Existing authorization infrastructures model authority as a property of an identity — a role, a permission entry, a flag in a database. This representation is adequate within a single system but fails structurally at organizational boundaries, across time, and under independent audit. There is no open standard for expressing a delegation event in a form that a third party can verify without the issuer's cooperation.

NOMOI addresses this gap by modeling authority as an immutable, cryptographically signed event rather than a mutable state. The system is built on three primitives: asymmetric key pairs as self-sovereign identities, Trust Anchors as content-addressed IPFS directories made updatable through a discovery layer, and Mandates as signed delegation records persisted on IPFS. Mandates form a delegation graph: each recipient may sub-delegate a strict subset of their received authority, producing a verifiable graph that any party can traverse from leaf to root using only public infrastructure. Verification is purely mathematical and offline-capable once content is retrieved; no live API call to any issuing organization is required. Revocation is structurally integrated into the Trust Anchor directory and propagates through the same discovery mechanism used for all other updates. The protocol is algorithm-agnostic — each Mandate declares its signing algorithm via a COSE-compliant integer identifier — and is network-agnostic and transport-agnostic in mandate presentation.