{"slug": "matrix-scroll-sign-ai-generated-code-changes-with-ed25519-verify-offline", "title": "Matrix Scroll – sign AI-generated code changes with Ed25519, verify offline", "summary": "Matrix Scroll, an open protocol for signing AI-generated code changes, has been released. It uses Ed25519 cryptographic signatures to verify code provenance offline, with a reference implementation in Python and planned hardware support via NXP SE050 secure elements. The protocol aims to provide a software root of trust for AI-assisted development workflows.", "body_md": "**Open protocol for signed AI-assisted code provenance.**\n\nEvery AI-generated change in your IDE can be cryptographically signed by an Ed25519 identity and verified offline with a public key and one command. The v0.1.x reference implementation ships a well-tested software root of trust; SSX360/NXP SE050 hardware signing is the compatible reference-device path in progress.\n\n- 📜\n**Spec:**— wire format, canonical encoding, schemas.`SPEC.md`\n\n- 🛡\n**Agentic AI controls:** maps Matrix Scroll to the joint`docs/AGENTIC_AI_SECURITY.md`\n\n*Careful Adoption of Agentic AI Services*guidance. - 🔐\n**Algorithm:** Ed25519 (RFC 8032). Private keys are never exposed by the SDK API. - 🧪\n**Conformance vectors:**— for non-Python implementations.`vectors/`\n\n- 🌐\n**Site:**[https://matrixscroll.com](https://matrixscroll.com) - 🔧\n**Reference device:**[SSX360](https://matrixscroll.com/device)(NXP SE050 hardware path in progress).\n\n```\npip install matrixscroll\npython\nimport matrixscroll\n\n# What identity is active on this machine?\nprint(matrixscroll.status())\n# {'schema': 'matrixscroll.identity.v1', 'available': True,\n#  'mode': 'emulated', 'device_id': 'MS-A3F2-9C81', ...}\n\n# Sign anything (a release manifest, a commit envelope, a SBOM, an evidence pack)\nsigned = matrixscroll.sign_manifest({\"release\": \"v1.0.0\", \"artifacts\": [...]})\n\n# Verify, anywhere, offline\nassert matrixscroll.verify_manifest(signed)\nbash\n$ matrixscroll status\n{\n  \"available\": true,\n  \"device_id\": \"MS-A3F2-9C81\",\n  \"mode\": \"emulated\",\n  \"public_key\": \"...\",\n  \"schema\": \"matrixscroll.identity.v1\"\n}\n\n$ matrixscroll sign release.json > release.signed.json\n$ matrixscroll verify release.signed.json\n{\"device_id\": \"MS-A3F2-9C81\", \"mode\": \"emulated\", \"ok\": true, \"signed_at\": \"...\"}\n```\n\n`matrixscroll verify`\n\nexits **0** on a valid signature, **2** on any failure\n(tampered manifest, missing signature block, wrong schema/algorithm, mismatched\ndevice id, malformed public key, unreadable file). Pipe it from CI without\nparsing the output.\n\n```\n   your IDE / agent / CI\n            │\n            │  manifest (release, commit, evidence pack, SBOM, anything)\n            ▼\n   matrixscroll.sign_manifest(...)\n            │\n            │  canonical JSON  (sorted keys, ASCII-escaped, no NaN,\n            │                   signature block excluded from input)\n            ▼\n   IdentityProvider          ──►  Ed25519 signature\n   (Emulated today,\n    SSX360 / SE050 tomorrow)\n            │\n            ▼\n   signed manifest  ──►  matrixscroll.verify_manifest(...)\n                         (anyone, anywhere, offline)\n```\n\nThe same Python API is designed to serve the local software emulator and the\nphysical SSX360 device path. Switch with the `MATRIXSCROLL_MODE`\n\nenvironment\nvariable; in v0.1.x, `hardware`\n\nmode reports unavailable until the SE050\ntransport ships.\n\n| Level | Provider | Backed by | Status |\n|---|---|---|---|\nL1 Emulated |\n`EmulatedProvider` |\nSoftware key, file-backed (0600) | ✅ Shipping |\nL2 Hardware |\n`HardwareProvider` |\nNXP SE050 secure element (SSX360) | 🛠 Stage-0 prototype |\nL3 Attested |\nfuture | L2 + remote attestation | 🗺 Roadmap |\n\n`status()`\n\nexposes the active level via the `mode`\n\nand `available`\n\nfields so\nread-only dashboards can render before the hardware path is wired.\n\n- Emulated key store:\n`~/.matrixscroll/device.json`\n\n(override with`MATRIXSCROLL_HOME`\n\n). - The directory is created\n`0700`\n\n; the seed file is opened`0600`\n\nwith`O_CREAT|O_EXCL`\n\nso the private seed is never momentarily world-readable and a race cannot silently clobber an existing key store. - A corrupt or truncated store\n**fails loud**(`IdentityError`\n\n) rather than silently minting a fresh identity. Identity rotation is an explicit operation. - The planned hardware path holds nothing private on disk — the seed is sealed in the secure element. In v0.1.x, this path is a typed availability stub.\n\nMatrix Scroll is a protocol. This Python package is the reference. We welcome\nimplementations in Rust, Go, TypeScript, and embedded C — run them against\n[ vectors/](/SSX360/matrixscroll/blob/main/vectors) to self-certify. See\n\n`CONTRIBUTING.md`\n\n.The repo includes a machine-readable control matrix at\n[ controls/agentic_ai_controls.json](/SSX360/matrixscroll/blob/main/controls/agentic_ai_controls.json), an\nexample bounded-agent evidence manifest at\n\n[, and executable checks in](/SSX360/matrixscroll/blob/main/examples/agentic_ai_evidence_manifest.json)\n\n`examples/agentic_ai_evidence_manifest.json`\n\n`tests/test_agentic_guidance.py`\n\n. These prove each\nclaim maps to repo evidence and that signed agent scope changes fail verify.- Code:\n**Apache-2.0**(`LICENSE`\n\n). - Specification text (\n`SPEC.md`\n\n,`vectors/`\n\n):**CC0 1.0**— public domain.\n\nSee [ SECURITY.md](/SSX360/matrixscroll/blob/main/SECURITY.md). Report vulnerabilities privately to\n\n**or via a GitHub Security Advisory.**", "url": "https://wpnews.pro/news/matrix-scroll-sign-ai-generated-code-changes-with-ed25519-verify-offline", "canonical_source": "https://github.com/SSX360/matrixscroll", "published_at": "2026-06-19 13:23:33+00:00", "updated_at": "2026-06-19 13:37:22.763380+00:00", "lang": "en", "topics": ["ai-safety", "developer-tools", "ai-tools"], "entities": ["Matrix Scroll", "Ed25519", "SSX360", "NXP SE050", "Python"], "alternates": {"html": "https://wpnews.pro/news/matrix-scroll-sign-ai-generated-code-changes-with-ed25519-verify-offline", "markdown": "https://wpnews.pro/news/matrix-scroll-sign-ai-generated-code-changes-with-ed25519-verify-offline.md", "text": "https://wpnews.pro/news/matrix-scroll-sign-ai-generated-code-changes-with-ed25519-verify-offline.txt", "jsonld": "https://wpnews.pro/news/matrix-scroll-sign-ai-generated-code-changes-with-ed25519-verify-offline.jsonld"}}