Contrarian · 5 min read

The next $100B company is a trust layer

The next category-defining company will not be an AI model. It will be the cryptographic trust layer that makes models usable in regulated economies. Here is the bet.

The pattern is the same every time

When a new technology layer matures, the value does not stay in the layer that gets the most press. It migrates to the layer that gets the least.

The web's largest companies are not browsers. They are the search, payment, and identity layers between browsers and the websites people use.
The mobile era's largest companies are not phone makers. They are the app store, payments, and ride-sharing platforms that built on top of phones.
The cloud era's largest companies are not the colocation providers. They are the orchestration, identity, and security platforms that became the load-bearing rail.

The pattern is consistent: a technology becomes infrastructure, the infrastructure becomes invisible, and the trust layer above the infrastructure becomes the most defensible business in the stack.

AI is repeating this

The the last few years narrative was about models — GPT, Claude, Gemini, open-weight challengers. Models are doing well. They are commoditizing fast. The capital question for the rest of the decade is not "which model wins" but "what makes the model deployable in production, in regulated industries, at scale, with audit trails strong enough to survive enforcement."

The answer is not the model. The answer is the trust layer.

What "trust layer" means

The agentic age has four trust gaps that current infrastructure does not close. Each, at scale, is a multi-billion-dollar business by itself:

Identity. Which human is behind this agent? At 250,000 NHIs per enterprise and 100:1 machine-to-human ratios, this is not a feature.
Delegation. What scope did the human grant? For how long? With what magnitude limit? Article 14 demands an answer; current stacks don't have one.
Attestation. Was the work authored, supervised, or directed? The hiring market alone — $501M in fraud losses, growing — needs this.
Settlement. Who pays whom, when an agent acts on a human's behalf and the work is verified? This is the rail that turns the others into a self-sustaining economy.

Stitching all four into one protocol is what we call HATI — Human-Agent Trust Infrastructure. The company that does this convincingly captures the trust layer for the entire AI economy.

The market math

The numbers, conservatively assembled from public forecasts:

Digital identity solutions: $61.65B, $339.46B in the near term (CAGR 20.87%).
Agentic AI infrastructure: $9.14B, $139–236B in the near term (CAGR 40.5%).
Non-Human Identity management: $12.2B, $38.8B in the near term.
Workforce verification and credentialing: $18.7B, $52B in the near term.

Total: north of $100 billion in current run-rate, projected to $500+ billion in the near term. The intersection of all four — HATI — is the category that captures value across them. We don't need to win all of every market; we need to be the dominant primitive in the intersection.

Why protocol play, not product play

The largest trust-layer outcomes are protocol outcomes, not product outcomes. Stripe is bigger than every payment processor that came before it because it became the default rail. Cloudflare is bigger than every CDN before it because it became the default rail. The pattern is: build a primitive other people's products depend on, and the network effects compound exponentially while features compound linearly.

HATI is a protocol play. Every agent framework, every MCP server, every regulated AI deployment becomes more valuable when it speaks the protocol. Once enough of the ecosystem has integrated, the protocol becomes structurally hard to displace — because displacing it means coordinating a switch across thousands of relying parties.

Where we could be wrong

Three honest risks.

Big tech absorbs the layer. Microsoft, Google, AWS could each build sufficiently strong trust primitives that the cross-platform layer never consolidates. We think the platform-lock-in argument prevents this — enterprises will resist a single vendor controlling agent identity — but the risk is real.

Regulators move slower than expected. If Article 14 enforcement is delayed or gutted, the urgency premium compresses. We think the political economy makes this unlikely; AI fraud has produced too many headlines.

Standards converge before products mature. If W3C VC, OAuth-for-Agents, and ERC-8004 converge faster than products can ship, the value moves to whoever has the best implementation of common standards. We are betting Manav has that implementation. We could be wrong.

What this means for capital

For investors evaluating AI: the next decade's largest exits will not be model companies. They will be the trust-layer companies that made the models usable. The funds that priced this early will look prescient.

For builders: if you are debating which layer of the stack to specialize in, look at where the value migrated in every prior platform shift. Then look at the AI stack and ask which layer is currently undervalued by the same logic.

Common objections

The strongest counter-arguments we have heard. The incumbent will catch up — possibly inside their boundary; the cross-platform shape is architecturally hard for them. The category is too narrow — we believe it broadens as agent autonomy compounds; we may be wrong; the data over the next year will tell.

Frequently asked questions

What are the strongest counter-arguments? The two we hear most: (1) the incumbent will eventually ship this, and (2) the category is too narrow to support a category-defining company. We address both head-on; we believe the incumbent's architecture cannot ship this without a rebuild, and we believe the category broadens as agent autonomy compounds.

Are we ignoring legitimate criticism? We try not to. The honest criticisms — slow adoption, immature SDKs in some languages, unclear regulator response — are documented openly. We answer with progress, not with marketing.

What would make us change our mind? Three signals. A major incumbent shipping a comparable cross-platform delegation primitive. A regulator explicitly preempting the category with a different spec. A customer cohort showing they prefer the platform-bound alternative even when the audit trail is broken. None of those have appeared.

Where to start

For the steel-manned counter-position, read what is hati. For the alternative we agree could win, see manav token explained. We do not need to be right for the category to be real.

The model is not the moat. The trust layer beneath the model is.