Federated Wiki journals record every page change as a timestamped delta. This enables history tracking, forking, and distributed collaboration.
By extending journal entries with **cryptographic signatures**, we add a new layer of **security**, **trust**, and **accountability**. Each signature verifies not just who made a change, but also affirms its integrity and review status. This is especially useful in agentic systems and federated publishing environments.
This page outlines the types of additional signatures that can be added to the journal, what problems they solve, and how they support decentralized trust.
# Base Model: Signed Journal Entry Each journal entry can include an optional signature block:
{ "sig_type": "edit-signature", "signed_by": "alice@hitchhikers.local", "signed_at": "2025-09-27T14:30:00Z", "signature": "MEUCIQD+abcd...", "pubkey": "03a56f..." }
This signature proves that the entry was authored or approved by a known entity using a private key, and that the content has not been altered since signing.
1. Edit Signature 1. Agent Signature 1. Reviewer Signature 1. Fork Approval Signature 1. Multi-Signature (Consensus) 1. Manifest Signature 1. Key Rotation Signature or Revocation Notice 1. Witness Signature
# Benefits of Using Multiple Signature Types - Builds a **layered model of trust**—not just “who wrote it,” but “who reviewed and endorsed it” - Enables **collaborative governance** in federated and agentic environments - Supports **automated verification** of agent outputs - Improves **security posture** by allowing rollback, rotation, and revocation - Makes **history cryptographically auditable** without a central server
# Implementation Notes - Each signature must cover the **content, timestamp**, and optionally metadata like author or agent ID. - Signature verification should be optional but encouraged via UI indicators or trust policies. - A standard schema should be used for easy interoperability between nodes and tools. - Agents and users should rotate keys regularly and publish updated public key metadata.
# See
- Sessionless
- SubtleCrypto - developer.mozilla.org 
- opentimestamps.org