← Back
Trust & Permissions
Library Governance Legal
M5 MEMBER
M5 · Trust & Permissions · How M5 Protects You

Only proofs move.
Your private data stays in your vault.

M5 is built on a single principle: the network sees verifications, not the underlying information. Your identity, your records, your health data, your voice, your devices, and your agent instructions live inside your vault — encrypted, partitioned, and permissioned by you. The chain only sees proof that something is true.

A verifiable record, not a public asset.
The four states of your data

What stays private, what gets verified, what goes on-chain, what never does.

Stays private
Inside your vault.
  • The full content of your identity, credentials, and recovery secrets
  • Bank account numbers, balances, and transaction details
  • Health records, DNA, biometric samples, voice prints
  • Personal communications, memory, family records
  • Your agent instructions, training data, and prompts
  • Sensitive business records, contracts, and treasury details
Gets verified
Proven without revealed.
  • "This human exists and controls this vault." Not their name.
  • "This bank account is in good standing." Not the balance.
  • "This credential is currently held by this TCID." Not the issuer's PII.
  • "This person is over 18 / a US resident / KYC-cleared." Not the ID document.
  • "This agent has user consent to perform this action." Not the user's identity.
  • "This payment is authorized within scope." Not the underlying records.
Goes on-chain
Public proofs, not data.
  • TCID — your sovereign address (no PII embedded)
  • Proof hashes of attestations and credentials
  • Permission scopes and revocations (timestamped)
  • Ledger settlements (amounts and receipts, not parties)
  • Bitcoin notary anchors that prove permanence
  • Jurisdiction-chain participation records
Never on-chain
No exceptions.
  • Names, emails, phone numbers, addresses
  • Government ID images or numbers
  • Voice recordings, DNA sequences, biometric samples
  • Health, mental-health, or family-services records
  • Bank account numbers or routing information
  • Private agent prompts, memory, or training data
Sensitive human data rule

Voice, DNA, biometrics, health, mind, memory, and agent instructions are private proof tokens by default.

They are not public assets. They are not tradable. They cannot be monetized, syndicated, or sold by any party — including M5 — unless you explicitly permission a specific, scoped, time-bound use under compliant rules. The default position of the network is silence. Sharing is an action you take, not an action that happens to you.

Permission Firewall · agents are role-separated

Each agent sees only what its job requires.
Nothing more.

Your 30 M5 agents are not generic chatbots. They are scoped, credentialed assistants tied to your vault. A finance agent cannot access your DNA. A learning agent cannot move your money. A business agent cannot read your private family records. Every access is logged. Every permission is revocable in one tap.

$
M5-AGT-MONEY

Money Agent

Connected bank account proofs, bill-pay scopes, card permissions, accounting routing
DNA, health records, voice prints, private family records, learning records
Scope: financial primitives only
M5-AGT-DNA

Body / DNA Agent

Health permissions, biometric consent records, DNA scope tokens (encrypted)
Money movement, bank accounts, business treasury, credential issuance
Scope: sensitive human data only
M5-AGT-BIZ

Business Agent

Entity records, team roles, treasury policy, jurisdiction filings, contract scopes
Personal DNA, personal health, family records, individual credit history
Scope: organizational only
How permissions work — and how to revoke

Every access is explicit, scoped, logged, and revocable.

01
Request
An app, agent, or institution requests a specific proof.
02
Scope
You see exactly what's asked, why, and for how long.
03
Consent
You approve or decline. No proof leaves your vault without you.
04
Proof, not data
The vault returns a verification — never the underlying record.
05
Revoke
Pull access at any time. Future proofs stop instantly.
Lawful access · disputes · safeguards

What happens when a regulator, court, or counterparty has a legitimate need.

M5 cooperates with lawful process — through you, not around you.

The M5 network cannot hand over data it does not hold. Personally identifying information lives in your vault, not on the chain and not on M5 servers. When a lawful request arrives, M5 routes it to you as the vault holder, with the legal basis attached.

You can respond directly, engage counsel, or — for business and institutional members — route through your compliance partner. M5 does not silently disclose, surveil, or back-channel. A dispute path with notice and reply is the default, not the exception.

If an order ultimately compels disclosure, the disclosure is logged on-chain as a proof event so the record is permanent and accountable. No silent dragnet. No back doors. The user is always in the loop.

Standing rules
  • Notice to the vault holder before any disclosure, unless prohibited by court order
  • Minimum-necessary scope — proofs first, raw data only if legally compelled
  • On-chain log of every lawful-access event for permanent accountability
  • Public transparency reports — counts, jurisdictions, outcomes
  • M5Gov access requires verified human-agency authority, not platform discretion
  • Agents may not override user consent, legal authority, or compliance rules

Your vault. Your proofs.
Your permission, always.

The shape of the new internet isn't more surveillance dressed in better marketing — it's a return to consent as the default. Activate your IAM and set the rules.

Activate IAM → Read the Whitepapers