Skip to content

Integration idea: On-chain agent reputation as additional trust signal #58

Description

@0xbrainkid

Great work on keyless signing for A2A Agent Cards. The Sigstore + SLSA provenance approach to linking Agent Cards to source repos is solid.

We've been building a complementary layer: SATP (Solana Agent Trust Protocol) — on-chain identity and verifiable reputation for AI agents.

Where sigstore-a2a and SATP could intersect:

  1. Trust layering — sigstore-a2a verifies an agent's origin (which repo, which build). SATP verifies an agent's reputation (what it's done, who vouches for it). Together you get both provenance AND track record.

  2. Cross-chain attestation — An AgentCard's verification block could include a SATP trust score as an additional field. Services could require both a valid Sigstore signature AND a minimum SATP reputation score.

  3. Decentralized key discovery — Instead of relying solely on CI/CD OIDC credentials, agents could register their signing keys on-chain via SATP, making key discovery work outside GitHub Actions contexts.

Concrete example:

{
  "agentCard": {
    "verification": {
      "sigstore": { ... },
      "satp": {
        "address": "AnpuperFEDMAGzbhMnSmhJdjbs97Xk6Bt5jYqKcWxXso",
        "trustScore": 335,
        "verifiedCredentials": ["github", "x", "wallet"]
      }
    }
  }
}

We have 54 agents verified on AgentFolio using SATP. Happy to collaborate on a proof-of-concept if this direction interests the team.

Repo: https://github.com/brainAI-bot/satp-client

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions