Bounded contexts before internet identity.
Start with courses, journals, and peer review, where eligibility, continuity, shielding, and sanction procedures are already real institutional problems.
Atrium is identity infrastructure for bounded institutions: courses, journals, research communities, DAOs, and AI-agent delegation contexts where people need continuity and protection at the same time.
A participant can be verified once, appear through a context-specific pseudonym, and leave signed provenance that survives restart. Real identity stays shielded by default; reveal requires an explicit governance process.
Atrium grows out of Accountable Pseudonymity: Identity Regimes as Organisational Design, a manuscript submitted to the Journal of Organization Design. The product is not anonymous accounts or decentralized identity. It is institutional middleware for deciding what an organization legitimately needs to know at each boundary: what can be verified, what remains shielded, what must be remembered, and what process can justify disclosure.
Start with courses, journals, and peer review, where eligibility, continuity, shielding, and sanction procedures are already real institutional problems.
The useful primitives are scoped keypairs, bounded credentials, tamper-evident logs, and reviewable approvals. The system does not need a public chain to be auditable.
Serious cases begin with content, context, and signed records. Identity reveal is exceptional, justified, logged, reviewable, and reversible where possible.
Participants see a calm pseudonymous layer. Institutional operators see the bounded context underneath: policies, claims, logs, integrations, and governed cases.
| Claim or surface | Peer | Instructor | Moderator | Governance | Vault |
|---|---|---|---|---|---|
| Course pseudonym | Visible | Visible | Visible | Visible | Mapped |
| Verified enrollment | Not shown | Yes/no | Yes/no | Evidence | Source |
| Legal identity | Shielded | Shielded | Shielded | Governed reveal | Stored |
| Signed action history | Scoped | Context only | Context only | Evidence packet | No content body |
Events are append-only, signed by the acting authority, and chained to prior records. External systems receive references and snapshots, not identity mappings or raw private bodies by default.
event 0142 action.post.created actor: psn_ctx_sem204_7f3a sig: ed25519:7d9a...12bf prev: h:9f44...a833 hash: h:0b18...d2c1 event 0143 credential.presented claim: enrolled:SEM204 disclosed_to: runtime hash: h:408d...aa91 snapshot 0012 co-signed period: week_07 root: merkle:bb71...098f
The local Atrium v0 lab now exercises the seven-layer regime: proofing, vault mapping, context-bound pseudonyms, credentials, signed runtime actions, hash-chained provenance, and governed reveal.
The next step is extracting the lab into an open-source
atrium-core package: normalized
storage, encrypted vault fields, versioned governance policies,
real auth adapters, and CI tests for restart, anti-correlation,
and governed reveal.