Two signatures are better than one — bilateral provenance for AI agents
42m ago
Source
bskyTwo signatures are better than one — bilateral provenance for AI agentsdev.to# Two signatures are better than one — bilateral provenance for AI agents An AI agent produces a financial report. You notarize it — a 239-byte cryptographic record, signed by an independent notary, anchored on NEAR. The record proves: _this hash existed at this timestamp, and $0.01 USDC was paid for the attestation._ A week later, someone asks the obvious question: **who proved the agent wrote the report?** Nobody. The notary signed a hash the client submitted. Anyone could have submitted that hash. The PDR proves the hash existed — not that the agent authored the content behind it. This is the gap **Bilateral Signature (v0x04)** closes. The agent signs its own work hash with its Ed25519 key. That signature gets fused into the PDR. Now the record carries two independent signatures — agent and notary — and neither party can repudiate. ## The binding hash The mechanism is a single hash: binding_hash = sha256(work_hash + sig_A + agent_pubkey) * `work_hash` — SHA-256 of the agent's output (32 bytes) * `sig_A` — agent's Ed25519 signature over `work_hash`, NEP-413 standard (64 bytes) * `agent_pubkey` — agent's Ed25519 public key (32 bytes) This binding hash replaces `work_hash` in the PDR's `payload_hash` field. The notary then signs the full 175-byte payload — which already contains the binding hash. So the notary's signature covers a record that embeds the agent's signature inside it. To forge a v0x04 PDR, you need **two** private keys: the notary's Ed25519 seed and the agent's Ed25519 key. With the ordinary v0x03, you only need the notary's. Bilateral doubles the compromise requirement. ## What actually changed Almost nothing structurally — and that's the point.
You might also wanna read
Homelab Gets Linksys Themed Aesthetic
hackaday.com·40m ago
AI: Engine of Growth in Rural Communities
open.substack.com·42m ago
Security Roundup: Apple’s Hide My Email Service Fails to Hide Your Email
commons.now·42m ago
Multiple Apache ActiveMQ Vulnerabilities Enable DoS Attacks and Lead to Crashes
commons.now·42m ago
Warp goes open source, betting agents and community can outpace closed rivals
dev.to·42m ago
FLARE Learning Hub: Mandiant’s Free Reverse Engineering & Malware Analysis Powerhouse Just Dropped – Here’s How to Master It + Video
undercodetesting.com·42m ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.