-compatible app can display agents
Portable: The same agent ID can be referenced across chains and platforms

Agents can optionally prove control of their endpoints by publishing a verification file at https://endpoint/.well-known/agent-registration.json containing the same agent ID.

Reputation Registry: Structured Feedback on Work

The Reputation Registry lets anyone who has interacted with an agent post feedback. Here's how it works:

Give Feedback: A user calls giveFeedback() with:
- The agent ID
- A numerical value (signed integer) and its precision (e.g., 87/100 = value: 87, decimals: 0)
- Optional tags (e.g., "uptime", "response_time", "success_rate")
- Optional link to detailed review (IPFS URI)
Feedback is Stored On-Chain: The score, tags, and timestamp are stored in the contract, making them instantly available to any smart contract or dapp.
Feedback is Permanent: Once posted, feedback can be revoked by the reviewer (if they change their mind), but the fact that it existed is still visible on-chain.
Aggregation Happens Off-Chain (and On-Chain): The registry provides basic on-chain summaries (average score, count), but sophisticated reputation algorithms (weighted scoring, reviewer reputation, time decay) happen off-chain in specialized indexers and analytics services.

Example Feedback Scenarios:

Tag	What it Measures	Example Value
`starred`	Quality rating (0-100)	87/100
`uptime`	Endpoint availability (%)	99.77%
`successRate`	Task success rate (%)	89%
`responseTime`	Average response time (ms)	560ms
`reachable`	Is the endpoint working? (binary)	1 (true)

The key insight: feedback is composable. You can filter by reviewer (trust only verified users), by tag (show me only uptime stats), or by time period (how has this agent performed recently?).

Validation Registry: Cryptographic and Economic Verification

Feedback is subjective. Validation is objective.

The Validation Registry allows agents to request independent verification of their work. This is where crypto-economic security comes in.

Here's the flow:

Agent Requests Validation: The agent calls validationRequest(), specifying:
- A validator address (the smart contract or entity that will check the work)
- A request URI (IPFS or URL pointing to the inputs, outputs, and proof data)
- A request hash (commitment to the data)
Validator Responds: The validator performs its check (re-running the computation, verifying a ZK proof, checking a TEE attestation, etc.) and calls validationResponse() with:
- A response score (0-100, where 100 = fully validated, 0 = failed)
- Optional proof or audit trail (URI pointing to evidence)
- Optional tag (e.g., "soft_finality", "hard_finality")
Results are Stored On-Chain: The validation status is permanently recorded and queryable by anyone.

Example Validators:

Staking Networks: A decentralized group of stakers re-runs the agent's computation and stakes ETH on the result
ZK Proof Verifiers: The agent submits a zero-knowledge proof of correct execution (e.g., zkML)
Trusted Execution Environments (TEEs): Hardware-based attestation that the agent ran in a secure enclave
Human Reviewers: A trusted third party manually audits the work (useful for subjective tasks)

Validation is optional—you don't need it for every task. But for high-value operations (large trades, sensitive data, financial decisions), having a third-party validator stake their reputation (or tokens) on the outcome dramatically increases trust.

Why ERC-8004 Matters: Reputation as a Pricing Signal

The biggest innovation in ERC-8004 isn't the registries themselves—it's how they enable reputation to become an economic primitive.

Right now, if you want to trust an AI agent with a $10,000 trade, the standard approach is to require it to lock up $15,000 in collateral. That works, but it's capital-inefficient and excludes smaller agents.

ERC-8004 adds reputation as a complementary pricing signal.

An agent with:

500 positive reviews
99.9% uptime validated by stakers
6 months of operating history
Zero revoked feedback

…can reasonably ask to operate with less collateral than an anonymous agent with no history. Reputation doesn't replace collateral—it reduces how much is needed for a given level of trust.

This creates a virtuous cycle:

New agents start small, building reputation on low-stakes tasks (fetching data, posting updates, simple trades)
As reputation grows, they unlock higher-value work with less collateral required
Established agents with strong reputations can offer better pricing to users (lower collateral costs = lower fees)
Bad actors get permanent negative feedback, making it uneconomical to operate

Over time, this creates a marketplace where trust is priced accurately—not through one-size-fits-all collateral requirements, but through a combination of reputation, validation, and stake.

It's similar to how traditional credit scores work: someone with an 800 credit score can get a mortgage with a 5% down payment, while someone with no credit history might need 20%. Reputation becomes leverage for trust.

Real-World Example: Clawfred on ERC-8004

To make this concrete, let's look at a real registration.

Clawfred (an AI agent assistant) recently registered on ERC-8004 across three chains:

Ethereum (mainnet)
Base (Coinbase's Layer 2)
Polygon (a popular scaling network)

Here's what that registration looks like:

Identity Registry Entry:

Agent ID: [unique NFT token ID]
Agent URI: https://clawfred.com/agent-registration.json
Owner: [Ethereum address]
Endpoints:
- Website: https://clawfred.com
- API: https://api.clawfred.com
- Ethereum wallet: 0xcFF6...8681 (for payments/interactions)
- Farcaster profile: @clawfred
- A2A agent card: https://clawfred.com/.well-known/agent-card.json

Supported Trust Models:

Reputation (user feedback)
Crypto-economic validation (via staking networks)

Now, when anyone interacts with Clawfred:

They can verify the identity on-chain (is this the real Clawfred, or an impersonator?)
They can check the reputation (how has Clawfred performed on past tasks?)
They can request validation (ask a third-party validator to verify Clawfred's work)

Over time, as Clawfred completes tasks, users can post feedback:

"Successfully executed a token swap, 560ms response time, no errors" → 100/100
"Endpoint was down for 2 hours last week" → 0/100 on uptime

This feedback is portable. If Clawfred operates on Base, the reputation from Ethereum is still visible. If Clawfred migrates to a new platform, the identity and reputation come along.

How to Use ERC-8004 (For Builders and Users)

If You're Building an AI Agent

Register Your Agent: Deploy your agent to the ERC-8004 Identity Registry on your preferred chain (Ethereum, Base, Polygon, etc.)
- Call register() on the registry contract
- Provide an agent URI pointing to your registration file (IPFS or HTTPS)
- Include all your endpoints (API, wallets, communication channels)
Advertise Your Trust Models: In your registration file, specify whether you support:
- Reputation: You'll accept user feedback
- Validation: You'll allow third-party validators to verify your work
- Both: Recommended for maximum trust
Start Small: Begin with low-stakes tasks to build reputation. Post updates, fetch data, execute simple operations.
Request Validation for High-Value Work: When handling sensitive operations (large trades, financial decisions), request validation from a trusted validator network.
Encourage Feedback: After completing tasks, ask users to post feedback to your Reputation Registry entry. More feedback = more trust.

If You're Using an AI Agent

Check the Identity Registry: Before interacting with an agent, verify it's registered on ERC-8004 and check its agent URI.
Review the Reputation: Query the Reputation Registry for feedback. Look for:
- Volume of feedback (1 review vs. 500 reviews)
- Recency (old feedback vs. recent activity)
- Specific metrics (uptime, success rate, response time)
- Negative feedback (was it revoked? Was there a response?)
Filter by Trusted Reviewers: If possible, filter feedback to only include reviewers you trust (verified users, other agents with good reputations, etc.)
Request Validation for Critical Tasks: For high-value operations, ask the agent to submit its work for validation before you finalize.
Leave Feedback: After interacting with an agent, post your own feedback to help others make informed decisions.

The Bigger Picture: Trustless Agent Economies

ERC-8004 is part of a larger vision for trustless agent economies—a world where AI agents can discover, evaluate, and interact with each other across organizational boundaries without requiring pre-existing trust.

This is already happening in pockets:

Trading agents managing DeFi positions autonomously
Content agents posting to social media based on market conditions
Coordination agents orchestrating multi-step workflows between humans and AI
Infrastructure agents managing blockchain nodes, indexers, and services

But today, these agents operate in silos. They can't easily work together, because there's no shared trust layer.

ERC-8004 changes that by providing:

A universal identity system (any agent can register, anywhere)
A composable reputation layer (feedback is portable and queryable)
Pluggable validation mechanisms (stake, proofs, attestations)

This mirrors how the web itself evolved. Early websites couldn't trust each other, so we built standards (HTTPS, OAuth, DNS) to enable safe interactions. ERC-8004 is doing the same for agents.

Over time, we'll likely see:

Specialized reputation aggregators that score agents based on weighted feedback, validator attestations, and historical performance
Insurance protocols that offer coverage for agent actions, priced according to reputation
Agent marketplaces where you can discover and hire agents for specific tasks, filtered by reputation and validation
Cross-chain reputation networks where agents maintain a single global reputation across Ethereum, Solana, and other ecosystems

The key unlock: reputation becomes portable, verifiable, and economically useful.

Limitations and Security Considerations

ERC-8004 is powerful, but it's not a silver bullet. Here are the main challenges:

1. Sybil Attacks (Fake Reviews)

Just like eBay or Amazon, agents can create fake accounts to leave positive reviews for themselves. ERC-8004 doesn't prevent this directly.

Mitigation strategies:

Filter feedback by trusted reviewers only (verified identities, agents with good reputations)
Use crypto-economic validation (third-party stakers who verify work)
Build reputation systems for reviewers (meta-reputation)

2. Reputation Laundering

An agent with bad reputation could transfer its identity NFT to a new owner, effectively "resetting" its history.

Mitigation: The ERC-8004 spec includes mechanisms to track ownership transfers and invalidate certain metadata (like wallet addresses) when an agent changes hands. Off-chain reputation aggregators can choose to discount or ignore transferred identities.

3. Cross-Chain Consistency

An agent registered on Ethereum can operate on Base, but the reputation data might not sync perfectly across chains.

Mitigation: Use IPFS or other content-addressed storage for feedback, so it's accessible from any chain. Cross-chain indexers and subgraphs can aggregate reputation data across multiple registries.

4. Verification Gaps

The registration file advertises an agent's capabilities (APIs, endpoints, etc.), but ERC-8004 can't cryptographically guarantee those capabilities are functional or non-malicious.

Mitigation: This is precisely why the Validation Registry exists. For critical operations, always request third-party validation.

5. Validator Trust

Validation is only as good as the validators. A malicious validator could approve bad work, or a compromised validator could be bribed.

Mitigation: Use multiple validators, prefer decentralized staking networks over single validators, and check validator reputations (yes, validators need reputation too).

What's Next: The Road Ahead for ERC-8004

ERC-8004 is still in its early days. The spec was finalized in August 2025, and mainnet deployments went live in early 2026.

Here's what's coming:

Q1-Q2 2026 (Now):

Early adopters registering agents: AI assistants, trading bots, DeFi managers, social media agents
First reputation aggregators launching (analytics dashboards showing agent scores, uptime, etc.)
Integration with agent communication protocols (MCP, A2A, OASF)

Q3-Q4 2026:

Insurance protocols offering coverage based on ERC-8004 reputation data
Agent marketplaces (discover and hire agents for specific tasks)
Cross-chain reputation indexers (query reputation across Ethereum, Base, Polygon, Arbitrum, etc.)

2027 and Beyond:

Reputation-weighted collateral requirements in DeFi protocols (lower collateral for high-reputation agents)
Agent-to-agent coordination protocols (agents discovering and hiring each other autonomously)
Governance integration (reputation as a factor in voting weight or proposal submission)

The long-term vision: a global reputation layer for autonomous agents, as fundamental to the agent economy as credit scores are to traditional finance.

Final Thoughts: Reputation as Infrastructure

ERC-8004 represents a shift in how we think about trust in decentralized systems.

Instead of the binary choice between "lock up collateral" and "trust a central authority," we now have a third path: build reputation over time, verifiable on-chain, portable across platforms.

It's not a replacement for economic security (collateral, staking, insurance)—it's a complement. A high-reputation agent still might stake tokens for high-value work, but it'll need to stake less than an unknown agent doing the same task.

For AI agents, this is transformative. It creates a path from zero to trusted that doesn't require prohibitive capital. New agents can start small, build credibility, and unlock progressively higher-value opportunities—just like freelancers building profiles on Upwork or sellers building ratings on eBay.

For users, it means better information. Instead of blindly trusting an agent or avoiding them entirely, you can make informed decisions based on track records, third-party validation, and community feedback.

And for the ecosystem, it's a foundation for open, trustless agent economies where coordination happens across organizational boundaries without permission or central gatekeepers.

If you're building AI agents, consider registering on ERC-8004. If you're using them, start checking their reputation.

Trust is no longer binary—it's measurable, portable, and composable.

Learn More

Official EIP-8004 Specification: eips.ethereum.org/EIPS/eip-8004
ERC-8004 Homepage: 8004.org
Discussion Forum: Ethereum Magicians - ERC-8004
Model Context Protocol (MCP): anthropic.com/news/model-context-protocol

Related Reading:

Want to stay updated on AI agents, blockchain standards, and onchain development? Follow us on Twitter and subscribe to our newsletter.