Machines became the majority.
Identity didn't keep up.
In June 2026, bots crossed into the majority of web traffic — 57.5% of HTML requests, per Cloudflare. Every layer of the stack is now scrambling to answer the same question — which agent is this? — and each is answering at a layer it happens to own, with an answer only it can vouch for.
Whisper answers at the layer none of them own: the network. The agent's address is its identity. Anyone can prove it — without trusting us.
Everyone answers at a layer they rent.
Cloudflare: a registry it controls.
Signed agents, bot verification, an agent gateway — real engineering, all anchored in a registry one company operates, checkable only where that company terminates the connection. The verifier has to trust Cloudflare.
Payment networks: payment-scoped tokens.
Visa and Mastercard are issuing agentic-commerce credentials — authority to pay, scoped to a transaction on their rails. Nothing a third party can verify outside the checkout flow.
Okta, Entra, SPIFFE: one trust domain.
Workload and non-human identity, done well — inside a single organization's boundary. The moment an agent leaves the org, its identity stops meaning anything to strangers.
The IETF: drafts.
Internet-of-Agents drafts argue for address-as-identity; DNS-AID and ANS specify DNS-anchored agent naming. The direction is right. What's missing is an operator running it in production.
The pattern: every answer is a credential the issuer must keep vouching for, at a chokepoint the issuer owns. That is a gatekeeper business. The internet already solved this class of problem differently — with protocols anyone can verify and no one has to ask permission to check.
We answer at the network layer.
Each agent gets a routable IPv6 /128 from 2a04:2a01::/32 — address space we hold as a RIPE LIR, announced from our own AS219419. The address is named in signed reverse DNS, key-pinned by DANE under DNSSEC, documented in RDAP, recorded in an Ed25519-signed, Bitcoin-anchored transparency log, and its traffic sources from that /128 — identity provable per-packet. A stranger verifies all of it with dig, curl, and openssl. No account with us. No API of ours in the trust path.
That last part is the strategic difference, so we made it a command. One flag re-proves an agent from the IANA DNSSEC root with the Whisper API explicitly untrusted — run against our genesis agent, live:
$ whisper verify --trustless 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478
FIELD VALUE
address 2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478
fqdn ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online
agent ae3b051ff3bf7f478
tenant tdc38e7c55bad3306a92b830f9bb1e4f9
tlsa_sha256 9ec1ef18a1f15e5480a0fc3c8d6e9690b2ccf1a7fa7146201940f28c422bb47d
served_spki 9ec1ef18a1f15e5480a0fc3c8d6e9690b2ccf1a7fa7146201940f28c422bb47d
CHECK RESULT TRUST DETAIL
dnssec pass DNSSEC-root AAAA, PTR and TLSA(3 1 1) all DNSSEC-validated to the IANA root; address <-> fqdn consistent
dane pass DNSSEC-root served leaf SPKI-SHA256 == TLSA pin; DNS-SAN=ae3b051ff3bf7f478...agents.whisper.online, IP-SAN=2a04:2a01:b69a:6717:e3b0:51ff:3bf7:f478; issuer "Whisper Agent Identity Issuing CA"
transparency pass DNSSEC-root root signature verified; 1 event(s), root_hash bound; 1 ledger leaf/leaves included (RFC-6962)
identity_doc pass DNSSEC-root JWS verified against the DNSSEC-anchored key; address/fqdn/tlsa claims match the DNSSEC-validated facts
whisper: ae3b051ff3bf7f478.tdc38e7c55bad3306a92b830f9bb1e4f9.agents.whisper.online is CRYPTOGRAPHICALLY PROVEN — trust anchor: DNSSEC root (IANA anchor) + DANE-EE + DNSSEC-anchored transparency/ledger keys -- Whisper API NOT trusted
A vendor whose product is a registry cannot ship that flag; removing themselves from the trust path removes the product. We can, because what we sell is not the vouching — it is the network, the address space, and the operations underneath. Protocols, not gatekeepers; no platform lock-in by construction. Every leg is reproducible keylessly with stock tools — the recipes are on Under the hood.
The counters are small, and public.
We publish our own numbers because everything here is verifiable — including how early we are. This is genesis, not a growth chart. What the counters prove is that the whole stack is live in production, not a deck.
Captured 1 July 2026 from the live registry. Check them yourself: curl -s https://whisper.online/checkpoint for the signed ledger head, or the live network at agents.whisper.online.
The moat is ground, not software.
Five assets, each slow to acquire, that only work as one system. Software gets copied; standing on the internet is earned in years.
We hold 2a04:2a01::/32 as the LIR — 296 agent identities of real, RIPE-registered address space. The registry chain from any agent's RDAP record ends at RIPE's record for our block, with no third party in between.
AS219419: RPKI-signed, MANRS-compliant, dual-homed BGP. Identity that is routable is identity that is provable per-packet — the packets themselves source from the agent's /128.
Our own authoritative + policy-resolver stack signs and serves zones while they mutate continuously — deterministic keys, byte-identical on both nameservers. Not BIND, not a rented SaaS. This is what lets an allocation fire a dozen standards atomically.
7.43B nodes and 39.8B relationships mapping the live internet — who runs a host, is it safe, with the evidence chain. Every agent's resolver consults it before answering. Years of continuous collection, growing daily.
Every identity claim is anchored outside Whisper: the IANA DNSSEC root, DANE pins, an Ed25519-signed transparency log anchored to Bitcoin. Competitors must ask to be trusted; we ship the proof that we don't have to be.
Built by people who have run root-of-the-internet infrastructure and kept it boring for decades. Internet-grade DNS, routing and registry operations are a craft acquired the slow way. The team →
The field, surveyed honestly.
Every approach below is real work by serious people. Each covers a slice; the honest column is the one on the right — ours included.
| Approach | What it does | Who must be trusted | Where it stops short |
|---|---|---|---|
| Cloudflare agent plays (signed agents, Web Bot Auth, gateway) | Bot verification + egress at their edge | Cloudflare's registry | Verifiable only where Cloudflare terminates the connection; the issuer is the gatekeeper |
| Payment-scoped tokens (Visa, Mastercard agentic commerce) | Authority for an agent to pay | The payment network | Scoped to the transaction; nothing to verify outside the rails |
| ANS, DNS-AID | DNS-anchored agent naming | DNSSEC root | 2026 specs, name-based; no routable address, no egress plane, no operating deployment at scale |
| W3C DID, Verifiable Credentials | Portable cryptographic identity | The issuer | Resolution rides on issuer infrastructure; no binding to the network the agent actually speaks from |
| SPIFFE, Entra Agent ID, Okta | Workload / non-human identity | The org's platform | Stops at the trust-domain boundary; meaningless to strangers |
| IETF Internet-of-Agents drafts | Address-as-identity thesis | (proposed) DNSSEC root | Still drafts; no verification stack, no operator |
| Whisper | Address-as-identity on our own AS, provable by strangers with stock tools | The IANA DNSSEC root — not Whisper | IPv6-native (verification works from v4-only today; native reach uses our egress tiers); young — the genesis-scale counters above are ours |
Standards chose this direction in 2026.
DNS-AID and the Agent Name Service both landed on the same thesis this year: agent identity should be anchored in DNS and DNSSEC — the one globally deployed, hierarchically delegated trust system the internet has. The IETF's Internet-of-Agents drafts go further, toward the address itself. We didn't lobby for that direction. We built it, and it is in production.
That makes Whisper the existence proof the standards conversation was missing: an operator running address-anchored, DNSSEC-rooted agent identity on real address space, verifiable end-to-end today. If name-based schemes win naming, we publish those names too — they sit one CNAME above an address we already prove. The primitives underneath — DNSSEC, DANE, RDAP, RFC 6962 — are the internet's own, which is precisely why the direction of standardization runs toward us, not around us.
The market, framed without puffery.
The category is agent networking and identity infrastructure — the layer every agent transaction crosses, priced per identity and per packet, not per seat. The structural comparison is Cloudflare: own the network, make the right thing the easy thing, and let the traffic growth of an internet era compound through you. Agents are that era's traffic — already the majority of it.
Demand evidence, cited honestly: analysts already size adjacent non-human-identity access management at USD 9.45B in 2024, growing to USD 18.71B by 2030 (MarketsandMarkets). That figure is not our TAM — it measures enterprises' spend on governing machine credentials inside their own walls, the layer above ours. We read it as proof the question "which machine is this?" already carries a budget line, before agents crossed into the traffic majority. The network layer that answers it for strangers, across organizational boundaries, is unclaimed. That is the land we hold.
The pushbacks, answered.
"Won't Cloudflare just do this?"
Their answer is a registry they control, monetized at an edge they terminate. Removing yourself from your own trust path — our defining feature — dissolves that product. If they adopt address-anchored identity instead, they validate the layer we already operate. Either way, the LIR allocation, the AS, the RIR chain and a custom signing engine are years of standing, not a sprint.
"Three agents?"
Yes — and we print it, live, rather than a vanity number. The sequencing is deliberate: proofs before promotion. Distribution is already shipped — the MIT-licensed CLI in every major package channel, an MCP server, npm and PyPI SDKs, a twelve-tool whisper init family. See Integrations.
"IPv6 is a wall."
The identity is v6; the verification is transport-independent. dig, curl, RDAP and the ledger all answer from a v4-only network today. Agents on v4-only hosts reach their /128 through our tunnel and proxy tiers. The 128-bit address space is why per-agent identity is possible at all.
"You've bet everything on DNSSEC."
On the IANA root — the most public, most audited trust anchor in existence, with key ceremonies performed on camera. And it is not alone: issuance is independently recorded in an Ed25519-signed transparency log, anchored to Bitcoin via OpenTimestamps. Two legs, disjoint failure modes.
"What about abuse and revocation?"
Per-/128 attribution beats anonymous NAT pools: every packet names its agent, revocation is one call (op:revoke), and its effect is publicly provable via the signed status-list and DNS itself. The policy and SLA are on Trust.
"Who watches the ledger?"
Today: it is tamper-evident, Ed25519-signed, DNSSEC-anchored, and Bitcoin-anchored — anyone can detect a rewrite. Independent witnesses are being recruited; we say exactly that, because the difference between "witnessed" and "witnessable" matters, and honesty about it is the product.
Protocols, not gatekeepers.
Every prior internet era minted an infrastructure company at the layer where trust had to live: certificates, CDNs, clouds. The agent era's trust question is "which agent is this?" — and the durable answer is the one strangers can verify without asking anyone's permission. We built that answer on address space and an autonomous system we own, out of the internet's own standards, and it is running. Skeptical? Good. Every claim on this page is checkable from your terminal — start with dig -x.