# Whisper — the full catalog (every endpoint, every channel). This is the EXPANDED sibling of https://whisper.online/llms.txt. Start there for the short version (come home in one line, verify the first resident, sign up); come here for the complete endpoint list, the full distribution surface, and the whole connect+egress journey, spelled out. Everything below is either KEYLESS (public, no account, verifiable by a stranger from stock tools or the IANA DNSSEC root) or KEY-GATED (needs the API key from sign-up). Both halves are real; no surface here is validation only — a key always unlocks the actual control plane and egress, never a demo. ## 1. Identity: the eight proofs, in full Run against the first resident; swap in any agent's address/fqdn/name. ``` # keyless, stock tools -- no Whisper code dig -x 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 +short # 1 reverse DNS (PTR) dig +short AAAA ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online # 2 forward DNS (AAAA) dig +short CNAME scout.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online # 3 the friendly name, same agent dig +short TLSA _443._tcp.ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online # 4 DANE-EE key pin (usage 3 1 1) curl -s https://rdap.whisper.online/ip/2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 # 5 RDAP registry record (RFC 9083) whois -h whois.whisper.online 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 # 6 WHOIS, same record (RFC 3912) curl -s https://rdap.whisper.online/verify-identity/2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 # 7 keyless full-chain verdict (JSON) # keyless, one CLI command -- re-derives 1-7 itself, anchored at the IANA root whisper verify --trustless 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478 # 8 CRYPTOGRAPHICALLY PROVEN, Whisper API NOT trusted ``` Every DNS answer above validates AD=YES on any validating resolver (1.1.1.1, 8.8.8.8, your own). `verify-identity` accepts either an address or an FQDN target and returns `{is_whisper_agent, dane_ok, jws_ok, evidence:{...}}`; a non-agent target returns a clean `{"is_whisper_agent": false}`, never an error. Legacy protocols, same identity, still keyless: ``` finger 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478@finger.whisper.online # FINGER (RFC 1288, port 79) ftp ftp.whisper.online # anonymous read-only NIC archive (RFC 959, port 21) ``` ## 2. The transparency ledger: every endpoint RFC-6962 Merkle transparency log, served as C2SP tlog-tiles with signed-note checkpoints. All keyless, all public: ``` GET https://whisper.online/checkpoint # signed checkpoint: origin \n tree_size \n root_hash \n Ed25519 signature GET https://whisper.online/checkpoint/key # the log's public key + key id (pin/verify it) GET https://whisper.online/checkpoint/status-list # signed revocation status-list (who's been revoked) GET https://whisper.online/checkpoint/ots # the latest checkpoint's OpenTimestamps Bitcoin proof GET https://whisper.online/tile// # a Merkle tile (C2SP tlog-tiles addressing) GET https://whisper.online/consistency?old=&new= # RFC-6962 consistency proof between two tree sizes GET https://rdap.whisper.online/ip//transparency # one agent's issuance events + RFC-6962 inclusion proof dig +short TXT _whisper-ledger.whisper.online # the log's Ed25519 key, DNSSEC-anchored (DKIM-style) dig +short TXT _whisper-identity.whisper.online # the identity-document signing key(s), DNSSEC-anchored ``` Leaf/commitment construction (for anyone re-deriving a proof by hand): `leaf = sha256(0x00 || sha256(salt || event))`, `interior = sha256(0x01 || left || right)` (RFC 6962). Entries are opaque salted commitments, so a record can be crypto-shredded (GDPR Art. 17) without breaking the tree or any prior inclusion proof. Honest status: tamper-evident and Ed25519-signed today, Bitcoin-anchored via OpenTimestamps; independent witnesses are being recruited (the checkpoint is the open C2SP format any witness can co-sign, and we co-sign back) — not yet independently witnessed. Full policy: https://nic.whisper.online/policy#transparency ## 3. Registry, DNS, and the per-agent trust anchor: every endpoint ``` GET https://rdap.whisper.online/ip/ # RDAP, an agent's /128 (RFC 9083) GET https://rdap.whisper.online/domain/ # RDAP, an agent's forward name GET https://rdap.whisper.online/verify-identity/ # keyless full-chain verdict GET https://rdap.whisper.online/identify/ # from INSIDE a connected agent only: who runs , is it safe whois -h whois.whisper.online # WHOIS (RFC 3912), same record dig @2a04:2a01:0:53::53 +dnssec # a dedicated per-tenant :53 resolver (Tier 2) curl -H "X-API-Key: whisper_live_..." -H "content-type: application/dns-message" \ --data-binary @query.bin https://doh.whisper.online/dns-query # DoH (Tier 2, keyed) GET https://whisper.online/.well-known/geofeed # RFC 9092 geofeed: jurisdiction per agent /128 GET https://whisper.online/.well-known/whisper-ca.pem # the per-agent-identity CA root, PEM (public cert only) GET https://whisper.online/.well-known/whisper-ca-chain.pem # root + intermediate, PEM-concatenated GET https://whisper.online/.well-known/whisper-ca.json # SHA-256 fingerprints of the CA + usage note ``` Trust-anchor note: a peer validating an agent's TLS leaf can anchor EITHER way — DANE (the `TLSA` record under DNSSEC, no certificate authority needed at all) OR the Whisper Agent Identity CA root above (`whisper-ca.pem`, e.g. via `NODE_EXTRA_CA_CERTS`/`SSL_CERT_FILE`). DANE is the trustless-by-default path (no file to fetch or pin); the CA root is the drop-in path for stacks that only know how to trust a CA bundle. ## 4. Connect + egress: the full flow Verifying is step one, not the whole journey. Every agent also gets a real, routable path out and back, source-bound to its own /128: ``` # with the CLI whisper create --register --label my-agent # mint the identity whisper connect my-agent # bring it home on that address (default tier: socks5) whisper connect my-agent --tier wireguard # or a routed Tier-1 kernel/wireproxy tunnel # the same calls, without the CLI (the control plane is one Cypher verb) CALL whisper.agents({op:'register', args:{label:'my-agent'}}) -> api_key, address (a routable /128), fqdn, ptr CALL whisper.agents({op:'connect', args:{agent:'my-agent', tier:'socks5'}}) -> http_proxy (HTTPS_PROXY form), connection_string (socks5h://), dns, doh_url CALL whisper.agents({op:'connect', args:{agent:'my-agent', tier:'wireguard'}}) -> a routed WireGuard peer config (kernel or wireproxy/userspace -> local SOCKS5) ``` Tiers, in order of integration depth: - Tier 1 (best) — routed WireGuard: kernel, userspace (boringtun), or `wireproxy` (no-root) to a local SOCKS5. Packets source from the agent's /128 at the kernel level; reverse DNS resolves to the identity. - Tier 1.5 — SOCKS5 / HTTP-CONNECT egress proxy, source-bound to the agent's /128 via AnyIP + IP_FREEBIND over 2a04:2a01::/32. Point `ALL_PROXY` / `HTTPS_PROXY` at the returned `connection_string` / `http_proxy` and every connection leaves as that identity — the universal, zero-install path (curl, git, Node, and Claude Code all speak `HTTPS_PROXY` natively). - Tier 2 — keep your own address; use Whisper only for control (DoH on :443 with your key, or a dedicated per-tenant IPv6 /128 resolver on standard :53). Confirm the egress actually sources from the agent's own /128 — the keyless echo, fetched THROUGH the proxy (never trust a client-side claim): ``` curl -x -s https://whisper.online/egress-ip -> {"ip":""} ``` `whisper ip