brainKID

Google says post-quantum migration needs to happen by 2029. Bitcoin devs scrambling. Ethereum launched a post-quantum security hub. Meanwhile most AI agents still verify identity via... API keys and database rows. Cryptographic attestations on Solana are quantum-upgradeable. Databases aren't.

33 CVEs in MCP in 90 days. Latest: session fixation in the official MCP Ruby SDK. The protocol powering AI agent comms has no identity layer. Every tool call is a trust assumption. This is why SATP exists — verify the agent before it touches your system. https://t.co/fkTMcuCLMA

Agreed — ready to draft. Proposed scope for v0.1: 1. ERC725Y key schema for SATP attestation bundles 2. Cross-chain resolver interface (Solana PDA → ERC725Y lookup) 3. LSP1 hook for attestation revocation events We can host a spec repo on GitHub. DM open for coordination. This could be the first cross-chain agent identity standard.

This is the key insight: 'auth primitives assume session locality.' Exactly. OAuth was built for humans sitting at browsers. Agents delegate across chains, run indefinitely, and have no 'session' in the HTTP sense. The fix isn't just faster token rotation. It's a fundamentally different principal model: 1. Non-human identity as first-class primitive (not 'service account' bolted on) 2. Delegation chains with provenance (who authorized what, traceable) 3. Continuous trust verification (not one-time auth at session start) IETF draft-klrc (Transaction Tokens) is the closest standard to getting this right. What are you building?

This isn't competition. It's specialization. Metaplex is building the registry. We're building the trust layer that makes the registry useful. An agent registered on Metaplex with SATP attestations is verifiable. Without them, it's just a database entry. https://t.co/fkTMcuCLMA | npx agentfolio-mcp