- The paper presents a dual-layer protocol combining ledger-bound tokens and hardware attestation to ensure cryptographically verifiable AI content licensing.
- It employs a Certificate Transparency-style Merkle tree and signed provenance logs to provide immutable transaction records and real-time auditability.
- The protocol enhances integration for publishers and AI platforms while addressing legal compliance, security risks, and on-device attestation challenges.
Aegon: Auditable AI Content Access with Ledger-Bound Tokens and Hardware-Attested Mobile Receipts
Motivation and Problem Context
The proliferation of LLMs and RAG architectures has exposed a severe gap in web content licensing for AI. Publishers face binary choices—block all AI traffic or allow unfettered access—with no assurance of compensation, enforceable access rights, or scalable mechanisms for licensing negotiation. Lawsuits (e.g., NYT v. OpenAI, Getty v. Stability) underline the urgency for auditable infrastructure. Simultaneously, on-device AI agents (e.g., Gemini Nano, Llama) access web content without licensing or auditability. While policy declaration standards (RSL, AIBDP) have emerged, there is no protocol conferring transaction-level audit infrastructure or device-level attestation. The absence of tamper-evident licensing records and verifiable compliance receipts allows legal, financial, and technical risk to propagate across the publisher-platform interaction space.
System Contributions
Aegon introduces a dual-layer protocol built on widely-adopted standards:
Web Layer:
- Extends JWT tokens with semantically rich, content-specific licensing claims (scope, license type, compliance flags), enabling precise access specification and cryptographically binding terms to each licensing transaction.
- Implements an append-only transaction ledger with a Certificate Transparency-style Merkle tree, supporting third-party audit via Signed Tree Heads and Merkle inclusion proofs. This ensures immutable transaction records, post-facto auditability, and non-repudiation.
- Deploys a signed provenance event log—tracking content throughout transformation stages in the AI pipeline (chunking, embedding, retrieval, citation)—bound to ledger entries by transaction ID, evidencing downstream content usage.
Android Layer:
- Introduces hardware-attested compliance receipts for mobile AI agents leveraging StrongBox secure element attestation, providing cryptographically verifiable proof that licensed content was accessed by a hardware-authenticated device.
- Supports offline proof batching with replay resistance, ensuring robust auditability despite intermittent connectivity.
- Verifies attestation certificate chains rooted at Google hardware attestation CA, enforcing device integrity and receipt authenticity.
Distinctiveness:
Aegon’s audit infrastructure—the Merkle ledger, provenance chain, hardware-attested receipts—constitutes the first application of Certificate Transparency-style audit and device attestation to AI content licensing, differentiating it from policy declaration (RSL, AIBDP), transactional flow (Peek-Then-Pay, PEAC), and commercial SaaS platforms (TollBit, Cashmere).
Threat Model and Security Goals
Aegon assumes a trusted broker, responsible for issuing tokens, maintaining the ledger, and publishing JWKS. Publisher and platform distrust is addressed through cryptographic and contractual mechanisms.
Web Layer Security Goals:
- Token integrity enforced via JWKS signature verification
- Offline validation by publishers using cached JWKS (no broker round-trip)
- Tamper-evidence and auditability through Merkle inclusion proofs
- Non-repudiation of issued tokens and ledger entries
Android Layer Security Goals:
- Hardware binding enforced by StrongBox-generated keys (verifiedBootState checked)
- Attestation chain validity ensures only hardware-backed devices produce audit receipts
- Defensive measures against replay, key extraction, and offline manipulation via receipt deduplication, local encrypted storage, and timestamp monitoring
Known Limitations:
- Completeness of provenance cannot be guaranteed—adversarial SDK operators can omit events
- Training misuse prevention is contractual, not cryptographic
- App integrity not guaranteed (Play Integrity API integration as future work)
- Trust centralized at broker; distributed trust models are out-of-scope for v1
Protocol Design
Actors: AI Platforms (via SDK or MCP server), Publishers (validating at CDN edge via Cloudflare Workers), Aegon Broker, Mobile AI Agents.
Integration:
- Zero-friction model: Publishers implement edge validation with a single script; platforms integrate through MCP or lightweight SDK.
- All communications occur via standard HTTPS.
Licensing Model:
- Scope, license type, and compliance flags parameterize access and licensing terms.
- JWT tokens encode licensing semantics; aegon_resource_url associates tokens with specific content, and aegon_x claims bind compliance constraints.
- Content hash is determined post-delivery by publishers, ensuring that issuance remains decoupled from content signature.
Ledger Infrastructure:
- PostgreSQL ledger with write-once rows; all transactions entered into Merkle tree.
- STH (Signed Tree Head) published periodically for audit.
- Inclusion proofs allow auditors to independently validate transaction existence and ledger integrity.
Event Provenance:
- AI pipeline transformation stages emit cryptographically signed events to the ledger, preserving auditability.
- Provenance chain binds downstream content usage to licensing transaction, but completeness is not cryptographically enforceable.
Replay Protection:
- jti deduplication and token expiration (exp) claims prevent replay (Bloom filters used for bounded window storage).
Mobile Attestation for AI Agents
StrongBox Integration:
- Devices generate ECDSA P-256 keys in StrongBox; attestation chain proves hardware origin.
- Receipts signed with device key; per-publisher pseudonymous identifiers prevent cross-domain device tracking.
- Fallback to KeyMint for devices lacking StrongBox, with lower assurance.
Receipt Submission:
- Batch submission of receipts enabled by encrypted local storage.
- Broker enforces attestation chain validity, receipt callback, and timestamp limits.
- Privacy safeguarded at publisher level; device revocation via attestation CA is supported.
Performance:
- Target overheads: token validation <10ms P95, token issuance <50ms P95, provenance event <5ms, StrongBox signing <100ms P95, receipt size <4KB.
Reference Implementation and Evaluation Plan
Aegon’s architecture leverages FastAPI (Python), Supabase PostgreSQL, AWS KMS for secure key management, and MCP for agent integration. Cloudflare Workers provide edge-side publisher validation. Android clients use Kotlin, SQLCipher for offline storage, and support API 31+.
Evaluation includes latency, throughput, attack detection, signing overhead, queue depth, battery impact, and attestation verification. All core cryptographic attack vectors (forgery, replay, unauthorized reuse) are fully detectable per design.
Implications, Limitations, and Future Work
Aegon’s protocol enables auditable, scalable AI content licensing—addressing publisher monetization, legal compliance, and downstream attribution. By adopting Merkle tree auditability and hardware attestation, it establishes a new standard for post-facto verification and compliance evidence.
Practical Implications:
- Lower integration friction suggests rapid adoption potential, analogous to OAuth 2.0.
- Real-time and post-hoc auditability supports legal and regulatory demands across publisher-platform interactions.
- Hardware attestation provides security guarantees for on-device AI agents, a growing vector for content access.
Theoretical Implications:
- Merkle tree infrastructure proves that centralized, append-only ledgers can satisfy audit requirements with minimal overhead compared to blockchain consensus.
- Signed event provenance, though only partially enforceable, lays groundwork for cryptographically binding AI content usage to licensing terms.
Future Directions:
- ZK proof integration for private audit and compliance
- TEE-attested AI inference, binding execution environment to licensing claims
- Distributed broker design (MPC, threshold signatures) to eliminate central trust
- Information Isotope integration for detection of training data misuse
- Full C2PA and RSL interoperability
Conclusion
Aegon presents a protocol for auditable AI content licensing encompassing independently verifiable, Merkle-based transaction records and device-level hardware attestation. It directly addresses emergent deficiencies in content licensing audit, compliance evidence, and practical infrastructure for both publisher and AI platform stakeholders. Open questions in provenance completeness and cryptographic enforcement remain; the protocol establishes a robust foundation for scalable, auditable AI content licensing and compliance verification at web and mobile layers (2604.06693).