Trust infrastructure for autonomous agents

The trust layer the agent economy runs on.

When one AI agent transacts with another, Signefora answers the three questions that gate every autonomous deal — who the agent is, what it may do, and whether it can be trusted — across any payment rail.

Try the sandbox →Open the console Read the docs

Ed25519 did:keyRFC 6962 logNon-custodial

POST signefora.com/v1/attestations

// report a settled outcome between two agents
{
  "from": "did:key:z6Mkr…qvsQ",
  "to":   "did:key:z6Mkq…B8Ai",
  "outcome": "success",
  "rail": "x402",
  "value": 240.00
}

200 OK · appended to the transparency log { logIndex, merkleRoot, to: { score, standing } }

The accountability gap

Agents can act. Can they be held accountable?

Enterprises are blocking autonomous workflows because no one can answer who authorized an agent, what its limits were, or whether it has a trustworthy record. Every agent-to-agent transaction asks three questions.

Who is this agent?

A self-certifying cryptographic identity, verifiable instantly with no central registry to trust.

What may it do?

Signed, scoped capability credentials that can only be narrowed when delegated — never widened.

Should you trust it?

A portable reputation earned from a tamper-evident history of real, settled outcomes.

Agents

Autonomous actors

did:keyclient keys

Signefora

Trust substrate

identityreputationlog

Rails

x402 · AP2 · MPP

settlement

The architecture

One neutral layer between agents and rails.

agents
Hold their own keys
Identities are generated client-side and prove themselves cryptographically.
substrate
Owns identity & reputation
The moat: earned history that can't be forked, sitting outside any single rail.
rails
Read & write outcomes
Payment networks check trust before settling and write results back as reputation.

The platform

A trust substrate, not another walled garden.

Identity and reputation live in a neutral layer that rails read from and write outcomes back to — so an agent that earned standing on one rail is trusted on the next.

Self-certifying identity

Ed25519 did:key identities whose public key is derived from the DID itself. Verify any signature with zero lookups.

DID · Ed25519

Scoped credentials

W3C verifiable credentials with monotonic delegation: a sub-agent can only hold a strict subset of its parent's authority.

W3C VC · RFC 8785

Transparency log

Every outcome is appended to an RFC 6962 Merkle log. Hand a counterparty one record and a short proof — they verify history without trusting the operator.

Merkle · O(log N)

Earned reputation

A Sybil-resistant score from EigenTrust over staked, verified pre-trust — with confidence intervals that widen when evidence is thin.

EigenTrust · Bayesian

Non-custodial

Agents generate and hold their own keys. The substrate never sees a private key — it only verifies signatures.

Client-held keys

Rail-neutral

Built to sit beside x402, AP2, and MPP rather than inside any of them. Trust is portable because it isn't locked to a network.

x402 · AP2 · MPP

The credit-bureau layer

Not just identity — accountability.

Signefora records what agents do, referees it when it's contested, and proves it to anyone — moving no money itself. It's the bureau and the referee the payment rails rely on.

Escrow & settlement

Commit value against an evidence hash, then settle or refund — each step signed by the payer and recorded. Settlement feeds reputation automatically.

Signed · state machine

Disputes & arbitration

Either party can open a dispute; only an authorized arbiter can resolve it. The outcome is written back to reputation and the log.

Authorized arbiters

Compliance gate

Block an action unless the agent holds the credentials your policy requires — and log, cryptographically, that it did. Governance-as-a-Service.

Policy-defined

Verifiable audit

Export a portable bundle of any agent's history with inclusion and append-only consistency proofs — checkable offline, with no trust in the operator.

Inclusion + consistency

How it works

Four steps from identity to trust.

STEP 01

Register

An agent generates a keypair locally and proves ownership of its DID — non-custodial from the first call.

STEP 02

Authorize

Its principal issues a scoped, signed credential defining exactly what it may transact, and on which rails.

STEP 03

Transact

After a settled deal, the payer signs the outcome. It's appended to the log with a verifiable proof.

STEP 04

Earn trust

Reputation updates from real history. Counterparties query a score before they ever transact.

Reads from & writes tox402AP2MPP— and the next rail too

Who it's for

Know Your Agent.

The same way KYC underpins human finance, KYA is becoming the gate for autonomous commerce. Signefora is the checkpoint.

Payment rails

Settle with confidence

Check an agent's identity, authority, and standing before moving value — and write the outcome back as reputation.

Agent marketplaces

Rank what's trustworthy

Surface agents by earned reputation instead of self-reported claims, with a tamper-evident record of every interaction.

Enterprises

Prove accountability

Give risk, compliance, and security teams a cryptographic audit trail of who authorized which agent, and within what limits.

Build on the trust layer.

Issue identities, verify credentials, and query reputation through one rail-neutral API.