The three pillars of Sigil
- Non-custodial smart account wallets — each user gets a Safe multisig wallet that serves as their on-chain identity anchor.
- — EIP-712 signed messages that authorise specific actions and scopes. A Stamped Mandate is delivered over the API as a
PINT(headerx-sumvin-pint-token). - The Sumvin Identity Service (SIS) — exchanges signed Stamped Mandates for verifiable JWTs that third parties can independently validate.
How it works
A typical Sigil flow looks like this:- The user (or their agent) signs a Stamped Mandate — a structured EIP-712 message declaring what they want to do, which scopes they authorise, and how long the authorisation is valid. On the wire this is a
PINT. - Your app exchanges the signed mandate with the SIS token service, which validates the signature, checks KYC status, and returns a SIS-signed JWT.
- The JWT travels with requests to third-party services, which verify it against the SIS public keys (JWKS) and optionally check revocation status.
Key concepts
| Concept | Description |
|---|---|
| Sigil | Sumvin’s portable, KYC-verified identity — “Proof of Personhood” a user carries across services |
| SRI | Sumvin Resource Identifier — a URI-style identifier for users and resources (sr:us:person:safe:0x...) |
| Stamped Mandate (PINT) | A signed authorisation a user grants for specific scoped actions — an EIP-712 signed message, delivered over the API as a PINT |
| SIS | Sumvin Identity Service — the API that validates Stamped Mandates and issues JWTs |
| Safe Wallet | The user’s on-chain identity anchor (Gnosis Safe multisig) |
| Scopes | Permission grants included in a Stamped Mandate (e.g., sr:us:pint:identity:proof_of_personhood) |
| Verification Tier | Standard (JWT only) or Enhanced (JWT + PINT signature) — determined by scopes requested |
Who uses what
| You are… | You need… |
|---|---|
| An app developer building on Sumvin | The Platform API to create users and wallets, then this Sigil tab to create Stamped Mandates and exchange them for JWTs |
| A merchant or service provider receiving Sumvin credentials | The Verifier Guide to validate incoming JWTs and PINT signatures |
Next steps
- SRI format — the URI family that identifies users, resources, and scopes.
- EIP-712 and PINTs — the signed message spec your Stamped Mandates are built on.
- Token exchange — trade a signed Stamped Mandate for a SIS-issued JWT.
- Scopes reference — the capability envelope each Stamped Mandate carries.