Mediator Receipts: The Question to Ask About Agent Attestation

If your AI agent signs its own decision receipts, the agent is its own witness. That matters when an auditor, regulator, or customer security team asks "who signed this." The cryptography is fine. The chain holds. The question is who held the pen. I'm not picking on any vendor. As agent runtimes ship signed-receipt formats, the architecture question lives in the same place every time: where does the signing key sit, and what's its trust relationship to the agent process? The two shapes A signed receipt has three parts: payload, signature, signer. Payload says what happened.