What it is. BlindOracle issues and verifies portable agent-trust credentials:
a security audit (OWASP ASI01–10 + MITRE ATT&CK/ATLAS) becomes a W3C Verifiable
Credential signed eddsa-jcs-2022, independently verifiable against a published
did:web document with no shared secret. Any AP2/A2A agent can check a
counterparty's trustworthiness before transacting.
Why it fits AP2/A2A. AP2 settles payments between agents; the open question
before settlement is "should I trust this counterparty agent?" BlindOracle answers
that with a verifiable, portable credential — complementary to the payment rail, not
a competitor to it.
Live, machine-readable pointers
| Field |
Value |
| AgentCard |
https://craigmbrown.com/blindoracle/.well-known/agent-card.json |
| Issuer DID |
did:web:craigmbrown.com |
| DID document |
https://craigmbrown.com/.well-known/did.json |
| Skill id |
agent-trust-credential |
| Signature suite |
eddsa-jcs-2022 (W3C Data Integrity) |
| Settlement |
x402 micropayment per attestation |
| Scope |
offshore / cross-border only |
Verify it yourself (no shared secret):
# any did:web-signed W3C VC; returns {"valid": true, "resolution_method": "https"}
curl -A "Mozilla/5.0" https://craigmbrown.com/blindoracle/.well-known/agent-card.json | jq '.skills[].id'Differentiator. Each credential also carries an independently-checkable on-chain
rail (ProofOfAuditReport + Merkle commitment + optional Base/Nostr 3-witness anchor)
— provenance a fiat-locked rail can't offer offshore.
Honest scope. did:web is self-asserted (domain control), not third-party-rooted
PKI — a PASS is tamper-evidence + provenance. AP2 declared by URI; no formal AP2
conformance claim.
Describe the solution you'd like
Add BlindOracle (agent-trust verification / attestation provider) to the AP2 ecosystem because we complement AP2 — agents verify a counterparty's trust credential before they transact.
Describe alternatives you've considered
No response
Additional context
No response
Code of Conduct
What it is. BlindOracle issues and verifies portable agent-trust credentials:
a security audit (OWASP ASI01–10 + MITRE ATT&CK/ATLAS) becomes a W3C Verifiable
Credential signed
eddsa-jcs-2022, independently verifiable against a publisheddid:webdocument with no shared secret. Any AP2/A2A agent can check acounterparty's trustworthiness before transacting.
Why it fits AP2/A2A. AP2 settles payments between agents; the open question
before settlement is "should I trust this counterparty agent?" BlindOracle answers
that with a verifiable, portable credential — complementary to the payment rail, not
a competitor to it.
Live, machine-readable pointers
https://craigmbrown.com/blindoracle/.well-known/agent-card.jsondid:web:craigmbrown.comhttps://craigmbrown.com/.well-known/did.jsonagent-trust-credentialeddsa-jcs-2022(W3C Data Integrity)Verify it yourself (no shared secret):
Differentiator. Each credential also carries an independently-checkable on-chain
rail (
ProofOfAuditReport+ Merkle commitment + optional Base/Nostr 3-witness anchor)— provenance a fiat-locked rail can't offer offshore.
Honest scope.
did:webis self-asserted (domain control), not third-party-rootedPKI — a PASS is tamper-evidence + provenance. AP2 declared by URI; no formal AP2
conformance claim.
Describe the solution you'd like
Add BlindOracle (agent-trust verification / attestation provider) to the AP2 ecosystem because we complement AP2 — agents verify a counterparty's trust credential before they transact.
Describe alternatives you've considered
No response
Additional context
No response
Code of Conduct