Agriculture
A harvested token and a guessable serial shouldn't be able to reach every machine on the land, and a farmer's data shouldn't leave the farm without a trail.
A farm-data backend authenticates a claim: a bearer token, an API key, a grower login. It never authenticates the machine on the other end. Whisper closes that gap with one primitive: the machine's address is its identity. This page is the agriculture front door to the Whisper docs. The full technical library (DNSSEC, DANE, RDAP, the control-plane API) sits one click down the sidebar, shared verbatim with whisper.online.
The problem: equipment-API abuse, and the data-sovereignty gap behind it
A third party reverse-engineers a farm platform's APIs until it holds the exact calls the official apps and partners make, then authenticates the same ways they do: a phished grower login, a static partner key, or an OAuth bearer token portable to any IP, whose refresh token stays valid for a year. From there it is contract-less, low-and-slow polling, indistinguishable from a real integration because it is the integration's protocol. Rate-limit it and a fresh IP appears; the egress hops across clouds and residential proxies, so all the SOC ever logs is a meaningless last IP. The root cause has a name: OWASP broken authentication / BOLA. The token authenticates a claim, never the machine.
And in agriculture the wound is double. "Farmers own their farm data" is the first principle of every ag-data code of conduct, and today it is a contract clause with no network fact behind it: nobody can prove who touched what. Detection will always be a step behind a credential that is genuinely valid. The strictly-stronger move is to change what the backend trusts.
The cure: the address is the machine
Shipped & live. Deriving a machine or ECU /128 from the hardware key it already holds is in production today. Provision one with the control-plane call below, then verify it from the DNSSEC root with tools already on your machine.
Whisper gives each machine (or each implement ECU) a routable IPv6 /128 out of 2a04:2a01::/32 (announced by AS219419), derived deterministically from the device's public key: its SubjectPublicKeyInfo, from the secure element or TPM in the telematics gateway, with the machine's 17-character equipment PIN (and, optionally, an implement or ECU serial) as the domain separator. The private key never leaves the chip; only its public SPKI is an input. The result is DNSSEC-anchored, DANE-EE 3 1 1 pinned, and RDAP-registered. Anyone with dig can re-derive and verify it.
device public key (SPKI) ──derive · domain-sep = PIN──▶ /128 ──DNSSEC + DANE-EE 3 1 1──▶ a name anyone verifies
secure element / TPM in 2a04:2a01:1c0::a6f1 RDAP-registered whisper verify --trustless
the telematics gateway routable, tenant-bound op:'revoke' → owner-thrown, public
(private key stays on-chip)
Because the derivation is tenant-bound, the same key under two different fleets yields two unrelated /128s: an outsider cannot link a machine across fleets. And because the domain separator is the PIN, PIN alone yields nothing. You cannot go PIN → /128 without the key, there is no enumerable directory, and RDAP and reverse-DNS return the registry object, never the machine's whereabouts.
What becomes true the moment a machine holds one:
- "One IP → a whole co-op" becomes physically impossible. You cannot present thousands of machine-identities whose keys you don't hold; every forgery is a DNSSEC/DANE inconsistency any verifier catches.
- IP rotation becomes irrelevant. Identity is not the source IP. The "last IP" was never the credential, so rotating it across clouds or proxies changes nothing.
- Harvested grants fail. A valid-looking token with no machine-key behind it authenticates to nothing.
- One
revoke, thrown by the owner, retires a machine's identity worldwide at DNS-TTL speed: no fleet-wide reset, no CRL you hope every machine fetched, and the act is publicly checkable in DNS, never a covert lockout.
Additive, never a replacement. Whisper complements the anchors agriculture already ships: the ISOBUS (ISO 11783) NAME and AEF Guideline 040's ISOBUS security principles, the secure element / TPM, and the X.509 mTLS the OEM cloud already runs. It is the publicly verifiable, DNSSEC/DANE-anchored layer on top, anchoring the machine↔cloud boundary. Whisper never reaches into the ISOBUS/J1939 bus itself, tractor-implement (TIM) functional safety, or a drone's Remote-ID broadcast.
Provision a machine identity
Provisioning is one control-plane call over the public API: POST https://graph.whisper.security/api/query with your X-API-Key. Hand it the device's base64 SPKI and the equipment PIN; it returns the deterministic /128 and a WireGuard config for source-bound egress. The PIN travels in the vin argument today: the two identifiers share the same 17-character format, and an equipment-native pin alias is on the roadmap.
CALL whisper.agents({op:'connect', args:{
tier:'wireguard',
identity_public_key:'<base64 SPKI of the device key>',
vin:'1AGCM82633A004352' // the machine's 17-character PIN rides here today
}}) YIELD op, ok, status, result, error
RETURN op, ok, status, result, error
Send it with your key. The heredoc keeps the single-quoted Cypher literals intact, so this runs as-is:
curl -s https://graph.whisper.security/api/query \
-H "X-API-Key: whisper_live_xxx" \
-H 'content-type: application/json' \
--data @- <<'JSON'
{"query":"CALL whisper.agents({op:'connect', args:{tier:'wireguard', identity_public_key:'<base64 SPKI>', vin:'1AGCM82633A004352'}}) YIELD op, ok, status, result, error RETURN op, ok, status, result, error"}
JSON
# response
{ "op": "connect", "ok": true, "status": "created",
"result": {
"address": "2a04:2a01:1c0::a6f1",
"fqdn": "pin-1agcm82633a004352.farm.<tenant>.agents.whisper.online",
"wireguard": { /* peer, keys, allowed-ips */ }
} }
The call is idempotent and liberal in what it accepts, strict in what it returns: re-running with the same key and PIN returns the same /128; a different PIN for a key already registered on your tenant is a clear 409, not a silent overwrite; a non-string PIN is a 400 that tells you exactly what was wrong, never an opaque 500.
A dedicated --pin CLI flag is on the roadmap; today, machine provisioning is the control-plane call above (which is live). The shipped CLI verbs are whisper verify --trustless, whisper create --register, whisper kill --revoke, whisper policy, and whisper logs. See CLI & one-command.
Verify it yourself: no account needed
Every machine identity is checkable with no key and no login, from the internet's own records. That includes the farmer whose machine it is. The whisper CLI does the full walk in one call:
whisper verify --trustless pin-1agcm82633a004352.farm.<tenant>.agents.whisper.online
✓ DNSSEC chain valid to the IANA root
✓ DANE-EE (TLSA 3 1 1) leaf matches the identity's key
✓ RDAP: registered under AS219419 · 2a04:2a01::/32
identity: VERIFIED (our own API was never trusted)
Or reach for the raw records directly: the same answer, from stock tools:
# the public verify endpoint: evidence chain in JSON
curl -s https://whisper.online/verify-identity/2a04:2a01:1c0::a6f1 | jq
{ "is_whisper_agent": true, "dane_ok": true, "jws_ok": true, "evidence": { /* … */ } }
# the address is the machine: forward-confirmed reverse DNS names it
dig -x 2a04:2a01:1c0::a6f1 +short
pin-1agcm82633a004352.farm.<tenant>.agents.whisper.online.
# the registry object: who holds the address, and under which allocation
curl -s https://whisper.online/ip/2a04:2a01:1c0::a6f1 | jq
None of these calls Whisper as an authority: --trustless re-derives the proof against the public DNSSEC root, exactly as any resolver could. See Verify an agent for the full keyless check and DANE & TLSA for the pin, byte for byte.
Revoke, worldwide, owner-thrown
A compromised ECU, a trade-in, an auction sale, a decommission. One call tears down the /128, its PTR, and its DANE pin everywhere at DNS-TTL speed, and the act is publicly checkable: the same dig that proved the identity existed proves it is gone.
CALL whisper.agents({op:'revoke', args:{agent:'2a04:2a01:1c0::a6f1'}})
# after the TTL: dig -x returns nothing, verify returns false
whisper kill --revoke 2a04:2a01:1c0::a6f1
Agriculture already learned that remote disablement works: in 2022, roughly $5M of looted equipment was bricked from afar, and nobody outside the platform could verify who threw the switch. Whisper's revoke is the accountable version: thrown by the registered owner, visible in public DNS, never a covert lockout. Compromise one ECU and you've compromised that ECU, not the fleet.
Attribution: name whoever already scraped you
Identity stops the next forgery; the graph names the operator behind the grants already in your logs. That attribution survives IP rotation because it fingerprints the operator and the tooling, not the ephemeral egress IP. Run it as read-only Cypher over the same public API with your key (there is no CLI subcommand for this; it is the graph API directly):
curl -s https://graph.whisper.security/api/query \
-H "X-API-Key: whisper_live_xxx" \
-H 'content-type: application/json' \
-d '{"query":"CALL whisper.identify(\"34.90.x.x\")"}'
# operator fingerprinted across AWS / GCP / Azure; residential swarm collapsed by JA4
The read-only verbs (identify, origins, walk, variants, history) each return a reproducible, replayable JSON evidence chain your SOC, PSIRT, and a regulator can replay. More in Graph & cognition.
What ships today, and what's on the roadmap
We label these honestly so you can plan against them.
| Shipped & live | On the roadmap |
|---|---|
Machine/ECU /128 from the device key + the 17-character PIN: DNSSEC + DANE-EE + RDAP |
An equipment-native pin argument and --pin CLI flag (the PIN rides in vin today); an ISOBUS-NAME domain separator |
| Control-plane provision, verify, revoke; the attribution graph over the public API | STIX 2.1 over TAXII export |
| The Splunk, Microsoft Sentinel and OpenCTI connectors (signed, replayable JSON → CEF / ECS fields) | Sector-ISAC-ready sharing formats for food & agriculture |
The integration guides below describe proposed integrations at the cloud and IP boundary. They're designed to complement the stack you already run, not endorsed by any vendor, and they never name a specific OEM or platform as a breach victim.
The five Agriculture guides
The agriculture story, in depth: each page is self-contained and copy-paste runnable.
/128 from the hardware key a machine or ECU already holds. Deterministic, tenant-bound, DNSSEC + DANE-EE pinned: the machine-identity spine.
Equipment API-abuse cure →Why a harvested grant reaches a whole co-op, and how a forge-proof address ends it: the BOLA root cause, cured at the identity layer, with the farmer's data trail restored.
Agritech integrations →Proposed integrations at the cloud/IP boundary: farm-data platforms, ISOBUS/AEF 040, cross-brand exchange, ag drones, LPWAN gateways. Complements, never replaces.
Agriculture compliance →Map identity and attribution evidence to ISO 24882, AEF Guideline 040, the EU Data Act, Ag Data Transparent, and the FSMA 204 / EUDR traceability wave, as a network primitive, not a binder.
Agriculture recipes →Runnable recipes: verify a drone ground station, secure prescription delivery in both directions, prove a genuine part, and throw an owner-controlled kill-switch.
The full technical library
Agriculture rides on the same address-is-identity platform as every other agent on the network, so the whole shared library applies here unchanged, and every page has a clean Markdown twin at the same path + .md. Start with these; the rest is in the sidebar.
dig, curl, and openssl.
DANE & TLSA →The 3 1 1 pin that makes an address forge-proof, byte for byte, no CA in the path.
Control plane →The full whisper.agents API (provision, connect, policy, logs, revoke) over the public endpoint.