human.tech

The Covenant of Humanistic Technologies is live. It defines a design philosophy for Human Tech: d/acc technologies that embed digital rights by design, built and governed on the human.tech protocol layer. Commit your alignment at manifest.human.tech

the hard part isn't the privacy itself it's building privacy that can still prove compliance when required. that's the layer institutions actually need, and what we are building for the @aztecnetwork ecosystem aztec.network/projects

the bybit hack wasn't about a failed audit. it was about signing something you couldn't read $1.4B went out because the transaction looked fine and the payload wasn't. hardware wallets help. they don't help if the wallet doesn't tell you what you're actually signing if what's signed has to be readable before the key moves, that's a different security model. not policy inside the agent. verification before authorization that's the architecture: human.tech/blog/preventin…

roughly 24,000 fake accounts. over 16 million exchanges with Claude. Anthropic caught it post-hoc, not in real time that was DeepSeek, Moonshot AI, and MiniMax: extracting capabilities through scale because the internet has no way to confirm whether the same person is back again proof of personhood is the gap. we wrote about why it matters for agents: human.tech/blog/proof-of-…

d/acc asks a simple question: if acceleration is inevitable, what do you want defended? sovereignty, privacy, the ability to prove you're human. that's why we build human.tech/blog/what-is-d…

agent wallets that only work on one chain are infrastructure that assumes the market stays still WaaP is now live on Sui, alongside EVM chains self-custody shouldn't depend on which chain your agent is targeting. the key split happens at the protocol level, chain-independent by design human.tech/blog/waap-is-l…

AgentKit is designed to be wallet-agnostic the default wallet provider is Coinbase's. we built a different one: same AgentKit interface, key split via two-party computation so neither party holds it whole one config change to switch human.tech/waap

most privacy tools check who you are at entry. they assume that's enough sanctions lists change. credentials get stolen. whoever passed the check a year ago might not pass today ⚠️ the compliance shield we're building on @aztecnetwork checks at both ends: entry and exit. not because the first check fails. because the world changes between them Proof of Clean Hands: privacy earned, not assumed - human.tech/blog/proof-of-…

should you trust an AI agent with your private key? 🤔 full key access is the default assumption. it's also the wrong starting point a private key handed to an agent has no cryptographic boundary enforced by the chain. the agent acts within policy it enforces itself. get the policy wrong, or get the agent jailbroken, and the key decides what happens next we went deep on this: the security model, why most approaches inherit the wrong starting assumptions, and what delegated custody actually looks like at the signing layer human.tech/blog/would-you…

proof of personhood started as a niche concern. it's becoming infrastructure the shift: AI made synthetic identity nearly free. faking a human used to require effort. it doesn't anymore. the question has flipped from 'are you real?' to 'are you the only you?' we mapped the space: methods, tradeoffs, who's building what, and why multi-signal architectures hold up better than single-method systems human.tech/blog/proof-of-…

standards are forming for agent identity. ERC-8004 for registration and authentication. x402 for payments. emerging proposals for selective credential disclosure each one assumes custody is handled elsewhere. it usually isn't ❗ the chain knows the agent exists. the chain doesn't know if a human authorized what the agent just signed. that's a different problem, and none of these standards close it it's the gap @WaaPxyz is built for

WaaP for Agents website is live ✨ define your agent's permissions once: spend limits, time windows, protocol allowlists. it runs 24/7 within them. anything outside scope: one tap waap.human.tech/agents

giving an agent access is not a binary the moment you extend it to something that operates autonomously, your trust boundary shifts. it no longer ends at your device. it ends wherever input can reach the agent prompt injection is not a hypothetical. it's a threat model. and in crypto, the attack surface includes irreversible transactions the design response: agents hold capabilities, not keys. scope enforced in the signing layer, not inside the agent runtime human.tech/blog/would-you…

@WaaPxyz @WaaPxyz let's you decide: scope access to your wallet, so the agent can act as you sleep - but it can only operate within predesigned bounds: spend caps, contract allowlists and you can sleep safe and sound waap.human.tech

the DAO hack is remembered as a smart contract bug 🐛 the harder lesson: nobody watching had any cryptographic authority to halt the execution a decade later, AI agents hold keys, sign transactions, allocate capital. not bound by audited contracts; bound by prompts, system messages, and whatever a developer wired between an LLM and a wallet the chain doesn't know if the human is asleep human.tech/blog/2pc-agent…

Just the first of several different framework announcements If you're using @openclaw and would like to give it a wallet to rebalance, participate in governance, optimize yield, etc you can now use @WaaPxyz

for an agent to act on your behalf, it needs persistent access to your identity picture handing someone your phone unlocked, your bank logged in: 'just handle things' it's not a person, and it doesn't forget the way people do this is why privacy infrastructure is a design decision, not a retrofit human.tech/blog/privacy-i…

The signing layer should stay independent of the agent, with the human in the loop when it matters. @openclaw agents are now protected through WaaP's programmable signing.

EU AI Act Article 14 takes effect August 2 it requires effective human oversight of high-risk AI systems agents making autonomous financial decisions are the clearest test case that oversight can't live in a disclaimer, it needs to be cryptographic hackernoon.com/why-humantech-…

two tests every agent stack will eventually need to answer: 1. is there a real human behind it? 2. does a human hold root authority over the wallet? most agent stacks answer neither human.tech is building both - with @HumnPassport & @WaaPxyz human.tech/blog/proof-of-…

not a human approving every transaction a human deciding where the edge is, and asked only there