{
  "domain": "merchant.gao",
  "owner_key": "0xabc...",
  "wallets": {
    "eip155:1":       "0xETH...",
    "eip155:8453":    "0xBASE...",
    "solana:mainnet": "SoL..."
  },
  "preferred_chain": "base",
  "preferred_token": "USDC",
  "endpoints": {
    "web":     "https://merchant.gao.global",
    "payment": "https://pay.merchant.gao.global",
    "booking": "https://book.merchant.gao.global"
  },
  "agents": [
    "assistant.merchant.gao",
    "pay-agent.merchant.gao"
  ],
  "subdomains": [
    "pay.merchant.gao",
    "booking.merchant.gao",
    "support.merchant.gao"
  ],
  "metadata": {
    "name":         "Merchant Inc",
    "type":         "business",
    "trust_level":  2,
    "verified_at":  "2026-01-20T00:00:00Z"
  }
}

---

### Identity as Root Authority

The domain owner key is the highest authority. There is no override mechanism — not Gao, not DAO, not Governance.

Governance manages the namespace rules. The owner key manages the domain. These are separate and non-overlapping authorities.

---

### Multi-Context Resolution

The same domain resolves differently depending on what is asking and why. The domain does not change — the resolution context changes.

Context

What resolves

Output

Payment

Proxy wallet address

`0xPROXY...` (real wallet never exposed)

Browser

Web content endpoint

`https://merchant.gao.global`

API

Service endpoint

`https://api.merchant.gao.global`

AI System

Agent authority record

Scope, permissions, expiry

Workspace

Account identity

Domain + trust level + roles

Messaging

Encrypted messaging endpoint

End-to-end encrypted channel

This context-aware resolution is what distinguishes Gao Domain from a naming system. A naming system returns one thing. An identity container returns the right thing for the context.

---

### What This Replaces

Old System

Problem

Gao Domain Solution

Wallet address (`0x9a2f...`)

Opaque, unsafe, single-chain

Human-readable, multi-chain

Website domain (`merchant.com`)

Website only, no payments or agents

Full identity stack

Platform username

Platform-owned, revocable

Cryptographic, permanent

API keys

Per-service, fragmented

Single identity, all services

AI agent URLs

Unverifiable, no authority chain

Verifiable, scoped, auditable

---

### Walkaway Compatibility

The identity container is designed for full walkaway capability:

-   **Exportable** — owner can export complete identity state at any time, in a documented open format
    
-   **Verifiable** — any third party can verify the identity from public data alone, with zero trust in Gao
    
-   **Reconstructable** — exported state can be imported into any conforming resolver or management tool
    

A user can operate their domain without Gao infrastructure. The identity remains valid and provable because it is cryptographic — not because Gao says so.

---

### Identity Container vs. Naming System

This distinction matters for understanding what Gao Domain is:

**A naming system** (DNS, ENS, Unstoppable Domains) answers: _“What address does this name point to?”_

**An identity container** (Gao Domain) answers: _“Who is this entity, what are they authorized to do, how do I reach them, and can I trust them?”_

The resolution output varies by context. The trust signal (badge) is embedded. The agent authority is verifiable. The payment routing is privacy-preserving. None of this is possible with a naming system. All of it is possible with an identity container.

---

_This page is part of the Identity Model section. See Multi-Chain Mapping for wallet resolution and Agent Binding Model for AI agent identity._