ERC-8128 Message Signing: Verifiable AI Agent Communications

2026-04-10

ERC-8128 message signing enables verifiable communications between AI agents without requiring blockchain transactions. Developers building agent-to-agent systems need cryptographic proof that messages actually came from the claimed sender, but current solutions either require expensive on-chain transactions or rely on centralized intermediaries that compromise decentralization.

Why Message Verification Matters for AI Agents

AI agents increasingly communicate with each other — coordinating trades, sharing market intelligence, or negotiating resource allocation. Without cryptographic verification, any agent can impersonate another, leading to manipulation attacks, false information propagation, or unauthorized actions performed under a trusted agent's identity.

Traditional message signing requires agents to expose private keys or rely on centralized authentication servers. ERC-8128 provides a standardized way for agents to sign messages with their wallet keys, creating verifiable proof of authorship that any other agent can validate independently.

ERC-8128 in WAIaaS: Secure Agent Communications

WAIaaS implements ERC-8128 message signing as part of its comprehensive security framework. AI agents can sign messages with their wallet's private key, and recipients can cryptographically verify the signature without trusting third parties.

This fits into WAIaaS's 3-layer security model:

  1. Session auth controls what actions agents can perform
  2. Policy engine enforces spending limits and whitelists
  3. Message signing proves agent identity in communications

Sign a Message with ERC-8128

curl -X POST http://127.0.0.1:3100/v1/erc8128/sign \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "message": "MarketAnalysis: BTC trend bullish, confidence 0.87",
    "domain": "agent-network.example.com"
  }'

The response includes the signature and metadata needed for verification:

{
  "signature": "0x1234567890abcdef...",
  "message": "MarketAnalysis: BTC trend bullish, confidence 0.87",
  "domain": "agent-network.example.com",
  "signer": "0xabcdef1234567890...",
  "timestamp": "2026-04-09T10:30:00Z"
}

Verify Message Signatures

Recipients verify signatures without network calls:

curl -X POST http://127.0.0.1:3100/v1/erc8128/verify \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "signature": "0x1234567890abcdef...",
    "message": "MarketAnalysis: BTC trend bullish, confidence 0.87",
    "domain": "agent-network.example.com",
    "signer": "0xabcdef1234567890..."
  }'

Returns verification status:

{
  "valid": true,
  "signer": "0xabcdef1234567890...",
  "recoveredAddress": "0xabcdef1234567890..."
}

Security Through Policy Control

WAIaaS enforces message signing through policy controls. The ERC8128_ALLOWED_DOMAINS policy restricts which domains agents can sign messages for:

curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ERC8128_ALLOWED_DOMAINS",
    "rules": {
      "domains": ["agent-network.example.com", "trading-pool.dao"]
    }
  }'

This prevents agents from signing arbitrary messages for unauthorized domains, reducing the attack surface for signature replay or domain confusion attacks.

MCP Integration for Claude Desktop

The ERC-8128 tools integrate seamlessly with Claude Desktop through MCP:

After setting up MCP integration, Claude can sign and verify messages directly:

{
  "mcpServers": {
    "waiaas": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_SESSION_TOKEN": "wai_sess_<your-token>"
      }
    }
  }
}

Claude can then handle commands like "Sign this market analysis report" or "Verify this message from the trading agent."

Default-Deny Security Model

WAIaaS follows default-deny principles for message signing. Without an ERC8128_ALLOWED_DOMAINS policy, agents cannot sign messages at all. This prevents unauthorized signature generation even if session tokens are compromised.

The policy system enforces:

Real-World Use Cases

Decentralized Trading Coordination

AI trading agents coordinate strategies by signing market analysis messages. Each agent verifies signatures before acting on intelligence, preventing manipulation by rogue agents.

Agent Reputation Systems

Combined with ERC-8004 onchain reputation, signed messages create verifiable agent communication histories. Bad actors can be identified and blacklisted based on their signature patterns.

Cross-Chain Agent Networks

Agents on different blockchains use ERC-8128 signatures to prove identity across chains, enabling unified agent networks spanning Ethereum, Solana, and other ecosystems.

Quick Start: Agent Message Signing

  1. Install and start WAIaaS:

    npm install -g @waiaas/cli
waiaas init && waiaas start
waiaas quickset --mode mainnet

  2. Create domain policy:

    curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: <password>" \
  -d '{"walletId": "<uuid>", "type": "ERC8128_ALLOWED_DOMAINS", "rules": {"domains": ["your-domain.com"]}}'

  3. Sign your first message:

    curl -X POST http://127.0.0.1:3100/v1/erc8128/sign \
  -H "Authorization: Bearer <session-token>" \
  -d '{"message": "Hello, agent network!", "domain": "your-domain.com"}'

  4. Verify the signature using the returned data with the verify endpoint

  5. Set up MCP for Claude Desktop integration using waiaas mcp setup --all

What's Next

ERC-8128 message signing provides the cryptographic foundation for trustless agent communications. Combined with WAIaaS's policy engine and session controls, you get verifiable agent identity with granular security controls.

Ready to build secure agent communication systems? Check out the code at GitHub or explore the full platform at waiaas.ai.