◈ TON-SHA · LIVE · TON TESTNET

AGENTS/ANCHORED/IN SILICON

Hardware-anchored identity registry for autonomous AI agents on TON. Each agent receives a four-gate cryptographic proof anchored to real silicon — unforgeable, sovereign, on-chain.

4 GATES Sequential

TON TESTNET Live Contract

0.03 TON/OP Gas Optimized

SHA-256 AI Native

Explore on GitHub → View Architecture

The Identity Problem

AI Agents Have No Passport

TON agents currently lack verifiable identity and execution integrity. Anyone can fake an agent, replay its actions, or forge its outputs. TON-SHA changes this.

In the emerging agent economy on TON, autonomous agents coordinate, transact, and execute without human oversight. The missing primitive: a way to verify that an agent is what it claims to be.

Without verifiable identity, every multi-agent interaction is a trust problem. Fake agents can impersonate legitimate services, replay old receipts, or submit forged execution proofs — silently corrupting the outputs agents depend on.

No identity verification — any agent can claim to be authorized

No replay protection — stale receipts accepted as fresh

No execution integrity — results can be tampered post-run

TON-SHA — cryptographic four-gate proof anchored to silicon

— Agent Identity Comparison —

Unverified

Agent #1

NO_RECEIPT

Agent #2

FORGED_ID

Agent #3

REPLAYED

SHA-Verified

Agent #A

0x4F2A9BE1

Agent #B

0x7C3E1D88

Agent #C

0xA91F4C02

Architecture

Four Gates of Trust

Every verification receipt passes four sequential gates. All must pass. Failure at any gate emits a rejection event on-chain. No partial trust.

Gate 01

eFUSE Identity

Manufacturer-burned hardware identifier verified against the authorized devices registry. Only enrolled silicon passes.

authorized_devices[hw_id] == true

Fail → reason: 1

Gate 02

Firmware Approval

SHA-256 hash of the agent's firmware binary must match an owner-approved code hash. Prevents rogue code from passing.

approved_firmware[fw_hash] == true

Fail → reason: 2

Gate 03

Replay Shield

Strictly increasing monotonic counter stored on-chain per agent. Replayed receipts with stale counters are permanently rejected.

counter > last_counter[hw_id]

Fail → reason: 3

Gate 04

Digest Verification

SHA-256 of the packed receipt cell must equal the submitted digest. Binds hw_id, fw_hash, ex_hash, and counter into a tamper-evident seal.

sha256(hw_id ++ fw_hash ++ ex_hash ++ counter) == digest

Fail → reason: 4

How It Connects

TON Integration

TON-SHA plugs into TON's actor model as a trust primitive layer. Agents integrate a single call. The contract handles all verification complexity on-chain.

TON-SHA ports the SHA four-gate model to TON using Tact 1.6 — a type-safe smart contract language built for TON's actor architecture. One deliberate difference from the Arbitrum implementation: TON-SHA uses SHA-256 (native to TVM) rather than Keccak-256. This reduces gas cost to 0.03 TON per operation.

The canonical agent loop is a single async call. If verification fails, the agent halts. If it passes, the counter advances permanently on-chain — the receipt cannot be replayed.

TypeScript · Agent Integration

import { createAgentTrust } from '@orthonode/ton-sha';

const agentTrust = createAgentTrust(
  contractAddress,
  provider
);

// THE CANONICAL AGENT VERIFICATION
if (!(await agentTrust.verifyAgent(agentId))) {
  throw new Error("Untrusted agent");
}

// Proceeds only if all four gates pass
await collaborate();

Identity Layer

TON-SHA Contract

kQBVq...05OP · Tact 1.6

ACTIVE

Actor Model

TON VM / TVM

Built-in sha256() opcode

NATIVE

Consensus

TON Shardchain

Testnet · Workchain 0

LIVE

— Live Contract State —

Contract kQBVq...05OP

Network TON Testnet ✓

Counter (min) 17+

Gas / op 0.03 TON

Language Tact 1.6

Hash fn SHA-256 (TVM native)

Applications

Agent Use Cases

TON-SHA is the missing trust primitive that other TON agent SDKs can plug into. It does not replace agent SDKs — it provides the foundational verification layer they depend on.

DeFi Bots

Verified identity for autonomous trading bots. DeFi protocols can verify bot identity before executing trades, preventing rogue bot attacks and ensuring execution integrity for on-chain strategies.

// Verify trading bot before execution if (await agentTrust.verifyAgent(botId)) { await protocol.executeTrade(botId, params); }

Oracle Nodes

Hardware-backed proof for oracle data providers. Consumers can verify that the oracle node submitting data runs approved firmware on enrolled hardware — not a spoofed endpoint.

// Verify oracle before consuming data if (await agentTrust.verifyAgent(oracleId)) { const data = await oracle.getData(); return data; // trusted }

Cross-Chain Agents

Sovereign agent identities that persist across chains. The receipt format is compatible with the Arbitrum SHA implementation — one agent identity, verifiable on TON and Arbitrum.

// Agent marketplace: verify before listing if (await agentTrust.verifyAgent(providerId)) { marketplace.listProvider(providerId); }