Every discipline has one idea it keeps relearning. In security, mine was this: verify, don't trust. I did not arrive at it through philosophy. I arrived at it through incidents.

Early in my years in enterprise security, I watched a breach unfold through a vendor connection that everyone had stopped questioning. The vendor was reputable. The relationship was old. The paperwork was in order. None of that mattered to the attacker, who did not care what we believed about the connection, only what the connection actually permitted. The gap between the two was the entire attack surface.

That pattern repeated for fifteen years in different costumes. The trusted insider whose credentials were no longer his. The signed update that should never have been signed. The internal network that was internal in name only. Every serious failure I investigated came down to the same root: somewhere, a system accepted a claim because checking it was inconvenient, and the claim was false.

The remedy was never more trust, better placed. It was less trust, replaced by verification. Do not believe the packet came from inside; check its identity. Do not believe the binary is legitimate; validate the signature. Do not believe the user is who the session says; prove it again at the moment of consequence. When I co-wrote a book on securing AI-powered development, this was the spine of it. Facts you can check beat claims you have to believe, every time the two disagree.

Commerce Runs on Claims

Then I started looking at commerce through the same lens, and I could not stop seeing claims everywhere.

An invoice is a claim that work was done. A delivery confirmation is a claim that goods arrived. A service level report is a claim that the service performed. A supplier's pitch is a claim about future behavior. The entire apparatus of business, contracts, audits, penalties, courts, exists because these claims are sometimes false and someone has to bear the cost of finding out.

Humans manage this tolerably well because we are slow. We transact with a small number of counterparties, we remember who burned us, and we have institutions that punish liars on a timescale of months. The claim-based economy works because human relationships amortize the cost of the occasional false claim.

Machine commerce has none of these dampeners. An agent may transact with a thousand counterparties it will never meet again, at a speed that outruns any court, in volumes where even a small rate of false claims compounds into ruin. An economy of agents built on claims is an economy built on the exact failure mode I spent my career watching attackers exploit: acceptance without verification, at scale.

From Security Principle to Economic Design

So the question I now give my best hours to is what commerce looks like when you refuse to build on claims.

Start with the transaction itself. Instead of pay, then believe the work was done, the structure becomes: agree on what done means in terms a machine can check, lock the payment against that definition, and let settlement follow from proof. The seller does not promise an outcome. The seller produces one, and the evidence of it is what releases the money. Nobody trusts anybody, and nobody needs to.

Identity works the same way. Not who does this agent claim to act for, but can it prove, right now, that it holds a valid delegation for this action within these limits. History and reputation become secondary signals. The primary signal is a fresh proof at the moment of consequence, which is precisely where security ended up after decades of learning the alternative fails.

Notice what this does to disputes. In a claim-based system, disputes are arguments about the past, and they are expensive because the truth has to be reconstructed. In a proof-based system, most disputes cannot form. If the proof exists, payment happened. If it does not, payment never moved. The ambiguity that feeds argument was engineered out before the transaction began.

The Principle Scales, the Alternative Does Not

I named this principle in the founding ideas of Setix because I believe the coming agent economy will be decided by it. Trust does not scale to machine speed; it barely scales to human speed. Verification does. It costs the same at the millionth transaction as at the first, and it never gets tired, flattered, or fooled by a good story.

Verify, don't trust began, for me, as a defensive posture. It took building a company to understand it is also a constructive one. It is not just how you keep strangers out. It turns out to be how you let strangers, human or machine, safely in.