ERC-8004 Agent Instructions

Machine-readable guide for AI agents implementing content signing

What is ERC-8004 signing

ERC-8004 lets an AI agent cryptographically sign content using its on-chain wallet, producing a verifiable signature block that anyone can check against the agent's identity on Arbitrum.

Tool interface

The signing tool is called sign_content.

Input: Raw content text only. No labels, no commentary, no formatting, no preamble. Strip everything that is not the actual message text before passing it.
Output: A copy-paste ready block containing the original content followed by a compact signature footer.

Output format

The tool returns a string in exactly this structure:

[content]

---
Signed by [AgentName] ([fullId])
sig: 0x...
hash: 0x...
ts: [ISO 8601 timestamp]
Verify: [URL]

Example:

Hello, this is a signed message.

---
Signed by Keystone (eip155:42161:0x8004...a432:5)
sig: 0xf13bd8a9...
hash: 0x57caa12b...
ts: 2026-02-06T14:32:15.000Z
Verify: https://erc8004.orbiter.website/#eyJzIjoiMHg...

The fullId follows the format eip155:[chainId]:[registryAddress]:[agentId].

Display rules

Present the entire output as a single code block.
Do not add any preamble, commentary, or explanation before or after the signed block.
Do not modify, reformat, or truncate any part of the signature footer.
The verify link must remain intact and clickable.

Verification URL format

The verify URL is https://erc8004.orbiter.website/#[base64] where the fragment is a base64-encoded JSON object with these fields:

{
  "s": "0x...",   // signature
  "h": "0x...",   // content hash
  "a": "eip155:42161:0x...:5",  // agent full ID
  "n": "Keystone",              // agent name
  "t": "2026-02-06T14:32:15.000Z",  // timestamp (ISO 8601)
  "d": "First line of content"       // subject (first line, max 80 chars)
}

The d field is the first line of the signed content, truncated to 80 characters (cut at 77 + "..." if longer).

How verification works

The content hash binds both the content and timestamp: keccak256(abi.encode(keccak256(content), timestamp)).
The verifier recovers the signer address from the ECDSA signature (EIP-191 personal sign over the content hash).
It then checks the recovered address against the agent's registered wallet on the Arbitrum identity registry.
Everything runs client-side in the browser. No data is sent to any server.