Signing keys
Sumvin holds two families of signing keys. They do different jobs and rotate on different cadences.The two families
| Family | Curve | Purpose | Managed by |
|---|---|---|---|
| Agent signing keys | P-256 | Provisioned per user, used when an AI agent signs a PINT on the user’s behalf | Signing Services |
| Issuer keys | ES256 | Held by , used to sign JWTs on token exchange | SIS |
Agent signing keys
Each user has a P-256 agent key. When an agent signs a PINT for the user (as opposed to the user signing directly with a passkey), the agent signing service produces the signature with that key. The key is HSM-backed and never leaves the signing enclave. Agent keys attach to the user’s Safe as a named signer, so any signature the key produces verifies on-chain through the Safe’s EIP-1271 path.Issuer keys
SIS holds a rotating set of ES256 keys and publishes their public halves at the JWKS endpoint. Every JWT SIS issues carries thekid of the key that signed it, so verifiers can resolve the correct public key from JWKS regardless of rotation.
Issuer-key rotation is the reason verifiers must always honour kid rather than caching a single public key — rotating without honouring kid breaks verification the moment the old key leaves the JWKS set.
Where to get the public halves
- Agent signer public keys — exposed through the agent signer APIs; not typically consumed by verifiers directly
- SIS issuer keys — published at
/v0/sis/.well-known/jwks.json(see JWKS)
See also
- Agent signers — per-user P-256 key provisioning
- Signing Services — the signing-enclave surface
- Signing a PINT — where these keys produce signatures
- JWKS — issuer key publication