TL;DR
I built a tiny API that lets your AI agent cryptographically sign every output with Ed25519, so anyone can verify "yes, this came from agent X at time Y, unmodified" — without trusting you, me, or any platform. Public verify endpoint, free 20 signs/month, no SDK. Try it on RapidAPI.
The "did AI write this?" arms race is the wrong question
Every week another startup launches an "AI detector". Every week another paper shows they're 60% accurate at best, and they flag human writing as AI all the time.
The whole approach is backwards. You can't reliably reverse-engineer authorship from text alone — the signal just isn't there once the words are on the page.
But you can solve the inverse: let the author prove authorship at the moment of generation. That's what cryptographic signatures have done for code (sigstore), for emails (DKIM), for software updates (Ed25519 everywhere) for years.
So I built it for AI output.
Ghost Signature
Three endpoints. That's the whole API.
-
POST /sign→ sign a piece of content (private, your key) -
GET /verify→ verify a signature (public, anyone) -
GET /jwks→ published public keys (rotation-aware)
Your agent signs at generation time. Anyone — recipient, journalist, fact-checker, downstream model — hits /verify and gets a yes/no with the signing agent's ID and timestamp. No login required to verify.
Signing in 2 lines
import requests
sig = requests.post(
"https://ghostsignature.p.rapidapi.com/sign",
headers={"X-RapidAPI-Key": "YOUR_KEY"},
json={"agent_id": "research-bot-1", "content": output_text}
).json()
# attach sig["signature"] + sig["kid"] to your output
Response:
{
"agent_id": "research-bot-1",
"kid": "rb1-2026-05",
"signature": "MEUCIQDx...",
"signed_at": "2026-05-12T08:14:00Z",
"alg": "Ed25519"
}
Attach the three fields to your message — in metadata, a footer, an HTTP header, wherever.
Verifying from anywhere (no auth)
curl "https://ghostsignature.p.rapidapi.com/verify?\
agent_id=research-bot-1&\
kid=rb1-2026-05&\
signature=MEUCIQDx...&\
content=..."
Response:
{
"valid": true,
"agent_id": "research-bot-1",
"signed_at": "2026-05-12T08:14:00Z",
"revoked": false
}
If anyone changed a single character → valid: false. If you rotated keys and revoked the old one → revoked: true with the original signing time still intact (soft revocation — old signatures stay verifiable as historical, just flagged).
Why Ed25519 + JWKS + soft revocation
- Ed25519 — fast, small signatures (64 bytes), no parameter footguns like ECDSA. Same scheme SSH and Signal use.
-
JWKS with
kid— your agent can rotate keys monthly without breaking old signatures. Each signature carries thekidthat signed it; verifier looks up the right public key automatically. - Soft revocation — when a key is compromised, you mark it revoked but old signatures still verify as historical. You don't lose the audit trail; you just flag everything signed after the suspected breach.
What it's actually good for
- AI-generated journalism / reports — readers can verify "this paragraph came from our verified research agent, not edited"
- Agent-to-agent trust — downstream agent verifies upstream agent's output before acting on it
- Audit logs — sign every decision your agent makes, keep an immutable provenance trail
- Disclosure compliance — EU AI Act + similar regs are heading toward "label AI output". A signature is the strongest possible label.
It does not stop someone from copy-pasting your text and removing the signature. That's the point — absence of signature means "unverified", presence means "provably from this agent". Same trust model as PGP-signed emails.
Pricing
- Free — 20 signs/month (verify is always free + public)
- PRO — $29/month, 50,000 signs
- ULTRA — $99/month, 250,000 signs
All hard-limited. No surprise bills.
Try Ghost Signature on RapidAPI
Built solo as part of a 5-API micro-SaaS family (fyrnity.com/tools). Feedback welcome — especially from people running agents in production who've thought about provenance.
Top comments (0)