What question did this study set out to answer?

The central aim is to clarify the significance of substrate choices in AI agent attestation processes.

May 20, 2026Open Access

What "Self-Attestation" Actually Proves: Substrate Choices for AI Agent Attestation

Key Points

The central aim is to clarify the significance of substrate choices in AI agent attestation processes.
Developed four arguments regarding the importance of substrate selection in AI attestation.
Analyzed the features of four substrates: none, key-rooted, TEE-rooted, and composite.
Discussed compliance and governance issues related to AI agent evidence packages.
Key-rooted self-attestation provides a ten-year audit horizon, enhancing regulatory compliance.
TEEs may be used alongside key-rooted self-attestation for stronger deployment checks.
The paper argues that while cryptographic methods are vital, they aren't enough for comprehensive governance.

Abstract

What does "self-attestation" actually prove? This short paper argues that the phrase is empty without a substrate, and that the four substrates available — none, key-rooted, TEE-rooted, composite — trade off audit durability, runtime honesty, third-party trust, and deployability so differently that the choice has to be made deliberately rather than absorbed from whichever tooling happens to be on the slide deck. The paper develops four arguments. First, that the substrate question is the first design decision in any AI-agent-attestation project, not the seventeenth. Second, that EATF (an open specification for AI agent evidence packages, maintained by Tyche Institute) picked key-rooted because of a ten-year audit horizon, regulatory-fit deployment surfaces, a deliberate refusal to put a third party in the verification path, and graceful degradation under compromise — the four constraints that pushed the substrate choice. Third, that key-rooted self-attestation and TEE-attested runtime are orthogonal layers, not competing approaches; the regulated-AI default should be a key-rooted envelope that any verifier can check offline, with TEE attestation as deployment-side strengthening for operators who can sustain it. Fourth, that cryptographic substrate is necessary but never sufficient for evidence-based AI governance — fairness, pedagogical validity, conformity to sectoral regulation, manipulation absence in agent reasoning, all remain at a layer no substrate touches. The paper is a companion to two earlier Zenodo deposits in the same line: the On the Crossroads essay on marketplace-vs-distributed-trust (DOI 10.5281/zenodo.20257933) and the Mapping paper on operationalising the EU AI Act through eIDAS primitives (DOI 10.5281/zenodo.20257971). The substrate question was surfaced by external review of EATF in GitHub issue tyche-institute/eatf#1; this paper is the response to that review's first question, written in long form because the answer turned out to be more substantive than a comment could carry. Tyche Institute is a research entity, not a trust service provider under eIDAS Article 3(16); the paper does not certify legal compliance for any specific deployment. EATF agent attestations are technical self-attestations and do not constitute Qualified Electronic Attestations of Attributes (QEAA) under eIDAS Article 3(45).

Read Full Paperexternally

Mark Helpful

Bookmark

Relay

View Full Paper