TrailSign AI GmbH — Confidential Access
TrailSign AI builds the trust infrastructure layer for AI agents — the VeriSign moment for artificial intelligence. W3C standard-based. EU AI Act compliant. First mover.
Imagine it's 1994.
Netscape just invented SSL. Every website is insecure. No trust on the internet. Then VeriSign says: "We'll be the authority that confirms a website is real." Within 5 years, their certificate is in every browser. 88% margins. Monopoly. $21 billion exit.
Now it's 2026.
750 million AI agents are deployed. They negotiate contracts, book flights, access banking data. Not a single one has a cryptographically verifiable identity. No "SSL for agents." No trust.
On August 2, 2026, the EU AI Act is enforced. Articles 13, 14, 26, and 52 mandate transparency, traceability, and accountability for AI systems. €35 million fine per violation.
We're building VeriSign for AI agents. We are the Root Certificate Authority that confirms: This agent is authentic, authorized, has integrity, and is current. Our standard is submitted to W3C. Our trademark is filed with EUIPO. Our reference implementation passes 34 tests.
In 18 months, every company with AI agents will want a trust certificate.
The only question is: Who issues it?
We do.
TRAIL (Trust Registry for AI Identity Layer) answers 5 fundamental trust questions for every AI agent:
did:trail)eddsa-jcs-2023, JCS RFC 8785)Tech Stack: Ed25519 (Node.js native crypto), JSON-LD, SHA-256 (12-hex truncated), HTTP-based Registry (no blockchain overhead), 3-Tier Trust Model.
| Milestone | Status | Details |
|---|---|---|
| W3C DID Registration | Submitted | PR #669 on w3c/did-extensions — 14 reviewers assigned |
| EUIPO Trademark | Filed | Classes 9, 35, 42 — €1,050 invested |
| Reference Implementation | Live | @trailprotocol/core — 34 tests, 9 test suites passing |
| DID Method Spec | v1.1.0 | 10 expert-critique fixes applied (eddsa-jcs-2023, ABNF grammar, test vectors) |
| Whitepaper | v1.0 | Complete technical architecture — CC BY 4.0 licensed |
| GitHub | Public | github.com/trailprotocol/trail-did-method |
| Landing Page | Live | trailprotocol.org (Netlify, auto-deploy via Git) |
| Metric | Value | Source / Logic |
|---|---|---|
| TAM | $15-30B by 2030 | AI Trust Infrastructure, Agent Identity, Compliance Verification |
| SAM | $4-9B | Enterprise AI Agent deployments requiring compliance |
| SOM (Year 1-3) | $50-200M | Initial CA licenses + Per-DID fees in DACH + EU |
| AI Agents (2026) | 750M+ | Gartner, IDC estimates for deployed AI agents |
| Growth Rate | 40-60% CAGR | AI agent deployment acceleration |
| EU AI Act Affected Companies | 10,000+ | Companies deploying high-risk AI in EU jurisdiction |
| Stream | Pricing | Buyer | Margin |
|---|---|---|---|
| CA Licenses (Annual) | €5,000 – €100,000/year | Certificate Authorities, SaaS Platforms | 85-90% |
| Per-DID Fees | €0.10 – €0.50 per DID | Enterprises deploying AI agents | 90%+ |
| Enterprise Support | €20,000 – €200,000/year | Large enterprises (DAX, Fortune 500) | 70-80% |
| Compliance Packages | €10,000 – €50,000 | EU AI Act compliance consulting | 75% |
VeriSign achieved 88% gross margins. Root CAs have the highest margins in tech because the cost of issuing a certificate is near-zero once infrastructure exists.
| Position | Amount | % |
|---|---|---|
| CTO (12 months, €10K/mo) | €120,000 | 24% |
| Backend Developer (10 months, €8K/mo) | €80,000 | 16% |
| Founder Salary (12 months, €8.3K/mo) | €100,000 | 20% |
| Legal & IP (Patents, EUIPO Madrid, NDA) | €40,000 | 8% |
| Cloud Infrastructure (12 months) | €30,000 | 6% |
| Marketing & Community (W3C, DIF, LinkedIn) | €30,000 | 6% |
| GmbH Share Capital | €25,000 | 5% |
| IONOS, Tools, SaaS | €15,000 | 3% |
| Buffer (Unforeseen, Travel, Conferences) | €60,000 | 12% |
| Total | €500,000 | 100% |
| KPI | Q2 2026 | Q4 2026 | Q2 2027 |
|---|---|---|---|
| Letters of Interest | 5-8 | 10-15 | 15-20 |
| CAs Accredited | 0 | 3-5 | 10-15 |
| DIDs Issued | 0 | 1,000 | 50,000 |
| ARR | €0 | €20-50K | €100-200K |
| Team | 2 (CEO+CTO) | 4-5 | 6-8 |
| GitHub Stars | 10 | 100 | 500 |
| W3C Status | PR submitted | PR approved | Standards track |
| Dimension | trail GmbH (Munich) | Microsoft Entra | TrailSign AI |
|---|---|---|---|
| Layer | Application (Governance) | Platform (Identity) | Infrastructure (Root CA) |
| Analogy | Compliance Dashboard | Enterprise SSO | VeriSign for AI |
| Standard | Proprietary | Proprietary | W3C DID + VC 2.0 |
| Neutrality | Neutral | Microsoft-locked | Vendor-neutral, open |
| Moat | Features, customers | Platform lock-in | W3C namespace, EUIPO, network effects |
Key insight: trail GmbH Munich (€1.45M Pre-Seed) builds AI Governance Software (Application Layer). TrailSign AI builds the Identity Infrastructure Layer underneath. They could become our customer — not our competitor.
Digital Twin Identity, Pharma Supply Chain, VCs
SSI Wallet, Credential SDK, Open Source
Verifiable Credentials, EU Workforce
Blockchain-based Credentials (TRAIL is leaner)
€270M+ Funding, KYC — TRAIL is "IDnow for AI"
Spherity does Digital Twin Identity. walt.id builds SSI wallets. IDnow verifies humans. Nobody builds the Root CA for AI agents. That's TRAIL.
| Protection | Detail | Status |
|---|---|---|
| W3C Namespace | did:trail — first-come-first-served, permanently secured once registered | Submitted |
| EUIPO Trademark | "TRAIL" — Classes 9, 35, 42 (Software, Business Services, SaaS/Protocol) | Filed |
| Vendor Neutrality | OpenAI/Google/Microsoft CANNOT build a neutral trust system for their competitors | Structural |
| EU AI Act Requirement | Regulators need neutral, European infrastructure — can't come from Big Tech | Regulatory |
| Network Effects | More CAs → more agents trust TRAIL → more companies adopt → standard becomes mandatory | Scaling |
| Prior Art | First to define the language, first to define the standard. Full paper trail. | Established |
VeriSign was also founded by a non-technical founder (Jim Bidzos was a business executive). The founder-market fit lies in market understanding and execution, not just code. I've written the whitepaper, the DID spec, the business plan, and submitted the W3C PR myself. The CTO complements — but the vision and market position come from me. With 15+ years B2B enterprise sales and 20,000+ customer touchpoints, I understand why AI agents need trust infrastructure.
No. trail GmbH builds an AI Governance Dashboard — Application Layer. We build Identity Infrastructure — Infrastructure Layer. That's like Salesforce (Application) vs. AWS (Infrastructure). They could become our customer. Their investors validated the thesis "AI needs trust infrastructure" — we are the next logical layer underneath.
€500K delivers 12-14 months runway: hire CTO, build Registry MVP, collect 10 LOIs, start 3-5 CA pilots. The protocol design is DONE (whitepaper, DID spec, reference implementation with 34 passing tests). We need €500K for execution, not R&D. This is the most capital-efficient investment in this market.
Because enterprise customers don't want token economics. VeriSign didn't have a token either. CA license fees (€5-100K/year) and per-DID fees (€0.10-0.50) generate SaaS-like recurring revenue — exactly what investors want. Blockchain as an optional audit layer is possible (Whitepaper Chapter 9), but it's not the foundation.
The EU AI Act CREATES the market. On August 2, 2026, €35M fines become enforceable. Every company with AI agents needs transparency and traceability proof. That's exactly what TRAIL is built for. The market exists in 5 months — whether we're ready or not.
did:trail works even without W3C registry entry — DIDs are an open standard, not licensed. The W3C submission is a credibility booster, not a technical dependency. But: rejection probability is low. The PR follows all W3C specifications, and the DIF community actively supports new DID methods.
VeriSign parallel: Browser manufacturers (Microsoft IE, Netscape) didn't operate SSL themselves — they accepted VeriSign as a neutral third party. AI platforms need a neutral trust layer — no single player can own the ecosystem. Open standard (W3C) protects against platform lock-in. Google, Microsoft, and OpenAI are competitors to each other — they'll need a neutral CA.
Fallback: RAS (Rocking.AI.Sales) generates €3-5K/month cashflow. Bootstrap TRAIL development. CTO as advisor instead of full-time. Slower but viable.
EUIPO trademark protects "TRAIL" name. W3C PR #669 secures did:trail namespace. GitHub documents prior art. Network effects and standards win — not features.
VeriSign was never replaced by browser makers. AI platforms need a NEUTRAL trust layer. Open W3C standard prevents lock-in. Big Tech players are competitors to each other.
Already passed (June 2024). Enforcement timeline is fixed. Even with 6-12 months delay: compliance pressure starts NOW (companies prepare ahead). Not an existential risk.
Bridge: Freelance CTO (€120-150/hr, 20h/week). Markus Sabadello or Dr. Stöcker as advisor + technical validation. Agency-built tech team. More expensive but possible.
TRAIL is W3C-native. W3C is the internet standards body. EU has historically adopted W3C standards. Being visible and registered NOW ensures inclusion in any EU standardization process.
Background: 15+ years B2B Enterprise Sales. Automotive, IT, Industrial Automation. 20,000+ qualified touchpoints, 1,200+ on-site meetings. Full sales cycle ownership.
Why This Founder: 10,000+ sales interactions revealed that AI agents will create a structural trust infrastructure problem. Not a pivot — a recognition. Combined B2B market access + W3C/DID technical depth + IHK Business Coach certification.
ADHS as Advantage: Systems thinking, hyperfocus, pattern recognition — positioned as a strength, not hidden.
CTO Search Active: Identified candidates include W3C DID pioneers (Danube Tech), SSI experts (Lissi GmbH, Spherity), and open-source DID developers. Target: 4-6 weeks post-funding.
We're raising €500,000 at a €2-3M pre-money valuation.
What you get:
• 15-20% equity in the company building the Root CA for AI agents
• First-mover position in a $15-30B market with no incumbent
• W3C standard (submitted), EUIPO trademark (filed), reference implementation (34 tests passing)
• 12-14 months runway to Registry MVP, CTO hire, and 10+ LOIs
The EU AI Act creates the market on August 2, 2026.
The question isn't IF agents need trust certificates.
The question is who issues them.
Let's talk: christian.hommrich@gmail.com