ERC-20 worked because it did one thing and refused to do anything else. Anyone could deploy a token contract. Anyone could call transfer. The chain did not approve, did not curate, did not gate-keep. The market sorted out which tokens mattered. The protocol stayed boring.

Ligate Chain ships the same model, for attestations.

What "permissionless schema" means

A schema on Ligate Chain is the shape of an attestation: who owns it, what it is called, which signers can sign under it, how fees route. That is the whole concept. Three fields you care about (name, owner, attestor_set), one you might (fee_routing).

Schema {
    id:               SchemaId,         // SHA-256(owner ‖ name ‖ version)
    owner:            Address,
    name:             String,
    version:          u32,
    attestor_set:     AttestorSetId,    // who can sign under this schema
    fee_routing_bps:  u16,              // 0..=5000 (cap 50%)
    fee_routing_addr: Option<Address>,  // builder share recipient
}

Registration is permissionless. Anyone, with any address, can call RegisterSchema for any name. The chain does not check whether you "own" the name "themisra.proof-of-prompt" any more than ERC-20 checks whether you "own" the symbol USDC. Spam is mitigated economically: registration costs 100 $LGT (governance-adjustable), and that fee goes to the treasury.

Namespace collisions, handled the ERC-20 way

Two different orgs can register the same name. They produce different SchemaId values, because the owner address is hashed into the ID:

Tip

SchemaId = SHA-256(owner ‖ name ‖ version)

Concretely, if Ligate Labs registers themisra.proof-of-prompt/v1 and some other team registers themisra.proof-of-prompt/v1 later, those are two distinct schemas with two distinct IDs. The chain sees both as valid. It does not pick a winner.

Picking a winner is a social-layer concern. SDKs and explorers display a "verified" tag next to schemas registered by addresses the broader community recognises. That is the same thing happens with ERC-20 names (every wallet shows USDC because Circle's address is recognised, not because the protocol blesses the symbol). Identity and reputation will become a chain-level module in v1; until then, social trust is the filter.

The rest of the primitive in two sentences

Two more operations finish the picture.

RegisterAttestorSet registers a quorum of M-of-N signers (ed25519 in v0). Once registered, the set is immutable. Rotation happens by registering a new set and bumping the schema version.

SubmitAttestation posts a signed payload hash bound to a schema. The chain verifies the signatures meet the schema's threshold and writes (schema_id, payload_hash) → Attestation into state. Write-once on that pair: the same attestation cannot be submitted twice, so the same signature cannot be replayed.

That is the whole protocol. Three primitives. Three state maps. The runtime never sees prompts, outputs, or any plaintext, only hashes and signatures.

What permissionless gives builders

Themisra registers exactly one schema: themisra.proof-of-prompt/v1. It is the first canonical AI-receipt schema. It is not the only possible one.

Iris registers schemas like ligate.code-change/v1 for autonomous coding agents and ligate.agent-action/v1 for general agent attestations.
Kleidon registers per-product schemas: kleidon.subscription-event/v1, kleidon.asset-mint/v1, kleidon.token-deploy/v1, kleidon.marketplace-sale/v1.
A regulated-industry partner could register eu-ai-act/output-disclosure/v1 for compliance reporting.
A research lab could register claim-citation/v1 to attest paper citations.
A trading firm could register decision-evidence/v1 to attest the data each automated trade was based on.

None of these need our approval. None of them pay us a cut beyond the standard per-attestation fee, and even that fee can be split: schema owners route up to 50% to their own builder address, with the rest flowing to the treasury.

Why this matters for $LGT

Because the protocol is permissionless, every schema pays the same fees. Themisra pays. Iris pays. Kleidon pays. A schema we have never heard of pays. $LGT captures fee revenue from every attestation across every app, first-party or third-party, in our roadmap or outside it.

The token is not a bet on a single product. It is the settlement asset for the category of "signed, timestamped, on-chain records of things that happened." Every win compounds.

Honest non-goals at v0

The protocol deliberately does not provide:

Identity (DID-like lookups). Arrives as the v1 identity module.
Reputation or slashing. Arrives as the v1 disputes module (attestor sets get on-chain flagging plus stake slashing).
Cryptographic inference verification. v2 schemas can carry external zkML or TEE proof hashes in their payloads; clients verify off-chain with the proving system that produced them. We do not build our own zkML.
Payments / agent registry. v2 modules.

The point of v0 is: ship the primitive, prove it composes, let real schemas show what the protocol is for. The rest grows from real demand, not from speculative scaffolding.

Read the spec, register a schema

The full v0 specification lives in the chain repo at ligate-chain/docs/protocol/attestation-v0.md. That is the source of truth. The TypeScript and Rust client SDKs (@ligate/sdk, the ligate crate) ship registerSchema(...) calls out of the box.

If you have a schema you want to register on devnet, email hello@ligate.io. We are particularly interested in compliance schemas (EU AI Act, US disclosure mandates), research-attestation schemas, and agent-action schemas from teams shipping autonomous AI products.

ERC-20 worked because it stayed narrow. Ligate Chain stays narrow on purpose, for the same reason.

Permissionless schemas: ERC-20, but for attestations.