Your bank should prove its operations, not just promise them.
selfdriven.money is built on a three-layer trust architecture: self-certifying KERI identity, ACDC verifiable credentials, and FIDO2 passkey authentication. Here's how it all works together.
From first touch to verified transaction.
Every interaction with selfdriven.money flows through a cryptographically anchored pipeline — from your first passkey registration to your thousandth payment.
Passkey Registration & AID Inception
When you open an account, a KERI key pair is generated on your device. Your private key never leaves your hardware. A FIDO2 passkey is created and cryptographically bound to your new KERI Autonomous Identifier via an inception event.
event: icp · pre-rotation committed · witnesses: 3 · passkey: boundIdentity Verification & ACDC Issuance
Your identity is verified against government records. The verified result becomes an ACDC credential — cryptographically chained to your KERI AID and anchored via an interaction event. You own this credential. No central database holds it.
ACDC · schema: kyc-verified-v1 · said: Ef9Kq... · anchored: ixnAccount Opening & Credential Scope
Accounts are opened with ACDC account credentials scoping your access rights. BSB and account numbers are assigned. PayID is registered. Your Visa Debit is issued digitally to Apple Pay / Google Pay. No paper. No waiting.
ACDC · schema: account-scope-v1 · bsb: 802-985 · payid: registeredDaily Banking & Passkey Authentication
Every sign-in uses your FIDO2 passkey — biometric or device-bound. No passwords. No SMS codes. The authentication assertion is bound to the selfdriven.money origin and phishing attacks fail by design. A KERI ixn event is created for every session.
WebAuthn · assertion: bound-to-origin · ixn event · timestamp: loggedPayment Signing & KERI Event
Every outgoing payment requires your biometric authorisation via passkey. The WebAuthn assertion anchors a KERI interaction event containing the SHA-256 digest of the payment instruction. The KEL entry is witnessed, append-only, and tamper-evident.
ixn · digest: sha256(payment) · witnessed: 3-of-3 · append-onlySettlement & ACDC Receipt
Completed transactions generate ACDC payment receipt credentials — independently verifiable proof of authorisation. Regulators, counterparties, and auditors can verify the cryptographic chain of custody without contacting selfdriven.money.
ACDC · schema: payment-receipt-v1 · said: Eg7Rp... · verifiable: independentlyThree layers. Zero assumptions.
selfdriven.money's trust model does not rely on institutional promises. Every claim is cryptographically verifiable by anyone, at any time, without our involvement.
Layer 1 · KERI Key Event Infrastructure
Your KERI Autonomous Identifier is self-certifying — derived from your public key, with no central authority issuing or controlling it. Key rotation uses pre-committed next keys, making your identity resilient to key compromise. Three distributed witnesses provide tamper-evident logging.
Layer 2 · ACDC Verifiable Credentials
Every claim — your KYC status, account ownership, payment authority — is an ACDC credential anchored in your KERI event log. Credentials are cryptographically chained, independently verifiable, and instantly revocable. No credential database that can be breached.
Layer 3 · FIDO2 Passkey Binding
Your passkey is bound to your KERI AID via an interaction event at registration. Every subsequent authentication assertion is linked back to that binding. The authentication cannot be relayed, replayed, or phished — the origin binding is cryptographically enforced.
Layer 4 · CDR Open Banking
Your financial data is yours under Australia's Consumer Data Right. selfdriven.money's CDR APIs give you — and your authorised third parties — programmatic access to your account data, transaction history, and product information with ACDC-attested consent records.