The OMA Token sale is live

on Republic
x402 signer authorization

Authorization for x402 Signing Keys

Implement the x402 Signed Offer and Receipt extension with verified signing keys and portable reputation.

Agent
x402 payment
Verified receipt
OMATRUST AND X402

x402 receipts and key authorization

01 / 05Receipt Proofs
X402 SERVICE
no receipt
no receipt
no receipt
receipt filter

Verified receipts enable trustworthy reviews

x402 receipts prove a service transaction. Reviews without receipts can be filtered out.

VERIFICATION IS NOT AUTHORIZATION

A valid signature only proves the math

x402 receipts are portable proofs of interaction. OMATrust makes them forge-resistant.

Signature verification

Confirms that some private key signed the receipt payload.

Authorization verification

Confirms that the signer was allowed to represent the service.

Forged receipt rejection

Rejects valid-looking receipts from keys outside the trust profile.

PROGRESSIVE AUTHORIZATION

The 3 levels of key authorization

Each level addresses a specific failure mode. Start with Level 1 and add layers as your security requirements grow.

LEVEL 1

Your domain proves your keys

Create a DNS TXT record or host a DID document at your domain listing your authorized signing keys. Any receipt signed by an unlisted key fails authorization, even if the signature is valid.

Prevents unrelated signers from claiming a service identity. Gives verifiers a live ownership check.

LEVEL 2

Durable key authorization

A Controller Witness creates a historical authorization record on the blockchain. Verification continues even when your own endpoint is unavailable or you rotate your keys.

Receipts remain verifiable during CDN outages or DNS issues. Past signatures are still valid even when the key is not listed anymore.

LEVEL 3

Revoke a compromised key instantly

Enterprise key bindings let you broadcast key purpose and revocation for the ultimate in authorization.

Supports regulated environments, security policy enforcement, and key lifecycle management.

A more trustworthy x402 ecosystem

Receipts become attestations

Reviews, disputes, and audits can reference portable proof of service interaction.

Keys bind to service identity

Receipts resolve through DNS/DID, witnesses, and key lifecycle controls.

Agents inherit better signals

Machine clients can evaluate reputation without trusting raw wallet volume.

Built by OMA3

Authors of the x402 Signed Offer and Receipt extension.
Associate Member of the x402 Foundation.

Authorization is just the beginning

OMATrust lets you respond to reviews, publish security audits, demonstrate compliance, and build your service reputation.