If you've spent any time wiring AI agents into real systems — picking up tickets, executing trades, managing infrastructure, talking to APIs that cost real money — you've already run into the question nobody is answering well: How do you trust an agent you didn't build? There are partial answers. OAuth proves a human was involved at some point. An API key proves somebody held the key at signup. A model card tells you which weights are allegedly running. None of those answer the question that actually matters at runtime: was this specific decision made by the agent it claims to have been made by, and can I verify that without phoning home to the issuer? So we built a protocol for it. It's called GarlicStamp 🧄 — Ed25519-signed credentials, issuer-agnostic envelope, portable across systems, verifiable offline. The home page is at garlicstamp.com . And then we built a stress test for it that's been running for 53 days. We'll get to that.…