Why Universal Manifest?
Your data is trapped in silos. Every time you move between apps, devices, or services, your identity, preferences, credentials, and permissions are left behind — locked in the system where you created them. The next system you visit has no idea who you are, what you’ve consented to, or what you’ve already proven.
This is the fragmentation problem, and it affects everyone.
The problem is everywhere
Section titled “The problem is everywhere”A freelance artist signs up for a new gallery platform and re-enters the same profile information for the fifth time this month. A conference attendee wearing smart glasses has no way to tell nearby devices “don’t record my face.” A gamer who spent years building achievements on one platform starts from zero on another. A patient’s consent preferences, carefully set at one hospital, are invisible to the next clinic.
These are not edge cases. They are the everyday cost of a world where systems cannot share portable, verified information about people and things.
The consequences are real:
- People lose control of their data because no format carries their preferences alongside their information.
- Developers build custom integrations for every pair of systems that need to exchange user state — multiplying effort and maintenance.
- Organizations pay the coordination tax of bespoke data-sharing agreements that don’t scale.
- Offline environments (venues, public displays, field operations) either trust everything or trust nothing, because there is no standard “permission packet” they can consume.
What Universal Manifest provides
Section titled “What Universal Manifest provides”Universal Manifest (UM) is a portable document format that solves this. A single manifest carries everything a receiving system needs to know about a subject — identity references, verified claims, privacy consents, device registrations, and pointers to authoritative data sources — in one standardized package.
Think of it as a Swiss Army Knife for personal data: one compact document with modular sections (called “shards”) that fold out for different purposes. A social platform reads the public profile shard. A venue display reads the display policy shard. A smart glasses runtime reads the consent shard. Each consumer uses what it understands and safely ignores the rest.
Five properties make this work:
- One format, many consumers. Any system that can parse JSON can read a manifest.
- Works offline. Every manifest has a built-in validity window. Systems cache it, use it while disconnected, and know exactly when to stop trusting it.
- Forward-compatible. New features can be added without breaking existing implementations, because consumers ignore fields they don’t recognize.
- Consent by default. The permission model is default-deny. Nothing is shared unless the manifest explicitly says so.
- Composable. Manifests are built from modular shards that can be mixed, matched, and extended for any domain.
Who benefits
Section titled “Who benefits”End users get portable identity and preferences that travel with them. Set your privacy preferences once and every compatible system respects them.
Developers stop building custom integrations for every system pair. Adopt one format, and any UM-compatible system can exchange state with yours.
Enterprises and platforms reduce the coordination cost of cross-system data sharing. Instead of bilateral agreements, publish and consume a common format.
Standards bodies and evaluators get a format that builds on existing standards (JSON-LD, DIDs, W3C VCs) rather than competing with them. UM complements the ecosystem — it does not replace it.
What makes UM different
Section titled “What makes UM different”Universal Manifest is not another credential format, another auth protocol, or another data store. It is a portable state document — the one envelope that carries enough context for a receiving system to act, even offline, even without prior integration.
Where W3C Verifiable Credentials carry individual claims, UM carries the complete picture: identity, claims, consent, devices, and data references in one document. Where DIDComm provides messaging between DID-based systems, UM provides the document that a message might carry. Where Solid Pods store canonical data, UM manifests point to that data and carry a portable summary.
UM works with these standards, not against them.
Real-world scenarios
Section titled “Real-world scenarios”Freelance artist at a gallery
Section titled “Freelance artist at a gallery”Alex is a digital artist showing work at a gallery. Alex’s manifest carries a public profile (display name, bio, avatar), a pointer to their canonical data source, and a consent flag allowing public display. The gallery system scans Alex’s manifest, validates it, and renders Alex’s profile on a public display screen. When the manifest expires after 24 hours, the display automatically stops showing it. No custom integration between Alex’s tools and the gallery’s system was needed.
Privacy-first smart glasses
Section titled “Privacy-first smart glasses”Riley wears smart glasses in a public space. Riley’s manifest carries a consent section that says: face recording is denied, voice capture is not permitted, but professional profile can be auto-shared. Nearby devices that support UM read Riley’s consent flags and enforce them in real time — blurring Riley’s face in recordings, muting voice capture, and surfacing only the permitted professional badge overlay.
Cross-platform gaming identity
Section titled “Cross-platform gaming identity”Sam plays games across multiple platforms. Sam’s manifest carries a gaming profile shard with their handle, achievements, avatar preferences, and inventory references. When Sam moves to a new platform that supports UM, their profile and progress come with them. No re-registration, no lost history, no bilateral API integration between the platforms.
Offline venue device management
Section titled “Offline venue device management”A public display at a remote venue has intermittent internet. The venue operator creates a manifest for the device with a device identity shard, a venue association shard, and a 12-hour validity window. The device caches the manifest locally, operates according to its policies while offline, and knows to stop trusting its authorization after 12 hours. No cloud dependency required.
Portable proof of personhood
Section titled “Portable proof of personhood”A user has verified their identity through multiple independent providers (biometric scan, social trust score, government ID). Their manifest carries claims from all providers in separate sections. A receiving system checks whichever providers it trusts, without needing direct integration with any of them.
Get started
Section titled “Get started”Ready to dive deeper?
- Concepts — Learn the five core ideas behind Universal Manifest.
- Quick Start — Build your first manifest step by step.
- Specification (v0.1) — Read the full technical contract.
- How UM Compares — See where UM fits in the standards landscape.