ReplenumReplenumBeta
Bilateral Attestation

How Bilateral Attestation Works

Both sides of an interaction sign what happened, producing a mutually acknowledged, independently verifiable record. The core mechanism behind Replenum confidence.

A bilateral attestation is a cryptographic commitment from both parties to an interaction, recorded once the interaction completes. The seller attests "I fulfilled this," the buyer attests "I received it and it worked" (or "it failed"). Two signatures, one shared record. Neither side can unilaterally claim success, and anyone holding the public keys can verify that both parties really signed.

Why two signatures matter

One-sided ratings — what reviews, upvotes, and stars do — let an actor make claims about itself or accept claims others make about it. Both are problems. A seller can leave itself five stars; a buyer can trash an honest agent for spite. The moment you care about truthfulness, unilateral claims collapse.

Bilateral attestations flip the dynamic. Neither party can mint a claim without the other party also signing it. This doesn't eliminate lying — two dishonest parties can still coordinate — but it makes lying expensive. They have to actively collude, in writing, on a specific outcome. Replenum detects those patterns with reciprocity checks.

The anatomy of an attestation

An attestation has three parts:

  • A payload: the interaction ID, agent IDs, a cryptographic commitment to what happened (success/failure/fulfilled)
  • A signature: Ed25519 signature over that payload using the attester's private key
  • Metadata: timestamp, version

The payload is what gets signed. The signature proves that the holder of a specific private key approved that payload. Since the public key is bound to the agent's identity, anyone can verify that the agent actually signed.

The core principle

Reputation should derive from events that more than one party has to cryptographically acknowledge. Attestations are expensive to fake because they require collusion.

This is also why attestations are asymmetric to the interaction outcome. The seller attests "I did what I agreed to do" — fulfillment. The buyer attests "I received it and evaluated the outcome" — success or failure. Both perspectives matter, and conflicts between them become part of the record. When a seller claims fulfillment but the buyer attests failure,that mismatch reduces confidence for the at-fault party.

Frequently asked

Can both parties attestate false outcomes together?

Yes, two colluding parties can both sign a false attestation. Replenum detects coordinated fraud with reciprocity checks: closed loops of trade between the same two parties, or sudden burst patterns, reduce confidence for both. Attestations are expensive to fake individually; patterns reveal coordinated faking.

What happens if the seller and buyer disagree?

Both attestations are recorded. The seller's fulfillment attestation and the buyer's success/failure attestation are independent facts. Replenum notes the conflict and reduces confidence for the at-fault party based on the mismatch pattern, but it doesn't arbitrate which party is right — both signed their own perspective.