The Signed Web: Why AI Needs Verified Knowledge, and How We Built It
The first implementation of the AI Discovery Standard is live — a free WordPress plugin that gives any website a cryptographically signed identity for AI agents
AI Is Guessing About Your Business
Ask any AI assistant about your company. Go ahead — try it right now. Ask ChatGPT, Claude, or Gemini: "What does [your company] do?"
What you get back is a guess. The AI scraped your HTML, parsed your marketing copy, maybe found a Wikipedia entry or a LinkedIn page, and assembled its best interpretation. Sometimes it's close. Sometimes it confidently tells people you do things you stopped doing three years ago. Sometimes it invents products you never made.
This is the state of the art in 2026. Billions of dollars in AI infrastructure, and the fundamental question — "What does this organization actually do?" — gets answered by web scraping.
We built something better.
What We Built
The AI Discovery Standard is a simple proposal: put a structured JSON document at /.well-known/ai on your website that tells AI agents exactly who you are, what you do, what you allow, and how to verify all of it.
Think of it as the difference between someone reading your business card versus rummaging through your office and guessing.
Without the Standard
AI scrapes your HTML, guesses at meaning, presents its interpretation as fact. You have no control, no verification, no recourse.
With the Standard
AI reads your structured, signed knowledge directly. You control the narrative. AI can verify the source. No middlemen.
But we didn't just write a specification and hope someone would implement it. We built the first implementation ourselves — a free WordPress plugin that any site owner can install in minutes.
The First Implementation: A WordPress Plugin
The Rootz AI Discovery Plugin for WordPress does three things:
- Creates your AI identity — generates a structured
ai.jsonmanifest with your organization's name, mission, products, policies, and contact information - Hashes your content — computes SHA-256 hashes for every published page so AI agents can verify content hasn't been tampered with
- Signs everything — generates a secp256k1 cryptographic wallet for your site and signs the entire manifest, proving who published the data
The plugin serves the manifest at /.well-known/ai — the same convention used by SSL certificates (/.well-known/acme-challenge) and security policies (/.well-known/security.txt). It's a standard location where machines know to look for machine-readable instructions.
Why Signing Matters: Lessons from Trusted Computing
For those of us who spent decades in trusted computing, the signing part is where it gets interesting.
Every other AI discovery approach serves unsigned data. An attacker who compromises a web server can serve false information to AI agents — and the AI has no way to know. It's the same problem that motivated the Trusted Platform Module twenty years ago: without a measurement and attestation mechanism, you're trusting the platform without verifying it.
The AI Discovery Standard applies the same principle to web content:
| TPM / Measured Boot | AI Discovery Standard |
|---|---|
| Measures platform state into PCRs | Measures content state into SHA-256 hashes |
| TPM signs quote with endorsement key | Site signs manifest with Digital Name |
| Verifier checks signature & PCR values | AI agent checks signature & content hashes |
| Proves platform integrity at boot | Proves content integrity at access |
| Trust the platform, not just the network | Trust the origin, not just the URL |
An AI agent reading a signed manifest doesn't just get your data — it gets a cryptographic assertion that the data hasn't been tampered with since the site operator signed it. It can verify WHO published the data, not just WHERE it was served from.
We call this principle Origin, not Trust. The same principle that made measured boot work for platform integrity can make the web work for AI integrity.
What the Signature Looks Like
Every manifest includes a signature block:
"_signature": {
"digitalName": "0xD36AAf65a91bB7dc69942cF6B6d1dBa4Ef171664",
"network": "polygon",
"contentHash": "sha256:a1b2c3d4...",
"signedAt": "2026-02-27T00:00:00Z",
"method": "epistery-domain-v1"
}
And every page gets an individual content hash:
"pages": [
{
"path": "/technology",
"contentHash": "sha256:7f3a9b2e...",
"purpose": "technical documentation"
}
]
An AI agent can fetch any page, hash it, and compare. If the hash matches, the content is exactly what the site operator signed. If it doesn't match, something changed. This is verification any machine can perform, instantly, without trusting anyone.
The Demo That Proves It: verifyPageHash
The plugin exposes a tool called verifyPageHash that demonstrates the entire concept in a single API call. An AI agent sends a URL; the plugin fetches the page, hashes it, and compares the hash against the signed manifest. The response tells the AI whether the content is verified or has been modified.
This is the simplest possible proof of content integrity. No blockchain lookup required, no complex verification chain — just cryptographic math that any machine can execute. And it works right now, on any WordPress site running the plugin.
Testing Against the Real World
We tested the standard against real websites to see how AI agents fare today — with and without structured data.
| Site | Method | AI Confidence | Can AI Answer: "May I quote you?" |
|---|---|---|---|
| discover.rootz.global | /.well-known/ai |
10/10 HIGH | Yes — policy explicitly states quoting is allowed with attribution |
| intel.com | HTML scraping | 7/10 | No — AI has to guess from legal page |
| naorisprotocol.com | HTML scraping | 6/10 | No — JavaScript-heavy site, limited scraping |
| adventhealth.com | HTML scraping | 4/10 | No — AI can't determine usage rights at all |
The gap is striking. With structured data, an AI agent knows exactly what the organization does, what it allows, and how to cite it — with cryptographic proof. Without it, the AI is guessing, and two-thirds of real websites can't even tell AI whether quoting is permitted.
Three Tiers of Knowledge
The standard uses a three-tier architecture that scales from a simple business card to a complete organizational encyclopedia:
Tier 1: Discovery — /.well-known/ai
Who we are, what we do, what we allow. Core concepts, policies, contact information, links to deeper knowledge. Takes 5 minutes to set up. This is the minimum viable implementation.
Tier 2: Knowledge — /ai/knowledge.json
Full organizational encyclopedia. Glossary of terms, product descriptions, team backgrounds, market thesis, technology architecture. An AI reads this and understands everything.
Tier 3: Feed — /ai/feed.json
Chronological updates with structured facts, tags, and related concepts. Not RSS — designed from the ground up for AI consumption. Machine-readable news that stays current.
Early Adopters
Within days of publishing the standard, inblock.io (the Aqua Protocol team) implemented the full three-tier architecture and scored Grade A (95/100) on our AI readability scanner. They described the standard as providing "verifiable, structured data rather than blind faith in platforms" — language that resonated because it captures exactly what's missing from the current web.
Unveiled Muse, a wedding inspiration platform built by Lexi, has also implemented the standard — proving it works beyond the blockchain and security communities. A consumer site helping couples plan weddings now speaks AI natively, with structured knowledge about budget tiers, categories, and photographer credits that no scraper would ever extract correctly.
Made in USA One (OTC: USDW) and its certification arm Verity One Ltd are adopting the AI Discovery Standard for enterprise supply chain verification. With 22 years of Made in USA certification experience, they're bringing the standard to a sector where origin and authenticity are the entire business — using /.well-known/ai to let AI agents verify product provenance and certification status directly from the source.
The pattern is clear: from blockchain infrastructure to wedding planning to supply chain certification, the standard works anywhere an organization wants AI to get its facts right. Six sites now publish at /.well-known/ai. The standard is twelve days old.
What This Means for Your Business
Every day you don't have /.well-known/ai, AI agents are making up answers about your organization. They're guessing at your products, inventing your policies, and presenting their interpretations as fact to the people asking about you.
Adding the standard changes the power dynamic:
- Accuracy: AI responses about your organization come from you, not from scraped interpretations
- Currency: Update your manifest and AI knows immediately — no waiting for a crawler to re-index
- Control: You define your quoting policy, your attribution requirements, your contact channels
- Verification: Anyone can check the signature and confirm the data came from you
- Visibility: Brands cited by AI see 35% more organic clicks and 91% more paid clicks (Seer Interactive, 2024)
This isn't theoretical. It's working right now. Point any AI agent at rootz.global/.well-known/ai and ask it about us. Then try the same with any company that doesn't have the standard.
Get Started
You have three paths:
WordPress Sites
Download the Rootz AI Discovery Plugin (free, GPL v2). Install, configure your organization details, and you're live. The plugin handles signing, hashing, and all seven JSON endpoints automatically.
Any Platform
Use our interactive generator to create your ai.json file. Answer a few questions, download the file, and serve it at /.well-known/ai. Works with Express, Next.js, Apache, Nginx, or any web server.
Check Your Score
Scan any website with our AI readability scanner. It grades sites A through F across five tiers: discovery, extended, verification, content, and trust signals. See where you stand and what to improve.
An Open Standard
The AI Discovery Standard is published under CC-BY-4.0. Anyone can implement it, on any platform, for free. The specification is at /ai/standard-v1.2.md. We're working toward RFC 8615 registration of the /.well-known/ai URI.
The WordPress plugin is GPL v2. The scanner is free. The generator is free. The standard itself is Creative Commons. We want every website on earth to have a /.well-known/ai file — that's the goal, not vendor lock-in.
Because the web doesn't need another walled garden. It needs infrastructure. Infrastructure that makes AI accurate, verifiable, and accountable to the organizations it represents.
The Bigger Picture
The AI Discovery Standard is the first visible application of what we've been building at Rootz: infrastructure where data carries proof of its own origin and ownership. We call this Data with Origin and Ownership — the idea that every piece of digital information should be able to prove where it came from, who created it, and whether it's been modified.
For websites, that means a signed manifest at /.well-known/ai. For supply chains, it means Data Wallets with molecular-level physical fingerprints. For AI conversations, it means archived thinking with cryptographic proof of origin. The underlying principle is the same: don't trust — verify. And give the tools to verify to everyone, not just the gatekeepers.
The web was built for humans. We're adding a layer for machines — not to replace the human web, but to let AI understand it accurately, directly, and verifiably.
Stop letting scrapers decide what your company means. Tell AI yourself.
Make Your Website Speak AI
Free plugin. Open standard. Five minutes to deploy.
Join the signed web. Give AI the truth — from the source.