Public roadmap

What we shipped. What we are building. What is next.

Every line item below carries a ship-status label so adopters, grant reviewers, and pitch audiences can plan against verifiable state. When something moves between statuses, this page updates on the same commit. Nothing is labeled "shipped" until it is publicly usable.

Available today

Currently publicly usable. Every item below has a public repository, a public deployment, or a published specification. This is the credibility floor for grants and pitches.

did:sns Method Specification Shipped

W3C DID method anchored to Solana Name Service. Full CRUD spec, 186-test implementation report, deployed at spec.attestto.com/did-sns.

spec.attestto.com/did-sns

vLEI Solana Bridge Shipped

Anchor program with Groth16 zero-knowledge proofs and soulbound Program Derived Accounts. Deployed to Solana mainnet at GLEif8Rf1NFiuGPXxD7n3sakuNH6SZPFfoZMg1pBVEFm.

Attestto-com/vLei-Solana-Bridge

Verifiable Credentials SDK Shipped

W3C VC 2.0 SDK at attestto-com/vc-sdk. Any credential type, any DID method, Ed25519 or P-256. Costa Rica extension SDK at attestto-com/cr-vc-sdk with 11 credential types.

Attestto-com/vc-sdk

Credential Wallet Extension Shipped

Browser extension at Attestto-com/attestto-creds-extension. SD-JWT and JSON-LD VCs, DIDComm v2 messaging, Shamir 2-of-3 recovery, AES-256-GCM vault.

Attestto-com/attestto-creds-extension

Verify Web Components Shipped

Drop-in JavaScript components for document verification at verify.attestto.com. Apache 2.0, no login, no backend, no data transmitted.

verify.attestto.com

PDF Signing and Verification Shipped

PDF engine with PAdES-B / T / LT signing, QR embed, and Solana anchoring. Powers attestto-desktop and third-party integrations.

Attestto-com/attestto-verify

Attestto Anchor Service Shipped

Federation-ready HTTP service for anchoring content hashes to Solana via the Memo program with Merkle batching. Clone-and-deploy.

Attestto-com/attestto-anchor

Trust Anchor Mirror Shipped

Independent public mirror of national PKI trust roots at attestto-com/attestto-trust. Costa Rica Firma Digital first, multi-country roadmap.

Attestto-com/attestto-trust

Attestto Desktop Shipped

Sovereign identity desktop application with SQLCipher-backed vault, mandatory Shamir 2-of-3 guardian recovery, offline verification.

Attestto-com/attestto-desktop

DID Resolvers (did:sns, did:pki) Shipped

Standalone and unified DIF Universal Resolver drivers. HTTP API compliant. Deployable independently or under one service.

Attestto-com/attestto-did-resolver

VCP CLI (Verifiable Content Provenance) Shipped

Embed-first content envelope CLI. Signs and verifies vcp metadata blocks inside PDF, JPEG, or a sidecar for any file. Ed25519 + JCS RFC 8785. Natural carrier for IEAL claims. Working Draft v0.1 spec + reference implementation.

Building now (2026 H2)

Actively under construction. Timelines are best-effort and may shift based on customer pilots or grant milestones. Nothing here is currently shippable in production.

IEAL Specification v0.1 In progress

Identity Evidence Assurance Level. Three-axis compositional model published as a Working Draft. Standards-community engagement at W3C CCG and DIF planned. NIST SP 800-63-4 crosswalk drafted.

spec.attestto.com/ieal

did:pki Method Specification In progress

W3C DID method for national PKI hierarchies. Draft v0.1.0 with active W3C DID methods registry pull request.

Attestto-com/did-pki-spec

Firma Digital PKCS#11 Signing In progress

Complete the Costa Rica national signing path. Verify path is shipped; signing pipeline integrates with BCCR PKCS#11 tokens.

PAdES-LTA with Solana Anchor In progress

Long-term archival PDF signing with Solana replacing the traditional Timestamp Authority. Embeds cert chain, DID doc snapshot, and Solana receipt in the PDF Document Security Store.

Attestto-com/attestto-verify

Attestto Mobile PWA In progress

Companion mobile app for camera-attested capture. Pairs with desktop via QR over local network for two-device flows.

Attestto-com/attestto-mobile

Sovereign Pass SBT In progress

Non-transferable soulbound token proving verified identity after KYC. Public metadata schema at attestto-com/sovereign-pass-metadata.

Attestto-com/sovereign-pass-metadata

KYC / KYB API In progress

Identity and business verification with document AI, sanctions screening, and beneficial ownership analysis. Building under CORTEX platform.

OpenID4VP Presentation In progress

OpenID for Verifiable Presentations with selective disclosure via SD-JWT. Full offline-capable revocation status list checking in build.

Attestto-com/id-wallet-adapter

Scheduled (2026 Q4 through 2027)

Committed to build subject to customer or grant triggers. Nothing here is under active construction yet. Priority ordering reflects current pipeline; specific quarters may shift.

Play Integrity + App Attest Planned

Android Play Integrity API and Apple App Attest integration in attestto-mobile for hardware-attested capture. Enables IEAL Capture axis values C1 and C2. Priority P2 per IEAL implementation roadmap.

PAD Vendor Integrations Planned

ISO/IEC 30107-3 certified PAD provider integrations for IEAL Algorithm axis values A3 and A4. Customer-triggered per vendor-neutrality policy. Mitek, iProov, FaceTec are candidate integrations.

.attestto Container Format Planned

File envelope carrying encrypted witnesses, VC commitments, attestation blobs, and access-control policies for institutional dual storage. Design ADR pending, follow-on to IEAL v0.1.

Multi-stablecoin Treasury Rails Planned

Stablecoin-agnostic treasury infrastructure. USDC and EURC via Circle CCTP, USDG via the Global Dollar Network, and OUSD (Open Standard consortium, Solana-native, launching late 2026) as it matures. Rail selection follows regional partner and merchant preference, not vendor lock-in. Organization-scoped, governance-approval-gated, settlement batching supported.

Squads Multisig Vaults Planned

Product-level governance multisig on Solana Squads v4. 2-of-3 or custom thresholds for domain, asset, and signing-key custody.

LEI Issuance and Maintenance Planned

Legal Entity Identifier issuance and annual maintenance for Attestto Inc.'s own entity chain first, then a public issuance service. GLEIF-compatible under vLEI framework.

Colegio and Notary Onboarding Kit Planned

Turn-key onboarding for Costa Rica professional colegios (bar, medical, engineering) and notary offices. Ties professional-attestation model to Firma Digital signing.

Digital Currency Rails (CRCD) Planned

Stablecoin on-ramp, off-ramp, and cross-border settlement. Costa Rica digital colón (CRCD) proof of concept depends on BCCR partnership timelines.

Under exploration (2027+)

Long-horizon research items with no build commitment. Included for transparency about where we think the space is heading. Priority is guided by standards-community direction and customer signals.

Post-Quantum Signing Research

ML-DSA-65 hybrid signing (NIST FIPS 204). Migration path documented. Shipping target aligned with the industry 2030 timeline for post-quantum readiness.

Zero-Knowledge Predicates Research

Range proofs and set-membership proofs in OpenID4VP presentations. Depends on standardization progress and mobile ZK proving performance.

Session-Based IEAL Research

Extending IEAL from single-capture to session-based continuous assurance. Applicable to remote proctoring, multi-party signing ceremonies, and long-lived KYC sessions.

Cross-Jurisdiction Issuer Registry Research

ToIP Trust Registry Protocol implementation for cross-jurisdiction issuer discovery and trust chain composition. Aligns with HAVID.

AI-Mediated Onboarding Research

Conversational identity provisioning with on-device LLMs. Consciousness Shards architecture. Governed by per-event consent per IEAL Storage axis.

On-Chain Cap Table Research

Regulatory-cleared on-chain equity structures. Blocked on securities-law clarity across LATAM jurisdictions. Watching but not building.

Where we participate

Standards work is core to Attestto's positioning. Publishing specifications and engaging peer standards bodies is not a marketing tactic; it is how the identity infrastructure category matures. Below is our current engagement track.

W3C Credentials Community Group In progress

Active engagement on did:pki registry, did:sns discussion, IEAL peer review, and related identity primitives.

w3c-ccg.github.io

Decentralized Identity Foundation (DIF) In progress

HAVID alignment via peer discussion. IEAL scope introduced as a compositional identity assurance model for DIF adopters.

identity.foundation

NIST SP 800-63-4 Planned

NIST 800-63-4 was finalized 2025-07-31. When NIST opens a future revision comment window, IEAL will be part of our submission. Meanwhile we publish an informative crosswalk.

pages.nist.gov/800-63-4

ToIP Trust Registry Protocol Research

Watching HAVID and TRP developments for interoperability with our federated trust bootstrap model. Long-term direction depends on ToIP publication cadence.

trustoverip.org

GLEIF vLEI Framework Shipped

vLEI Solana Bridge deployed as an on-chain implementation of the GLEIF vLEI Framework. Attestto Inc. LEI issuance and maintenance planned as a follow-on service.

gleif.org/vlei

OpenID Foundation (OIDF) Planned

OpenID4VP and OpenID4VC implementer conformance. Attestto's presentation flow targets full HAIP 1.0 alignment.

openid.net/wg/dcp

How to read this roadmap

  • Shipped Shipped: publicly usable today. Has a public repository, deployment, or published specification.
  • In progress In progress: under active construction. Timelines are best-effort. Not shippable in production yet.
  • Planned Planned: committed subject to customer, grant, or pilot trigger. Not under active construction.
  • Research Research: exploratory. No build commitment. Included for transparency about long-horizon direction.

This roadmap is honest about ship status because we would rather ship credibility over hype. A category-defining specification is worth more than a coming-soon claim. If a line item is important to your evaluation, ask us for the current state.