Every standard signature scheme enforces one property: only the key holdercan sign. What the key holder signs is unconstrained. Policy enforcement-- spending limits, rate limits, access control -- lives in smartcontracts, middleware, or governance: layers that can be upgraded,bypassed, or exploited. We call this the software-layer assumption:compliance holds only if the enforcing code is correct and unmodified. We eliminate this assumption. We introduce behavior-bound signatures(BBS), in which a policy constraint delta(x) < epsilon is committed atkey generation and enforced inside the signature's zero-knowledge proof.If the action violates the policy, the ZK constraint system isunsatisfiable -- no witness, no proof, no signature. This is not asoftware check. It is a mathematical impossibility. No software canoverride. Unlike policy-based signatures (where an authority imposes policy onsigners), BBS is self-committed: the signer binds their own futurebehavior at key generation, and even the signer cannot later violate orrevoke this commitment. We formalize this as policy-soundness (PS-CMA), a security modelstrictly stronger than EUF-CMA, and prove it under standard assumptions(Pedersen binding, Poseidon CR, ZK knowledge soundness). From thissingle primitive, five independent consequences follow -- not as separatedesigns, but as necessary implications of one cryptographic root: (A) Compliance safety under f <= n-1 Byzantine faults, decoupled from honest-quorum assumptions.(B) O(1) verification and audit via a single ZK check and Pedersen homomorphic aggregation.(C) Elimination of the virtual-machine execution layer for policy-constrained transactions.(D) A gasless ledger: branch C removes metering, while ZK-encoded rate limits make spam mathematically nonexistent.(E) The first cryptographic guarantee that a compromised autonomous AI agent cannot exceed its authorized behavioral envelope. Moreover, the zero-knowledge property ensures that complianceverification reveals neither the signer's identity nor the transactionparameters -- achieving regulatory compliance without identitydisclosure, complementary to existing ZK-KYC frameworks that verifystatic identity attributes.
Y.Y.N. Li (Sat,) studied this question.