The AI Trust Layer That Doesn't Exist Yet. And Why It's the Most Important Infrastructure Problem in AI Right Now

Source: Dev.to

Every major shift in the internet’s history eventually produced a trust layer. The web got HTTPS. Email got DKIM. Software got code signing. Financial transactions got cryptographic audit trails. AI has nothing. Right now, every AI system on the planet “GPT, Claude, Gemini, Llama,” every fine-tuned model deployed in your company’s infrastructure, is generating content, code, decisions, and autonomous actions with zero verifiable provenance. There is no cryptographic record of what was generated, when, by which model, under what conditions, or whether it has been altered since. The problem is already costing real money Consider what happens today when: Why existing solutions don’t solve this What the solution actually looks like technically An Attestation Object: a signed JSON structure containing the SHA-256 hash of the AI input and output (not the content itself, privacy by design), the model identifier and version hash, a timestamp anchored to an RFC 3161 Timestamp Authority, the provider’s cryptographic identity, and active policy constraints at generation time. A Certificate Hierarchy: Root CA → Provider CA → Per-provider signing certificates, with full X.509 v3 chain validation and OCSP revocation support. Hardware Security Module backed, FIPS 140-2 Level 3. A Verification Layer: public API, browser extension, SDK integrations, and enterprise plugins that allow any party to verify any attested content independently, without trusting the attestation provider beyond the root certificate. A Modification Chain: delta attestation for content that is legitimately edited after AI generation, maintaining provenance through the full content lifecycle rather than just the generation event. The hard technical problems are genuinely interesting: How do you attest to open-source model outputs where there’s no centralised provider to issue certificates?

How do you build multi-model provenance chains when a document passes through GPT-4, Claude, and a Mistral fine-tune before reaching a human?

How do you implement zero-knowledge proofs that verify specific properties of a generation (“safety filtering was active”) without revealing the content itself?

How do you design agent action attestation for autonomous AI systems executing real-world actions across multiple sessions?

These are unsolved problems. The cryptographic primitives exist. The systems architecture is tractable. What doesn’t exist yet is someone building the full stack with the right combination of cryptographic rigour, enterprise compliance understanding, and the regulatory relationships to make it a standard rather than just a product. The regulatory window is open right now What I’m building and who I’m looking for Specifically I’m looking for someone with: Strong backend engineering (Python, Go, or Rust)

Genuine interest in cryptography, PKI, or security infrastructure

Experience shipping real systems, not just side projects

The ability to work equity-only at this stage while we close our first design partners and accelerator funding

Intellectual curiosity about the problem, this should feel like an interesting engineering challenge, not just a job

What I’m offering is a significant equity stake, a genuinely unsolved problem at the right moment in history, and a blueprint serious enough that three enterprise organisations are already in design partner conversations. This is the kind of infrastructure that, if built correctly, becomes invisible and essential. Like all the best infrastructure. Victor — Founder, AI Notary Building the trust layer the AI economy doesn’t have yet.