feat: ThoughtProofReasoningHook — on-chain reasoning attestation gate…#11
Open
ThoughtProof wants to merge 5 commits intoerc-8183:mainfrom
Open
feat: ThoughtProofReasoningHook — on-chain reasoning attestation gate…#11ThoughtProof wants to merge 5 commits intoerc-8183:mainfrom
ThoughtProof wants to merge 5 commits intoerc-8183:mainfrom
Conversation
… for ERC-8183 Adds a new hook that gates agent submissions on cryptographic reasoning attestations from ThoughtProof's multi-model adversarial consensus pipeline. Unlike reputation-based hooks (which check historical trust), this hook verifies the quality of the CURRENT decision before it reaches the chain. - ECDSA signature verification from trusted ThoughtProof signer - Nonce-based replay protection (single-use attestations) - 5-minute freshness window (stale reasoning is rejected) - Job-bound signatures (attestation for job #1 can't be used for job erc-8183#2) - Signer rotation support (for JWKS key rotation) - Composable with TrustGateACPHook (PR erc-8183#6) for defense-in-depth Includes 9 passing Foundry tests and full documentation with steel-man analysis (5 counter-arguments + mitigations). Co-authored-by: ThoughtProof <security@thoughtproof.ai>
JhiNResH
added a commit
to JhiNResH/maiat8183
that referenced
this pull request
Mar 23, 2026
Implements the Maiat plugin hook system for ERC-8183 agentic commerce: TokenSafetyHook: - Blocks job funding if payment token is honeypot/rug/high-tax - Queries ITokenSafetyOracle with configurable risk tolerance bitmask - Owner can whitelist tokens to bypass oracle check - Upgradeable (OwnableUpgradeable + storage gap) MaiatRouterHook: - Composite hook that chains up to 10 IACPHook plugins - beforeAction: all plugins run in priority order; any revert blocks the action - afterAction: plugins run in priority order with try/catch (failures don't block) - Admin: addPlugin, removePlugin, enablePlugin, disablePlugin, setPluginPriority - Upgradeable (OwnableUpgradeable + storage gap) Tests (175 total, all pass): - Unit tests covering all admin, access control, and execution paths - Integration test: TrustGate + TokenSafety + Attestation chained via Router - Fuzz tests: random plugin counts, job IDs, priorities, enable/disable patterns Deploy script: DeployMaiatPlugins.s.sol - Deploys TokenSafetyHook + MaiatRouterHook via ERC1967Proxy - Configures Router with TrustGate(10) + TokenSafety(20) + Attestation(30) Audit: Slither clean — no HIGH/MEDIUM findings on new contracts Closes erc-8183#11
Contributor
|
Good concept for high-stakes verification. As an open standard though, we'd want the reasoning verifier interface to be generic rather than hardcoded to ThoughtProof. Could you extract IReasoningVerifier and have ThoughtProof as the implementation? Same approach as the trust oracles — interface in the standard, your service as reference impl. |
Author
|
Good point — I agree the standard-facing abstraction should be generic. My goal here was to demonstrate the pattern: an ERC-8183 hook can require off-chain reasoning verification before allowing a high-stakes lifecycle transition. But that should not be hardwired to ThoughtProof at the interface level. The cleaner design is to extract a minimal IReasoningVerifier interface and treat ThoughtProof as the reference implementation rather than the mandatory dependency. That keeps the hook standard-neutral, easier to maintain, and open to other verification providers using the same capability surface. I’d probably also rename the hook accordingly (e.g. ReasoningVerifierHook) so the standard describes the mechanism, while ThoughtProof remains one implementation of it. |
…ence impl Addresses review feedback from @psmiratisu: - Extract generic IReasoningVerifier interface - ThoughtProof becomes reference implementation, not mandatory dependency - Rename ThoughtProofReasoningHook → ReasoningVerifierHook - Hook accepts any IReasoningVerifier via constructor New files: - contracts/IReasoningVerifier.sol — minimal generic interface - contracts/ThoughtProofReasoningVerifier.sol — reference implementation - contracts/hooks/ReasoningVerifierHook.sol — protocol-agnostic hook - test/ReasoningVerifierHook.t.sol — 37 tests incl. MockReasoningVerifier - ARCHITECTURE.md — documents the refactor rationale Removed: - contracts/hooks/ThoughtProofReasoningHook.sol (replaced) - test/ThoughtProofReasoningHook.t.sol (replaced) The standard describes the mechanism; ThoughtProof remains one implementation of it.
Author
|
Updated based on your feedback — thanks for the clear direction. Changes:
The standard describes the mechanism; ThoughtProof is one implementation of it. |
Addresses steelman concern: attestation was not bound to the specific deliverable the agent submitted. If content changes after verification, the old attestation could be replayed against new content. Changes: - VerificationRecord now includes deliverableHash field - submitVerification() accepts deliverableHash parameter - Signature covers deliverableHash (included in signed data hash) - All 9 tests updated to pass deliverableHash The hook or downstream consumer can now verify that the attestation matches the actual deliverable before accepting settlement.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds ThoughtProofReasoningHook — an ERC-8183 hook that gates agent
submissions on cryptographic reasoning attestations from multi-model
adversarial consensus.
Unlike reputation hooks (PR #6), this verifies the quality of the
CURRENT decision, not just historical trust.
Links: thoughtproof.ai/blog/reasoning-gap | ERC-8004 Agent #28388