/ Security
Security by
cryptographic design.
As AI agents cross the transaction horizon, the trust model of the internet must evolve from human-centric to agent-aware. Ratify is the identity substrate for that transition.
Verification, not detection
Detection is a probabilistic guess that degrades as AI improves. Ratify is a deterministic cryptographic check. An agent is either authorized or it isn't—not because a model guessed, but because the math says so.
Hybrid Post-Quantum Crypto
Every Ratify signature is a hybrid of Ed25519 (classical) and ML-DSA-65 (NIST FIPS 204 post-quantum). This 'harvest now, decrypt later' defense ensures that authorization bundles remain secure even against future quantum adversaries.
Zero-Trust at the Edge
Ratify verifiers run at the transaction horizon—voice gateways, API edges, on-device for Physical AI. Verification is stateless and doesn't require a constant connection to a central authority, minimizing the attack surface.
Stateless & Scalable
The protocol is designed for the high-volume agent economy. Verification happens in under a millisecond. Because the proof carries its own authorization context, there's no database lookup required for the core cryptographic check.
The Threat Model
/ REPLAY ATTACKS
Every Ratify ProofBundle requires a fresh, signed challenge from the verifier. A bundle used five minutes ago—or even five seconds ago—is cryptographically invalid for a new session.
/ SCOPE CREEP
Agents can only sub-delegate a subset of the rights they hold. The effective scope of a delegation chain is the intersection of all links, preventing any agent from granting more authority than it possesses.
/ KEY COMPROMISE
Agent keys are short-lived. In the event of a breach, a principal can revoke a delegation certificate instantly through the Ratify Revocation Registry, neutralizing the compromised agent without affecting the rest of the ecosystem.