FAQ
Questions we hear, answered plainly.
Short answers to the questions program teams, security reviewers, and engineers ask first. For the longer story, each answer links to the page that goes deeper.
What it is
What does Registry Stack actually do?
It lets a registry you already run answer a specific question, or share proof of a fact, without handing over the underlying record. A service gets a yes or no, a status, or a credential; the record stays in the source system.
See the problem it solves →Do we have to replace our current registry or platform?
No. Registry Stack runs alongside the systems you already operate, in front of the registry source you already keep. You do not have to replace the registry or migrate source records into Registry Stack.
How it fits the ecosystem →Can it work with a spreadsheet or a legacy database?
Yes. Registry Relay reads the files and tables a registry already lives in, including CSV, XLSX, Parquet, and PostgreSQL, and serves a protected, read-only API over them.
See Registry Relay →Data, security, and privacy
Does our data leave our systems?
No. You self-host Registry Stack on your own infrastructure or a partner’s. Records stay in the source, and no records or audit logs flow to the project.
Read the security model →What happens if a connected service is compromised?
A compromised caller is bounded by the scope and fields it was granted, plus rate limits, monitoring, and revocation. It should not get a database login or a direct line to the source, but broad grants still carry broad risk.
How the security model holds →How do AI agents fit in?
An AI agent is treated as one more untrusted caller: it gets a checked, minimized answer, not direct access. AI is the reason safer registry surfaces are urgent, not something Registry Stack sells.
A harness for AI in public services →How it fits
How is this different from an exchange layer like X-Road?
An exchange layer carries trust and transport between institutions. Registry Stack is the governed registry surface behind it: it still checks scope, fields, and source access even for a request that arrived through a trusted channel.
Complementary, not competitive →How is this different from a foundational ID system like MOSIP?
Identity systems establish who a person is. Registry Stack answers what is true about that person in a specific registry, such as alive, enrolled, or registered, after the identity layer has done its job.
Where Registry Stack sits →What standards does it use?
It adopts established standards rather than inventing them: SD-JWT VC and OpenID4VCI for credentials, DCAT-AP and related profiles for metadata, and SP-DCI and OGC API for registry exchange.
The standards we adopt →Adoption and cost
Is it really free?
The three products are open source, self-hosted, and complete for a single registry. The paid subscription adds governance across many registry services and maintainer support.
See pricing →Do you charge per citizen or per credential?
No. Pricing is by the registry services under management, so a program that reaches twice as many people pays the same.
What we never charge for →Who uses it today, and is it ready for us?
It is not in production anywhere yet. The products are open source and run in a public hosted lab on synthetic data, with live integrations you can inspect. Institutions should adopt them through a scoped pilot: one registry, one question, safeguards from the first request.
What a pilot looks like →Who is behind Registry Stack?
It is built in the open by maintainers who work in social protection, DCI standards, and GovStack specifications. The code, the documentation, and the hosted lab are public, so what this site claims, you can check.
Who is behind this →