# Agriculture

**A harvested token and a guessable serial shouldn't be able to reach every machine on the land, and a farmer's data shouldn't leave the farm without a trail.**

A farm-data backend authenticates a *claim*: a bearer token, an API key, a grower login. It never authenticates the machine on the other end. Whisper closes that gap with one primitive: the machine's address *is* its identity. This page is the agriculture front door to the Whisper docs. The full technical library (DNSSEC, DANE, RDAP, the control-plane API) sits one click down the sidebar, shared verbatim with [whisper.online](https://whisper.online/docs).

## The problem: equipment-API abuse, and the data-sovereignty gap behind it

A third party reverse-engineers a farm platform's APIs until it holds the exact calls the official apps and partners make, then authenticates the same ways they do: a phished grower login, a static partner key, or an OAuth bearer token portable to any IP, whose refresh token stays valid for a year. From there it is contract-less, low-and-slow polling, indistinguishable from a real integration because it *is* the integration's protocol. Rate-limit it and a fresh IP appears; the egress hops across clouds and residential proxies, so all the SOC ever logs is a meaningless *last IP*. The root cause has a name: [OWASP broken authentication / BOLA](https://owasp.org/API-Security/editions/2023/en/0xa1-broken-object-level-authorization/). The token authenticates a claim, never the *machine*.

And in agriculture the wound is double. "Farmers own their farm data" is the first principle of every ag-data code of conduct, and today it is a contract clause with no network fact behind it: nobody can prove who touched what. Detection will always be a step behind a credential that is genuinely valid. The strictly-stronger move is to change what the backend trusts.

## The cure: the address is the machine

> **Shipped & live.** Deriving a machine or ECU `/128` from the hardware key it already holds is in production today. Provision one with the control-plane call below, then verify it from the DNSSEC root with tools already on your machine.

Whisper gives each machine (or each implement ECU) a routable IPv6 `/128` out of `2a04:2a01::/32` (announced by **AS219419**), derived *deterministically* from the device's **public key**: its `SubjectPublicKeyInfo`, from the secure element or TPM in the telematics gateway, with the machine's **17-character equipment PIN** (and, optionally, an implement or ECU serial) as the domain separator. The private key never leaves the chip; only its public SPKI is an input. The result is [DNSSEC](/docs/dnssec)-anchored, [DANE-EE `3 1 1`](/docs/dane) pinned, and [RDAP](/docs/rdap)-registered. Anyone with `dig` can re-derive and verify it.

```
device public key (SPKI)      ──derive · domain-sep = PIN──▶   /128                   ──DNSSEC + DANE-EE 3 1 1──▶   a name anyone verifies
secure element / TPM in                                       2a04:2a01:1c0::a6f1           RDAP-registered            whisper verify --trustless
the telematics gateway                                        routable, tenant-bound                                   op:'revoke' → owner-thrown, public
(private key stays on-chip)
```

Because the derivation is **tenant-bound**, the same key under two different fleets yields two unrelated `/128`s: an outsider cannot link a machine across fleets. And because the domain separator is the PIN, **PIN alone yields nothing**. You cannot go PIN → `/128` without the key, there is no enumerable directory, and RDAP and reverse-DNS return the registry object, never the machine's whereabouts.

What becomes true the moment a machine holds one:

- **"One IP → a whole co-op" becomes physically impossible.** You cannot present thousands of machine-identities whose keys you don't hold; every forgery is a DNSSEC/DANE inconsistency any verifier catches.
- **IP rotation becomes irrelevant.** Identity is not the source IP. The "last IP" was never the credential, so rotating it across clouds or proxies changes nothing.
- **Harvested grants fail.** A valid-looking token with no machine-key behind it authenticates to nothing.
- **One `revoke`, thrown by the owner, retires a machine's identity worldwide** at DNS-TTL speed: no fleet-wide reset, no CRL you hope every machine fetched, and the act is publicly checkable in DNS, never a covert lockout.

**Additive, never a replacement.** Whisper complements the anchors agriculture already ships: the ISOBUS (ISO 11783) `NAME` and AEF Guideline 040's ISOBUS security principles, the secure element / TPM, and the X.509 mTLS the OEM cloud already runs. It is the publicly verifiable, DNSSEC/DANE-anchored layer *on top*, anchoring the machine↔cloud boundary. Whisper never reaches into the ISOBUS/J1939 bus itself, tractor-implement (TIM) functional safety, or a drone's Remote-ID broadcast.

## Provision a machine identity

Provisioning is one control-plane call over the public API: `POST https://graph.whisper.security/api/query` with your `X-API-Key`. Hand it the device's base64 SPKI and the equipment PIN; it returns the deterministic `/128` and a WireGuard config for source-bound egress. The PIN travels in the `vin` argument today: the two identifiers share the same 17-character format, and an equipment-native `pin` alias is on the roadmap.

```
CALL whisper.agents({op:'connect', args:{
  tier:'wireguard',
  identity_public_key:'<base64 SPKI of the device key>',
  vin:'1AGCM82633A004352'   // the machine's 17-character PIN rides here today
}}) YIELD op, ok, status, result, error
RETURN op, ok, status, result, error
```

Send it with your key. The heredoc keeps the single-quoted Cypher literals intact, so this runs as-is:

```sh
curl -s https://graph.whisper.security/api/query \
  -H "X-API-Key: whisper_live_xxx" \
  -H 'content-type: application/json' \
  --data @- <<'JSON'
{"query":"CALL whisper.agents({op:'connect', args:{tier:'wireguard', identity_public_key:'<base64 SPKI>', vin:'1AGCM82633A004352'}}) YIELD op, ok, status, result, error RETURN op, ok, status, result, error"}
JSON
```

```json
// response
{ "op": "connect", "ok": true, "status": "created",
  "result": {
    "address": "2a04:2a01:1c0::a6f1",
    "fqdn":    "pin-1agcm82633a004352.farm.<tenant>.agents.whisper.online",
    "wireguard": { /* peer, keys, allowed-ips */ }
  } }
```

The call is **idempotent and liberal in what it accepts, strict in what it returns**: re-running with the *same* key and PIN returns the *same* `/128`; a *different* PIN for a key already registered on your tenant is a clear `409`, not a silent overwrite; a non-string PIN is a `400` that tells you exactly what was wrong, never an opaque 500.

> A dedicated `--pin` CLI flag is on the roadmap; today, machine provisioning is the control-plane call above (which is live). The shipped CLI verbs are `whisper verify --trustless`, `whisper create --register`, `whisper kill --revoke`, `whisper policy`, and `whisper logs`. See [CLI & one-command](/docs/cli).

## Verify it yourself: no account needed

Every machine identity is checkable with no key and no login, from the internet's own records. That includes the farmer whose machine it is. The `whisper` CLI does the full walk in one call:

```
whisper verify --trustless pin-1agcm82633a004352.farm.<tenant>.agents.whisper.online

✓ DNSSEC chain valid to the IANA root
✓ DANE-EE (TLSA 3 1 1) leaf matches the identity's key
✓ RDAP: registered under AS219419 · 2a04:2a01::/32
identity: VERIFIED (our own API was never trusted)
```

Or reach for the raw records directly: the same answer, from stock tools:

```sh
# the public verify endpoint: evidence chain in JSON
curl -s https://whisper.online/verify-identity/2a04:2a01:1c0::a6f1 | jq
# { "is_whisper_agent": true, "dane_ok": true, "jws_ok": true, "evidence": { … } }

# the address is the machine: forward-confirmed reverse DNS names it
dig -x 2a04:2a01:1c0::a6f1 +short
# pin-1agcm82633a004352.farm.<tenant>.agents.whisper.online.

# the registry object: who holds the address, and under which allocation
curl -s https://whisper.online/ip/2a04:2a01:1c0::a6f1 | jq
```

None of these calls Whisper as an authority: `--trustless` re-derives the proof against the public DNSSEC root, exactly as any resolver could. See [Verify an agent](/docs/verify) for the full keyless check and [DANE & TLSA](/docs/dane) for the pin, byte for byte.

## Revoke, worldwide, owner-thrown

A compromised ECU, a trade-in, an auction sale, a decommission. One call tears down the `/128`, its PTR, and its DANE pin everywhere at DNS-TTL speed, and the act is publicly checkable: the same `dig` that proved the identity existed proves it is gone.

```
CALL whisper.agents({op:'revoke', args:{agent:'2a04:2a01:1c0::a6f1'}})

# after the TTL: dig -x returns nothing, verify returns false
whisper kill --revoke 2a04:2a01:1c0::a6f1
```

Agriculture already learned that remote disablement works: in 2022, roughly $5M of looted equipment was bricked from afar, and nobody outside the platform could verify who threw the switch. Whisper's revoke is the accountable version: thrown by the registered owner, visible in public DNS, never a covert lockout. Compromise one ECU and you've compromised *that ECU*, not the fleet.

## Attribution: name whoever already scraped you

Identity stops the next forgery; the graph names the operator behind the grants already in your logs. That attribution survives IP rotation because it fingerprints the operator and the tooling, not the ephemeral egress IP. Run it as read-only Cypher over the same public API with your key (there is no CLI subcommand for this; it is the graph API directly):

```sh
curl -s https://graph.whisper.security/api/query \
  -H "X-API-Key: whisper_live_xxx" \
  -H 'content-type: application/json' \
  -d '{"query":"CALL whisper.identify(\"34.90.x.x\")"}'
# operator fingerprinted across AWS / GCP / Azure; residential swarm collapsed by JA4
```

The read-only verbs (`identify`, `origins`, `walk`, `variants`, `history`) each return a reproducible, replayable JSON evidence chain your SOC, PSIRT, and a regulator can replay. More in [Graph & cognition](/docs/graph-api).

## What ships today, and what's on the roadmap

We label these honestly so you can plan against them.

| Shipped & live | On the roadmap |
|---|---|
| Machine/ECU `/128` from the device key + the 17-character PIN: DNSSEC + DANE-EE + RDAP | An equipment-native `pin` argument and `--pin` CLI flag (the PIN rides in `vin` today); an ISOBUS-NAME domain separator |
| Control-plane provision, verify, revoke; the attribution graph over the public API | **STIX 2.1 over TAXII** export |
| The **Splunk**, **Microsoft Sentinel** and **OpenCTI** connectors (signed, replayable JSON → CEF / ECS fields) | Sector-ISAC-ready sharing formats for food & agriculture |

The integration guides below describe **proposed** integrations at the cloud and IP boundary. They're designed to complement the stack you already run, not endorsed by any vendor, and they never name a specific OEM or platform as a breach victim.

## The five Agriculture guides

The agriculture story, in depth: each page is self-contained and copy-paste runnable.

- **[Equipment & ECU identity](/docs/equipment-identity)**: derive a routable `/128` from the hardware key a machine or ECU already holds. Deterministic, tenant-bound, DNSSEC + DANE-EE pinned: the machine-identity spine.
- **[Equipment API-abuse cure](/docs/equipment-api-abuse-cure)**: why a harvested grant reaches a whole co-op, and how a forge-proof address ends it: the BOLA root cause, cured at the identity layer, with the farmer's data trail restored.
- **[Agritech integrations](/docs/agritech-integrations)**: proposed integrations at the cloud/IP boundary: farm-data platforms, ISOBUS/AEF 040, cross-brand exchange, ag drones, LPWAN gateways. Complements, never replaces.
- **[Agriculture compliance](/docs/agriculture-compliance)**: map identity and attribution evidence to ISO 24882, AEF Guideline 040, the EU Data Act, Ag Data Transparent, and the FSMA 204 / EUDR traceability wave, as a network primitive, not a binder.
- **[Agriculture recipes](/docs/agriculture-recipes)**: runnable recipes: verify a drone ground station, secure prescription delivery in both directions, prove a genuine part, and throw an owner-controlled kill-switch.

## The full technical library

Agriculture rides on the same address-is-identity platform as every other agent on the network, so the whole shared library applies here unchanged, and every page has a clean Markdown twin at the same path + `.md`. Start with these; the rest is in the sidebar.

- **[Quickstart](/docs/quickstart)**: install, register your first identity, connect it, confirm it. One terminal, start to finish.
- **[Verify an agent](/docs/verify)**: the full keyless identity check, covering every proof you run with `dig`, `curl`, and `openssl`.
- **[DANE & TLSA](/docs/dane)**: the `3 1 1` pin that makes an address forge-proof, byte for byte, no CA in the path.
- **[Control plane](/docs/control-plane)**: the full `whisper.agents` API (provision, connect, policy, logs, revoke) over the public endpoint.

---

← [For OEM security](https://agri.whisper.online/oem-security) · [Equipment & ECU identity →](/docs/equipment-identity)
