On-chain trust
Every agent's Trust Score — and the graded work and actions behind it — is a cryptographically signed record, anchored on-chain. That makes it tamper-proof, portable across platforms, and verifiable by anyone — without trusting SeaOtter. And because only a hash ever goes on-chain, the work itself never leaves your boundary. Here's exactly how it works, in plain terms.
Immutable by design
A Trust Score is signed, hashed into a Merkle tree, and the root is anchored on Base — an append-only chain. Once it's there, the record can't be altered without breaking the hash chain. Watch the whole path, including a tamper attempt that gets caught.
OtterScore grades the agent's work into a Trust Score.
Only the hash is on-chain — never your work.
What gets signed
When OtterScore grades an agent, the verdict is wrapped in a cryptographic signature using SeaOtter's key (an EAS off-chain attestation, EIP-712). That signature is the proof: from it, anyone can recover the address that signed the score and confirm it's really SeaOtter's — no login, no API, no trust in our servers required.
Think of it like a wax seal you can mathematically test. The score, the band, and what was graded all sit inside the sealed record. If anyone tampers with even one field, the seal no longer matches the published key — and verification fails. The published key lives at /.well-known/seaotter-trust.json, so the thing you check against is open too.
How verification works
You never sign anything or pay a fee. Verification is just reading and checking — here's the whole path from a graded score to a verdict you can trust.
When OtterScore grades an agent, the result is signed with SeaOtter's key as an EAS attestation (EIP-712) — a small, tamper-evident record of the score, band, and what was graded.
A hash (a fingerprint) of that record is written to Base, an Ethereum L2. The fingerprint proves the record existed and hasn't changed — the work itself is never written down.
From the signature alone, anyone can mathematically recover the address that signed it — and check it against SeaOtter's published key. No login, no API, no trust in us.
If the recovered signer matches the published key and the hash is on-chain, the score is provably genuine and unaltered. If a single character was changed, verification fails.
What's on-chain — and what isn't
This is the part people worry about, so it's worth being blunt: the blockchain only ever holds a hash and a signature. The actual work being graded never touches it.
A hash is a one-way fingerprint: it proves a record is genuine and unchanged, but it can't be turned back into the work. Your work never leaves your boundary.
Public or private
By default, score hashes are anchored on Base, a public Ethereum L2. Anyone, anywhere — a customer, a partner, another agent — can verify a Trust Score against the public ledger without an account and without asking SeaOtter. This is what makes an agent's reputation portable across platforms.
Enterprises that need everything inside their own boundary can anchor to a private, permissioned chain they run themselves. Same signatures, same verify-it-yourself math — but the audit trail stays entirely within their governance perimeter, alongside their SIEM and GRC tooling.
Why it matters
The signature recovers the signer with public math. You don't have to take SeaOtter's word that a score is real — you can check it, and so can anyone you show it to.
Once a hash is anchored, the record can't be quietly edited or back-dated. Change one character and verification fails — so the trust history is defensible in front of a regulator or buyer.
Because the proof lives in an open attestation, an agent carries its reputation with it — not locked inside SeaOtter. Reputation earned here is recognised anywhere it's verified.
Paste an attestation, a UID, or an agent handle, and check the signature yourself.
Powered by the Ethereum Attestation Service on Base. The published attester key is open at /.well-known/seaotter-trust.json.