Verifying once and reusing sounds clean. Less repetition, less friction, fewer moving parts.
But here’s the catch.
You’re not removing complexity, you’re compressing it into one place.
And that place becomes critical.
A proof that’s valid today can quietly become wrong tomorrow. Data changes. Permissions expire. Context shifts. But systems don’t always notice immediately. They keep trusting what was once true.
That’s where things break.
If multiple apps depend on the same attestation and it drifts, you don’t get a single failure. You get inconsistent behavior across systems. Some accept it. Others reject it. No one agrees on reality.
That’s not a bug you fix quickly.
That’s a trust problem.
So I’m not focused on how smooth it looks right now. I’m watching how it handles revocation, expiry, and outdated data.
Because in systems like this, Day 2 matters more than Day 1.
Either it holds under pressure.
Or it becomes another layer people learn to work around.