๐ Sign & Verify
Build cryptographic trust for AI agents using signatures, certification, and delegated authority
โ Without Trust Verification
โข Agents can't verify content authenticity
โข Easy to spoof or tamper with feeds
โข No traceability of data origins
โข Vulnerable to injection attacks
โข Enterprise agents refuse to act
โ With Cryptographic Trust
โข Agents verify signatures before acting
โข Tamper-proof content guarantee
โข Full audit trail and provenance
โข Protection against malicious feeds
โข Enterprise-grade security compliance
๐ฏ Bottom Line: Agents need to trust your content before they'll act on it. Cryptographic signatures provide mathematical proof of authenticity and integrity.
Unsigned
No guarantee of authenticity
Signed
Cryptographic proof of origin
Certified
Third-party validation
Delegated
Authority-backed identity
Recommended Trust Levels by Use Case
๐ Documentation: Signed (traceability)
๐ API Credentials: Certified (mandatory)
๐ฅ Healthcare Data: Certified (compliance)
๐ฐ Financial APIs: Certified (regulations)
๐งช Personal Experiments: Delegated (friction-free)
๐ Public Content: Signed (authenticity)
Two keys, one purpose: prove authenticity without sharing secrets
Private Key (Secret)
โข Keep it secret: Never share, never expose
โข Used to sign: Creates digital signatures
โข Your identity: Proves you authored content
โข Secure storage: Hardware tokens, key vaults
Public Key (Shared)
โข Share freely: Public at /.well-known/public.pem
โข Used to verify: Validates signatures
โข Agent access: Agents fetch to verify feeds
โข Trust anchor: Mathematical proof of authenticity
๐ The Signature Workflow
1. Create Feed
Structure your .llmfeed.json
2. Sign
Use private key to sign
3. Publish
Serve feed + public key
4. Verify
Agents verify signature
The trust, signature, and certification blocks work together to provide cryptographic proof and third-party validation:
{
"feed_type": "export",
"metadata": {
"title": "API Documentation Export",
"origin": "https://myapi.com/docs",
"created_at": "2025-06-19T10:30:00Z"
},
"content": {
"documentation": "Complete API reference...",
"examples": [...]
},
"trust": {
"trust_level": "certified",
"scope": "full",
"signed_blocks": ["metadata", "content", "trust"],
"public_key_hint": "https://myapi.com/.well-known/public.pem"
},
"signature": {
"algorithm": "ed25519",
"value": "base64-signature-value...",
"created_at": "2025-06-19T10:30:00Z"
},
"certification": {
"certifier": "https://llmca.org",
"model": "identity_validation",
"verification_level": "enterprise",
"value": "base64-certification-value...",
"issued_at": "2025-06-19T10:30:00Z",
"expires_at": "2026-06-19T10:30:00Z"
}
}๐ Trust Block
โข trust_level: self-declared | certified | delegated
โข scope: partial | full
โข signed_blocks: what's cryptographically protected
โ๏ธ Signature Block
โข algorithm: ed25519 (recommended)
โข value: base64-encoded signature
โข created_at: signing timestamp
๐ Certification Block
โข certifier: trusted authority (LLMCA)
โข model: identity_validation
โข expires_at: certification validity
Not everyone can manage cryptographic keys. Delegated signing provides a bridge for individuals and small teams to participate in the trust ecosystem.
How Delegated Signing Works
1. Identity Challenge
Email, domain, or phone verification
2. LLMCA Signs
Authority key creates signature
3. Identity Linked
Signature tied to verified identity
4. Agent Trust
Lower trust, but still verifiable
โ Perfect For
โข Individual developers learning MCP
โข Small teams without PKI infrastructure
โข Experimental and prototype feeds
โข Educational and tutorial content
โข Open source community contributions
โ ๏ธ Limitations
โข Lower trust level than self-signing
โข Depends on LLMCA infrastructure
โข Not suitable for high-security scenarios
โข Enterprise agents may require full crypto
โข Limited to specific verification methods
{
"trust": {
"trust_level": "delegated",
"scope": "partial",
"signed_blocks": ["metadata"],
"delegation_method": "email_challenge",
"identity_verified": "developer@example.com",
"public_key_hint": "https://llmca.org/.well-known/llmca_authority.pem"
},
"signature": {
"algorithm": "ed25519",
"value": "base64-delegated-signature...",
"created_at": "2025-06-19T10:30:00Z",
"signed_by": "LLMCA Authority"
}
}๐ Try Delegated Signing
LLMCA provides a delegated signing service for easy onboarding to the trust ecosystem.
Different feed types have different security requirements based on their purpose and risk level.
๐ด High Security (Must Sign)
โข credential.llmfeed.json: API keys, tokens
โข agent-behavior-override: Behavioral modification
โข capabilities.llmfeed.json: Service capabilities
โข Financial/Healthcare data: Regulated content
๐ก Medium Security (Should Sign)
โข mcp.llmfeed.json: Main service discovery
โข export.llmfeed.json: Content exports
โข Bundle manifests: Archive integrity
โข API documentation: Technical specifications
๐ข Low Security (Optional)
โข llm-index.llmfeed.json: Feed directories
โข manifesto.llmfeed.json: Policy statements
โข Public documentation: General information
โข Marketing content: Public-facing material
๐ต Experimental (Flexible)
โข prompt.llmfeed.json: AI prompts & templates
โข session.llmfeed.json: Conversation exports
โข Prototype feeds: Development & testing
โข Personal projects: Individual experiments
๐ Beginner
โข Start with delegated signing
โข Email/domain verification
โข Perfect for learning & experimenting
๐ป Developer
โข Generate your own keys
โข Self-sign feeds locally
โข Full control over signing process
๐ข Enterprise
โข LLMCA certification program
โข Hardware security modules
โข Compliance & audit support
๐ ๏ธ Coming Soon: Enhanced Tooling
โข No-code signing: Visual interface for signatures
โข Key hosting: LLMCA public key hosting service
โข SDK improvements: One-line signing integration
โข Browser extension: Sign feeds from any page
โข CI/CD integration: Automated signing pipelines
โข Verification dashboard: Monitor trust status
๐ง Want early access? Contact opensource@wellknownmcp.org