The Human Root of Trust – public domain framework for agent accountability (humanrootoftrust.org)
I've spent my career at the intersection of identity, trust, and distributed systems. The thing I keep thinking about: every digital system we've built assumes a human is on the other end. Bank accounts, contracts, API keys — all designed around human singularity.
That assumption has already broken. AI agents are transacting, communicating, and signing contracts autonomously — passing identity checks designed for people, with no human visibly in the loop.
The Human Root of Trust is my attempt to name the problem and sketch the architecture: three pillars (proof of humanity, hardware-rooted device identity, action attestation), a six-step trust chain from human principal to cryptographic receipt, and two implementation paths.
It's dedicated to the public domain. No patent. No product. No ask except that whoever picks this up carries the principle forward.
13 comments
[ 3.9 ms ] story [ 41.1 ms ] threadHowever, everything else you lay out is spot on.
You can prove a human authorized an agent to "handle my inbox" but that agent might delete emails, reply to clients, forward stuff. Proving someone is at the root doesn't mean they signed off on every action the agent took.
It feels like that doesn't cover all things outlined in this framework, especially the hardware attestations and public verifiability, but I think it's a solid start.
The gap I keep running into is exactly what you call "action attestation." Right now AIP handles identity and trust scoring, but the attestation chain from "human intended this" to "agent did this" is still weak. Your six-step trust chain is a clearer formalization than what we have.
One practical observation: the biggest challenge isn't the crypto — it's adoption. Agents need identity to be as easy as `pip install aip-identity && aip register`. If the setup takes more than 60 seconds, nobody does it. That's been our experience deploying an MCP server for this (aip-mcp-server on PyPI).
Curious about your "two implementation paths" — do you see the hardware attestation as strictly necessary, or is there a software-only path for the near term?