What “verified AI” actually means — and what it doesn’t
A cryptographic signature on an AI answer proves where it came from and that it wasn’t changed — not that it’s true.
A screenshot proves nothing
An AI answer is just text. Text can be edited, regenerated with a different prompt, or fabricated wholesale — and a screenshot of it is trivial to fake in seconds. If someone shows you “what the AI said,” you have no way, from the screenshot alone, to know the model ever said it.
This is the gap “verified AI” is meant to close. Not by asking you to trust a vendor’s claim, but by attaching cryptographic evidence to the answer that anyone can check independently.
What a signature actually proves
When an answer is signed, two specific properties become checkable. ORIGIN: this exact text was produced by this system and no other. INTEGRITY: it has not been altered by so much as a character since it was signed — change one word and the signature fails.
Crucially, you don’t have to trust the system to check this. The signature verifies against a public key the system publishes; the math runs in your own browser, offline, with no call back to the vendor. That’s the difference between “trust us” and “check it yourself.”
What it does NOT prove
Verification is about provenance, not truth. A signed answer can still be wrong — confidently, fluently wrong. The signature attests that the answer genuinely came from the system and wasn’t tampered with; it makes no claim about the answer’s factual accuracy.
This distinction matters. “Verified” is not a badge of correctness — it’s a badge of authenticity and integrity. Treat it the way you treat a signed contract: you know who wrote it and that it wasn’t altered, which is exactly what you need to hold someone to it — but the contents are still theirs to stand behind.
Why post-quantum, and why now
The signatures that secure most of the internet today (RSA, elliptic curve) are expected to fall to a sufficiently large quantum computer. A provenance record is supposed to hold up for years — so it should be signed with algorithms designed to survive that transition. NIST finalized the first of these (ML-DSA / FIPS 204) in 2024.
Independently of quantum computers, attributable AI output is becoming a baseline expectation: content-provenance standards (like C2PA) and AI regulation (the EU AI Act’s transparency and record-keeping duties) all push toward outputs you can attribute and audit. A verifiable receipt is a concrete way to produce that evidence.
No account, no trust in our servers — the check runs on your side.
Keep reading
Verification attests an answer’s origin and integrity, not its factual accuracy. Algorithm names denote the public standards the primitives are based on (ML-DSA-87 / FIPS 204, ML-KEM-1024 / FIPS 203; Falcon / FN-DSA, FIPS 206 forthcoming), not a FIPS-140 / CMVP validation.