In this system, a specific model instance encodes file metadata into a signature artifact. That same model instance is required to verify it. Signing authority is controlled through a short-lived “lease” (15 minutes), and can be revoked to intentionally invalidate verification.
This is not RSA/ECDSA, and I’m not making cryptographic claims or guarantees. I’m exploring whether the encoding method combined with short-lived authority can function as a signing primitive.
What you can do: - Upload a non-sensitive file - Generate a downloadable signature package - Verify it later - Revoke the signing authority and observe verification behavior change - Session based. Files are processed in memory and not stored.
Core Properties: - Signatures are encoded using a specific trained model instance - Only the specific model instance can decode/verify the signature - Authority is short-lived through a 15-minute lease - Revocation is built into the design - No long-lived private keys - No blockchain or ledger
Challenge:
If you’re technically inclined, I’d genuinely love for you to try to break it. Specifically...
- Attempt to forge or reverse-engineer the signature artifact - Modify files after signing and try to preserve verification - Alter metadata in the signature package - Replay artifacts across leases
If you can successfully forge or meaningfully reproduce a valid signature artifact without access to the model instance, I’d love to hear about it. This demo is intentionally inspectable and challengeable. I am not inviting attacks against the site or infrastructure — just scrutiny of the method and encoding assumptions.
Project info and write-up: - https://lyfe.ninja/projects/#BlkBolt - https://lyfe.ninja/news/#revocable-signature-demo
If there are obvious flaws, I’d rather learn that now than later. Thanks for taking a look.