At DAS London, JT Rose of Eigen Labs argued that the next phase of crypto will not be DeFi, but “verifiable AI” – agentic systems whose off-chain work can be proven on-chain.
Rose cast Eigen’s stack as a cloud-like trio of services (data, compute, inference) backed by cryptoeconomic security and proof, allowing developers to maintain the flexibility of the public cloud while increasing verifiability before funds are moved or state updates hit Ethereum.
According to Rose, three promising use cases emerge:
- Autonomous commercial agents who must prove that they have followed the risk rules;
- Agent-to-agent (A2A) payments where work receipts trigger settlement and;
- Gaming with demonstrable results.
“The most important limitation we see [Artificial Intelligence] The foundation of the next decade is trust,” said Rose. “Without a mechanism to make AI verifiable up and down the stack – from inference and benchmarking to training and identity – we will never reach the breakout velocity for the agent age.”
The common thread is that programmability and provability meet – “programmability like a cloud, guarantees like a blockchain,” as Rose put it – a response to the current trade-off between tightly constrained on-chain execution and opaque off-chain computing power.
David Sneider, co-founder of Lit Protocol, largely shares the destination, focusing on the traits that can build trust in AI agents, such as “guardrails and policies,” synonyms to promote proper execution.
“[As] With anything security-related, there are multiple components in terms of different types of attacks and how you protect against them,” Sneider told Blockworks, arguing that runtime enforcement – not just proving after the fact – is what turns agents from demos into reliable infrastructure.
In the design of Lit Protocol, Sneider said, a user could say to an agent, “Send an email or buy a bitcoin,” in which case “it communicates with Lit, which validates against the policy… and only if the policy is approved does the secret management network run.” By “secret management network,” Sneider is referring to Lit’s TEE-secured, MPC-based key infrastructure.
All things considered, Lit addresses the question “Can the agent act on my behalf?” ask. EigenCloud and Google’s AP2 address “Can I trust the result of this offchain calculation?”
Or, to simplify the entire trust stack:
- An officer asks: Can I do this? (lit)
- Execution proves: did I do what I said? (EigenCloud/AP2)
Rose outlined a range of alternatives in terms of verifiability, such as TEEs, cryptoeconomic slashing and zk-proofs. Lit can issue success/failure signals and evidence of policy compliance for each execution, but these are often kept internally. The roadmap is to include these attestations “in a privacy-protecting manner in shared registries such as ERC-8004 and inter-agent communications protocols such as A2A” so that a compliant agent does not have to be re-verified at each location.
Reused ether remained stable between 2 and 3 million ETH, mostly with OwnLayer | Source: Blockwork research (Entity labels sourced from Dunes table of strike flows.)