Why do you trust a doctor who treats you at a hospital?
The story behind that trust goes like this: the government accredits a university. That accredited university grants the person a medical degree. A medical licensing board, authorized by the government, reviews that degree and issues a license to practice. A hospital verifies that the license and grants the doctor privileges to perform specific procedures at that facility. Then you, the patient, trust the person in the white coat to operate on you.
The invisible trust chains that hold the world together
What you just read is a trust chain. These trust chains are ubiquitous and often go unnoticed.
Every trust chain starts with an entity at the top that everyone agrees to trust. That starting point is called a root of trust. Every link then depends on the previous one. If the university loses accreditation, the degrees it issues become questionable. If the license expires, the hospital privileges collapse. The chain breaks from the top down.
In practice, you trust the white coat. But implicitly, you are trusting that the hospital checked the license, the board checked the degree, the government checked the university, and so on. You verify the last link and assume the chain holds.
The problem with paper
While these trust chains hold civilization together, they are surprisingly fragile. They largely run on paperwork, periodic audits, and the assumption that every link was properly verified before a credential was issued. Some of that paperwork is digital now, but a signed PDF protects the document, not the chain behind it. You still cannot verify who authorized the signer, or whether that authorization still holds. Audits and human diligence at issuance will always be necessary.
But what if every link were as easy to verify as checking a green light? What if, once a credential was issued, anyone could verify the entire chain in milliseconds, without calling anyone, without chasing paperwork, without wondering if the chain still holds?
That is the problem GLEIF built the verifiable Legal Entity Identifier (vLEI) to solve.
What the vLEI does
The vLEI is a system for cryptographically verifiable organizational identity. It allows organizations and the people representing them to prove who they are in a way that any verifier can independently confirm, without relying on a central authority at the time of verification. The vLEI connects real-world organizational identity through a carefully designed chain of credentials. Each credential in the vLEI chain is issued by an entity that was itself vetted and credentialed by the level above it, forming a hierarchy rooted in a single global root of trust: GLEIF.
"Cryptographically verifiable" means that the organizational identity associated with a vLEI cannot be forged, tampered with, or denied by the party that issued it. However, it can be intentionally revoked by the issuer when circumstances change. It brings assurances unrivaled by any other method of organizational authentication.
A practical example
Consider this scenario. A company wants to sign a contract with the government for a public infrastructure project. The procurement officer needs to answer a simple question: Is the person signing this contract authorized to do so?
Let's trace the chain: a commercial registry incorporates the company. The company's board of directors passes a resolution authorizing specific officers to act on its behalf. The CEO signs the contract. But the CEO cannot be involved in every interaction on the project, so they delegate authority to the VP of Operations for the day-to-day work on this specific project. The procurement officer now must verify all of it: Does the company exist? Is the CEO the CEO? Does the VP have authority for this specific deal? Is the delegation still valid?
Today, that verification involves notarized documents, apostilles, certified translations, calls to registries, and lawyers reviewing board minutes. It can take weeks. With the vLEI, the procurement officer verifies the entire chain in seconds, cryptographically, without calling anyone.
The company's existence, the CEO's role, and the VP's delegated authority for this specific project: each becomes a verifiable credential, chained together cryptographically and traceable all the way back to GLEIF as the global root of trust. No phone calls. No paperwork. No assumptions. Just verifiable trust.
In the next article in this series, we will open the vLEI chain and walk through each link in detail: who issues what credential, to whom, and why the structure holds together.
If you would like to comment on a blog post, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion board you agree to abide by the terms of the GLEIF Blogging Policy, so please read them carefully.
Esteban Garcia is a technical consultant contributing to the Global Legal Entity Identifier Foundation (GLEIF). He works on the technical implementation of the verifiable Legal Entity Identifier (vLEI) ecosystem, with a focus on identity systems and their practical applications for organizations worldwide. He writes about trust, identity, and the infrastructure that makes secure digital interactions possible.
