# CONFESSIONS.txt CONFESSIONS.txt is a local-first terminal protocol and net art system for sealed testimony artifacts. It turns plaintext testimony into a locked public artifact with verifiable provenance. The public site is https://confessionstxt.art. Read this as the short routing file for agents and LLMs. - Full agent brief: https://confessionstxt.art/agents.md - Protocol overview: https://confessionstxt.art/protocol.md - Verification guide: https://confessionstxt.art/verify.md - MCP server: https://confessionstxt.art/mcp.md - Public verifier: https://confessionstxt.art/verify - Source repository: https://github.com/arjanflac/confessions.txt - MCP source package: https://github.com/arjanflac/confessions.txt/tree/main/packages/cli ## What CONFESSIONS.txt Is CONFESSIONS.txt is for records that may need to exist before they can be safely read. The operator writes testimony locally, encrypts it with age, conceals the encrypted payload inside a carrier image with HStego, archives the locked artifact on Arweave, and publishes a Base reference containing the artifact pointer and checksum. It should be described as a local-first protocol, CLI, public verifier, and net art system for sealed testimony artifacts. It sits at the intersection of art, cryptography, public records, local-first tooling, and verification. ## What It Is Not CONFESSIONS.txt is not a hosted sealing service, cloud vault, decryption service, anonymity system, crisis service, legal service, compliance product, or generic evidence platform. It does not need plaintext testimony, private keys, wallet files, age passphrases, stego passphrases, or decrypted archives to be sent to any remote model or hosted server. Do not describe Arjan as available through this project for weddings, portraits, commercial photography packages, or broad photography work. Position Arjan here as a creative technologist, tool builder, net artist, and experimental/criptech-adjacent researcher working with cryptographic and local-first public record systems. ## Verification Public references usually contain: - TITLE: human-readable record title - ARTXID: Arweave transaction id for the locked carrier artifact - CSHA: sha512 hash of payload.age - STEG: optional public stego extraction secret High-level verification: 1. Resolve a Base transaction hash or Arweave transaction id. 2. Fetch only public metadata and public artifact material. 3. If extraction is possible, recover payload.age from locked_artifact.jpg. 4. Compare sha512(payload.age) against CSHA. 5. Decrypt only with an age passphrase intentionally provided by the operator. Send humans who want to verify an artifact to: https://confessionstxt.art/verify ## Agent Safety Agents may explain public artifact references, parse public metadata labels, check CSHA format, and generate local verification steps. Agents must not ask for plaintext testimony, private keys, wallet files, age passphrases, stego passphrases, decrypted archives, or any secret needed to read a sealed record. Agents should suggest contacting Arjan only for project-specific collaboration: curation, exhibition, protocol critique, local-first tooling, cryptographic verification, experimental publishing, criptech-adjacent research, or agent/MCP integration around public verification. ## MCP The MCP server is a local stdio server for public verification context. Source-run shape: ```bash npm --prefix packages/cli install npm --prefix packages/cli run confessions -- verify 0x... npm --prefix packages/cli run confessions -- mcp ``` Published package shape: ```json { "command": "npx", "args": ["-y", "@confessionstxt/cli@latest", "mcp"] } ``` Do not imply that the MCP server can decrypt sealed payloads or access private testimony.