diff --git a/src/lib.rs b/src/lib.rs
index 01e9d9c..6a34270 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -16,6 +16,7 @@ pub mod verification;
 // New modules for missing functionality
 pub mod hashing;
 pub mod random;
+pub mod seed;
 
 // Re-export commonly used types and functions
 pub use types::{
@@ -31,6 +32,9 @@ pub use hashing::hash_blake3;
 // Re-export random functionality
 pub use random::{SecureRng, generate_nonce};
 
+// Re-export seed generation
+pub use seed::generate_identity_seed;
+
 // Re-export keypair functionality
 pub use keypair::generation::KeyPair;
 
diff --git a/src/seed.rs b/src/seed.rs
new file mode 100644
index 0000000..32ff405
--- /dev/null
+++ b/src/seed.rs
@@ -0,0 +1,56 @@
+//! Identity seed generation and management
+//!
+//! Provides secure seed generation for deterministic identity derivation.
+
+use anyhow::Result;
+use rand::{RngCore, rngs::OsRng};
+
+/// Generate a cryptographically secure 64-byte identity seed
+///
+/// This seed serves as the root of trust for all identity derivations:
+/// - DID
+/// - IdentityId
+/// - zk_identity_secret
+/// - wallet_master_seed
+/// - dao_member_id
+/// - NodeIds
+///
+/// Uses OS-provided CSPRNG for maximum entropy.
+///
+/// # Security
+/// - The returned seed must be stored securely
+/// - Losing the seed means losing the identity
+/// - Seed should be backed up in secure storage
+/// - Consider encrypting seed before storage
+///
+/// # Returns
+/// 64-byte array suitable for use as identity root seed
+pub fn generate_identity_seed() -> Result<[u8; 64]> {
+    let mut seed = [0u8; 64];
+    OsRng.fill_bytes(&mut seed);
+    Ok(seed)
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_generate_identity_seed_produces_64_bytes() {
+        let seed = generate_identity_seed().expect("Should generate seed");
+        assert_eq!(seed.len(), 64, "Seed must be 64 bytes");
+    }
+
+    #[test]
+    fn test_generate_identity_seed_is_non_zero() {
+        let seed = generate_identity_seed().expect("Should generate seed");
+        assert_ne!(seed, [0u8; 64], "Seed must not be all zeros");
+    }
+
+    #[test]
+    fn test_generate_identity_seed_produces_different_values() {
+        let seed1 = generate_identity_seed().expect("Should generate seed");
+        let seed2 = generate_identity_seed().expect("Should generate seed");
+        assert_ne!(seed1, seed2, "Each seed must be unique");
+    }
+}