Signed at commit time
Ed25519 envelopes bind actor, tool, and scope before merge. Keys never leave the machine.
pip install "matrixscroll==0.6.0"Agent Authorization Authority
Portable proof of who authorized which agent to act. Signed at the source, verifiable offline, without SSX360 in the trust path.
Notary, not watchtower
NHI inventories what exists. SSX360 produces the authorization record they don't: portable, offline-verifiable, yours to keep.
Before action
Sign declared actor, tool, scope, and changed surface before merge or tool drift is accepted.
Offline proof
Verify the record in CLI, browser, or CI with the same RFC 8032 bytes. No SaaS lookup required.
Governs agents, not people
We record what an autonomous agent was authorized to do and did. Never keystrokes or developer productivity.
Complements NHI
Keep your NHI inventory, vault, and ITDR stack. Add the authorization record they do not produce.
Enterprise trust infrastructure
Local signing, CI enforcement, offline verify. Keys never leave your machine.
Ed25519 envelopes bind actor, tool, and scope before merge. Keys never leave the machine.
pip install "matrixscroll==0.6.0"Block unsigned or tampered agent activity in CI — warn-mode first, then enforce.
ssx360 check --hostedExport ssx360.evidence-pack.v1 JSON. Auditors verify years later with no vendor in the loop.
ssx360 evidence exportDefense against rug-pull attacks
Snapshot at approval. One changed character trips verification before the agent runs.
Approve a tool
Matrix Scroll takes a cryptographic snapshot of the tool definition at authorization time.
Quiet edit
Someone changes the tool description — the classic rug-pull / tool-poisoning path.
Verification fails loudly
One changed character trips the hash. Drift exits with code 2 and fails CI — the agent never runs the altered tool.
pip install "matrixscroll==0.6.0"Built to scale
Developer laptops, USB-C hardware keys, GitHub / GitLab on protected branches. Signing stays local.
Fleet enrollment, identity, policy engine, audit logging — the control plane, not the trust path.
Prometheus, Grafana, SIEM export. Evidence remains offline-verifiable without SSX360 in the loop.
Active R&D
Software signing ships today. Hardware and post-quantum paths are in validation.
Transitioning from software-emulated keys to on-device NXP SE050 root-of-trust signing. Bench-validated PoC (Jul 2026) — firmware validation / pilot, not GA.
Optional FIPS 204/205 (ML-DSA / SLH-DSA) for software signers — future-proof agent signatures while hardware remains Ed25519.
Direct SIEM logs and compliance dashboarding for fleet health, revocation, and incident response.
Actively building toward audit windows targeted Q3–Q4 2026. Readiness and alignment language only — never “SOC 2 certified.”
Authorization Pilot
Scoped engagement for teams running agents in payments, credit, AML, or KYC. Scroll Gate, MCP baselines, evidence export — we fit it to your environment.
Repo contents never leave your machine — see exactly what's hosted →
They receipt the model call. We receipt everything the machine does.