ERC-7857: AI Agents NFT
ERC-7857 lets an NFT represent an autonomous AI agent whose configuration / model weights / system prompts are private. The on-chain NFT carries a public-facing identifier; the actual agent parameters live encrypted off-chain (IPFS, Arweave) and are re-encrypted to the new owner's key on every transfer. Used by:
- Agent marketplaces — sell autonomous trading bots, content agents, customer-service NFTs without leaking the underlying model.
- AI character NFTs — game characters with private personality prompts.
- Specialised agent licensing — fine-tuned models bundled as transferable NFTs.
The on-chain part is small (the NFT + reference to encrypted blob); the off-chain part is the encrypted agent payload and a re-encryption service that runs at transfer time.
Required Interface (abridged)
solidity
interface IERC7857 {
event AgentMetadataReencrypted(uint256 indexed tokenId, address indexed newOwner,
string newMetadataPointer);
function metadataOf(uint256 tokenId) external view returns (string memory);
function reencryptOnTransfer(uint256 tokenId, string calldata newMetadataPointer,
bytes calldata reencryptionProof) external;
}The transfer flow:
- Buyer initiates transfer.
- Off-chain re-encryption service downloads old encrypted blob, decrypts (with seller's key escrow), re-encrypts to buyer's public key, uploads.
- Service calls
reencryptOnTransferwith the new IPFS pointer and a proof of correct re-encryption (typically a zk-SNARK or TEE attestation). - The NFT contract verifies the proof, updates the metadata pointer, transfers the NFT.
Neo Equivalent: NEP-11 + Re-encryption Service Hook
csharp
public static void ReencryptOnTransfer(ByteString tokenId, string newMetadataPointer,
ByteString reencryptionProof)
{
if (!Runtime.CheckWitness(GetReencryptionService())) throw new Exception("AI:NotService");
if (!VerifyReencryptionProof(tokenId, newMetadataPointer, reencryptionProof))
throw new Exception("AI:InvalidProof");
Storage.Put(Storage.CurrentContext, MetadataKey(tokenId), newMetadataPointer);
// Complete the deferred transfer.
var pendingNewOwner = (UInt160)Storage.Get(Storage.CurrentContext, PendingOwnerKey(tokenId));
Transfer(pendingNewOwner, tokenId, null);
Storage.Delete(Storage.CurrentContext, PendingOwnerKey(tokenId));
OnAgentMetadataReencrypted(tokenId, pendingNewOwner, newMetadataPointer);
}| ERC-7857 (Ethereum) | Neo Equivalent | Notes |
|---|---|---|
| Encrypted metadata blob (IPFS) | Same — IPFS / Arweave reference stored on-chain | |
| Re-encryption service (off-chain) | Off-chain Neo C# service holding the seller's key escrow | |
reencryptOnTransfer(...) | ReencryptOnTransfer(...) service-witness-checked | |
| TEE / zk proof | VerifyReencryptionProof(...) — pluggable verifier | |
| Two-phase transfer (initiate, complete) | Pending-owner storage + reencrypt-then-transfer |
Composition
- ERC-7007 — verifiable AI-generated content. Pair: the agent NFT proves its model identity; outputs prove provenance.
- ERC-6551 — token-bound accounts. AI agent NFTs can hold their own funds via TBA — the agent acts as its own treasurer.
- ERC-4519 — physical-asset NFTs. Same private-key attestation pattern, applied to AI agents instead of devices.
Migration Notes
For AI agent NFT platforms:
- The expensive part is off-chain re-encryption infrastructure — TEE-backed services or zk-SNARK provers.
- The on-chain footprint is two storage slots (metadata pointer + pending-owner during transfer) and the verification call.
- For low-value agents, signature-from-the-service is cheaper than zk; for high-value bots, zk-attested re-encryption prevents service-operator collusion.