🔒 TRANSMISSION LOCKED
CC0 specification for cryptographic pseudonymous publishing. Use it for your own work.
← Back to toolsResearch & Education
CC0 specification for cryptographic pseudonymous publishing. Use it for your own work.
Cryptographic Identity for Pseudonymous Publication
Version 0.1.0
Pseudonymous authors have no standard mechanism to prove authorship of their work, to verify continuity across multiple works, or to defend against impersonation. The Signed Author Protocol binds a pseudonymous identity to a body of work through Ed25519 key pairs and SHA-256 manuscript hashes. The author generates a key pair once. The private key becomes their identity. The public key, distributed with the work, allows anyone to verify that a given manuscript was signed by that author, that a new work comes from the same author as a previous one, and that a live statement was made by the key holder. No personal information is required or revealed at any point.
Pseudonymous authorship is as old as publication itself. The Federalist Papers appeared under "Publius." Kierkegaard wrote as multiple invented authors. Elena Ferrante has published for decades without confirmed identity. Satoshi Nakamoto published the Bitcoin whitepaper, participated in years of public development, and vanished.
These pseudonyms rely on social trust: editorial relationships, consistent voice, platform continuity. None of them have a mechanism that is independently verifiable, transferable across platforms, or resistant to impersonation.
Digital publication makes this worse. Anyone can register a username. AI-generated text makes stylistic analysis unreliable as an authorship signal. A pseudonymous author who publishes on one platform today may need to prove the same identity on a different platform tomorrow, or prove that a new book is by the same person who wrote the first one, or prove that a public statement was made by the real author and not an impersonator.
Cryptographic signatures solve all of these problems. The Signed Author Protocol is a minimal specification for how any pseudonymous author can establish, maintain, and prove a persistent identity bound to their work, using widely available open-source tools, without revealing anything about who they are.
The author generates an Ed25519 key pair. Ed25519 is chosen for its security properties, small key and signature sizes, resistance to timing attacks, and wide availability in standard cryptographic libraries.
Private key: This is the author's identity. Possession of this key is the sole proof of authorship. It must never be shared, published, or transmitted.
Public key: This is distributed with the work. It allows anyone to verify signatures produced by the private key.
The key pair is generated once and reused across all works by the same pseudonym. A single key pair can sign an unlimited number of manuscripts and statements.
# Generate Ed25519 private key
openssl genpkey -algorithm Ed25519 -out author_private.pem
# Extract public key
openssl pkey -in author_private.pem -pubout -out author_public.pem
# Lock down private key permissions
chmod 600 author_private.pemThe public key in PEM format is a short base64 string (approximately 44 characters for the raw key material) suitable for printing in a book, posting on a profile, or embedding in metadata.
The author computes a SHA-256 hash of the canonical manuscript. "Canonical" means the author defines which files, in which order, constitute the work. This definition must be stable and documented.
For a single-file manuscript:
shasum -a 256 manuscript.txtFor a multi-file manuscript, concatenate in a defined reading order:
cat chapter01.txt chapter02.txt chapter03.txt | shasum -a 256The concatenation order is part of the specification. Changing the order changes the hash. The author should document the canonical file list alongside the attestation.
The resulting SHA-256 hash uniquely identifies the exact manuscript content. Any change to any character in any file produces a completely different hash.
The attestation is a plaintext document that binds the pseudonym, the manuscript hash, and the public key together. It is then signed with the private key to produce a detached signature.
Required fields:
AUTHOR IDENTITY ATTESTATION
I am the sole author of the work titled "[TITLE]."
I publish under the name: [PSEUDONYM]
This attestation binds my pseudonym to my cryptographic identity.
Any future work signed with the corresponding private key is by the same author.
Book title: [TITLE]
Author (pen name): [PSEUDONYM]
Manuscript SHA-256: [64-character hex hash of manuscript content]
Public key SHA-256: [64-character hex hash of public key DER encoding]
Date: [ISO 8601 UTC timestamp, e.g. 2026-03-10T23:59:00Z]
To verify this attestation, check the detached signature (attestation.sig)
against the public key (author_public.pem):
openssl pkeyutl -verify -pubin -inkey author_public.pem \
-in attestation.txt -sigfile attestation.sig -rawin
The holder of the corresponding private key is the author of [TITLE].The public key fingerprint (SHA-256 of the DER-encoded public key) provides a compact identifier for the key itself, useful when the full PEM is inconvenient to reproduce.
# Compute public key fingerprint
openssl pkey -pubin -in author_public.pem -outform DER 2>/dev/null \
| shasum -a 256 | cut -d' ' -f1Signing the attestation:
openssl pkeyutl -sign -inkey author_private.pem \
-in attestation.txt -out attestation.sig -rawinThis produces a detached signature file. The attestation text, the signature, and the public key are all distributed with the work.
Anyone with the public key can verify the attestation:
openssl pkeyutl -verify -pubin -inkey author_public.pem \
-in attestation.txt -sigfile attestation.sig -rawinA successful result prints Signature Verified Successfully. This proves that the holder of the corresponding private key signed this exact attestation text.
To verify the manuscript binding, the verifier also recomputes the SHA-256 hash from the manuscript files (using the documented concatenation order) and compares it to the hash in the attestation. If they match, the signed attestation covers this exact manuscript.
The author can prove continued control of the identity at any time by signing a dated message:
echo -n "I am [PSEUDONYM]. Today is 2026-03-10." > message.txt
openssl pkeyutl -sign -inkey author_private.pem \
-in message.txt -out message.sig -rawin
# Produce a portable signature
base64 < message.sigThe author publishes three things: the exact message text, the base64-encoded signature, and the public key (or a reference to it). Anyone can verify:
echo -n "I am [PSEUDONYM]. Today is 2026-03-10." > message.txt
echo "[BASE64_SIGNATURE]" | base64 -d > message.sig
openssl pkeyutl -verify -pubin -inkey author_public.pem \
-in message.txt -sigfile message.sig -rawinThis mechanism works across any platform. The author can prove identity on a new social network, in an email, in a court filing, or in a newspaper interview, without ever revealing who they are.
When the author publishes a second work under the same pseudonym, they create a new attestation with the new manuscript hash, signed with the same private key. The public key links the two works. Anyone who verified the first attestation can confirm the second was signed by the same key.
No central registry is needed. The key is the identity.
If the author suspects key compromise, or wishes to rotate keys for any reason, they issue a rotation statement signed with the old key:
KEY ROTATION NOTICE
Author: [PSEUDONYM]
Old public key: [old key fingerprint]
New public key: [new key fingerprint]
Date: [ISO 8601 UTC timestamp]
I am rotating my signing key. All future works and identity proofs
will use the new key. The old key should no longer be trusted for
new signatures after this date.This rotation statement is signed with the old private key, proving the original author authorized the transition. The new public key and this signed statement are distributed together.
Key rotation only works while the old key is still under the author's control. If the key is already compromised, rotation is not possible, and the author must fall back to revocation.
If the private key is compromised (or the author suspects it has been), they publish a revocation certificate, signed with the compromised key if still available:
KEY REVOCATION CERTIFICATE
Author: [PSEUDONYM]
Public key: [key fingerprint]
Date: [ISO 8601 UTC timestamp]
This key is revoked. No signatures made after this date should be
trusted, even if they verify against the public key.If the author has lost the private key entirely, revocation is not cryptographically provable. The author can only make a social claim. This is a fundamental property of the protocol: the private key is the identity. Losing it means losing the ability to prove anything.
Pre-signed revocation: As a precaution, an author may generate and securely store a pre-signed revocation certificate at key generation time, to be published only if the key is compromised and the private key is no longer accessible.
Complete steps for an author starting from nothing.
Prerequisites: A computer with openssl (version 3.0+) and shasum installed. Both are pre-installed on macOS and most Linux distributions.
Step 1: Generate your identity.
mkdir -p identity && cd identity
openssl genpkey -algorithm Ed25519 -out author_private.pem
openssl pkey -in author_private.pem -pubout -out author_public.pem
chmod 600 author_private.pemStep 2: Hash your manuscript.
# Single file:
HASH=$(shasum -a 256 ../manuscript.txt | cut -d' ' -f1)
# Multiple files in reading order:
HASH=$(cat ../ch01.txt ../ch02.txt ../ch03.txt | shasum -a 256 | cut -d' ' -f1)
echo "Manuscript SHA-256: $HASH"Step 3: Compute your key fingerprint.
FINGERPRINT=$(openssl pkey -pubin -in author_public.pem -outform DER 2>/dev/null \
| shasum -a 256 | cut -d' ' -f1)
echo "Key fingerprint: $FINGERPRINT"Step 4: Write your attestation. Create attestation.txt following the format in Section 3. Fill in your pseudonym, title, hash, fingerprint, and current UTC date.
Step 5: Sign it.
openssl pkeyutl -sign -inkey author_private.pem \
-in attestation.txt -out attestation.sig -rawinStep 6: Verify it yourself.
openssl pkeyutl -verify -pubin -inkey author_public.pem \
-in attestation.txt -sigfile attestation.sig -rawinStep 7: Distribute. Include author_public.pem, attestation.txt, and attestation.sig with your published work. Print the public key and manuscript hash in the book itself.
Step 8: Back up your private key. Store author_private.pem in at least two secure locations: a password manager, an encrypted USB drive, a printed paper copy in a safe. You cannot recover this key. Losing it means losing your provable identity.
Key storage. The private key file is the single point of failure. It should be stored with file permissions restricted to the owner (chmod 600). It should never exist on a shared or cloud-synced filesystem without additional encryption. Hardware security keys (YubiKey, Ledger) that support Ed25519 offer stronger protection for high-value identities.
Compromise scenarios. If the private key is copied by an attacker, they can sign new works and identity proofs as the author. The protocol has no central authority to arbitrate disputes. Pre-signed revocation certificates mitigate this partially. Authors with high-value pseudonyms should consider hardware key storage.
Hash collisions. SHA-256 has no known practical collision attacks. An attacker would need to produce a different manuscript that hashes to the same value, which is computationally infeasible with current technology.
Quantum resistance. Ed25519 is vulnerable to quantum attacks via Shor's algorithm. Current estimates place cryptographically relevant quantum computers at least a decade away (as of 2026). When post-quantum signature schemes (e.g., CRYSTALS-Dilithium, SPHINCS+) are widely available in standard tools, authors should consider key rotation to a post-quantum algorithm. The rotation mechanism in this protocol supports this transition.
Timestamp trust. The protocol does not include a trusted timestamping mechanism. The date in the attestation is self-reported. Authors who need provable timestamps can submit the attestation hash to a public blockchain or use a trusted timestamping service (RFC 3161). For most pseudonymous authorship purposes, self-reported dates are sufficient.
The Signed Author Protocol proves authorship. It does not prove identity.
The public key reveals nothing about the author's real name, location, nationality, gender, or any other personal attribute. The SHA-256 hash reveals nothing about the manuscript content (it is a one-way function). The attestation contains only what the author chooses to include.
An author can maintain complete anonymity while proving:
The protocol does not require registration, accounts, third-party services, or network connectivity (except to distribute the public materials). An author can generate their identity on an air-gapped machine.
Observers cannot determine whether two different pseudonyms belong to the same person, unless the author signs a statement linking them.
The first known implementation of this protocol is by the pseudonymous author scm7k, who used it to sign the novel PARALLAX (2026). The implementation is available in the identity/ directory of the PARALLAX project repository and includes:
generate.sh -- Key generation, manuscript hashing, attestation creation, and signing in a single scriptattestation.txt -- The signed attestation binding scm7k to the PARALLAX manuscriptattestation.sig -- The detached Ed25519 signatureauthor_public.pem -- The public verification keyHOW_TO_AUTHENTICATE.md -- Instructions for ongoing identity proofThis protocol specification is released under CC0 1.0 Universal (Public Domain Dedication). No rights reserved. Anyone may implement, modify, extend, or redistribute this specification for any purpose without permission or attribution.
The protocol is a tool. Use it freely.