What is AiHint?
AiHint is an open standard that allows websites to publish signed, machine-readable metadata about themselves in a way that AI systems can discover, read, and verify.
It works by placing a single JSON file at a well-known URL:
https://example.com/.well-known/aihint.json
This file contains structured metadata — including a trust score, issuer information, timestamps, and a cryptographic signature — that allows AI agents, LLMs, and other automated systems to assess a website's identity and trustworthiness without relying on heuristics alone.
The Problem
AI systems increasingly need to interact with websites: fetching content, evaluating sources, recommending links, and more. But they lack a standardized way to answer basic questions:
- Is this website what it claims to be?
- Who vouches for it, and can that be verified?
- How trustworthy is this source?
Today, AI systems rely on ad-hoc signals — domain age, link popularity, content analysis — which are inconsistent, gameable, and opaque.
The Solution
AiHint provides a standardized, cryptographically verifiable answer to these questions:
- A website publishes an
aihint.jsonfile at/.well-known/aihint.json - The file contains metadata including a trust score (0.0–1.0), the issuer who generated it, and an RSA signature
- AI systems fetch the file, verify the signature against the issuer's public key, and use the metadata to make informed decisions
Because the file is signed, it cannot be tampered with. Because it uses a standard format, any AI system can consume it without custom integrations.
Who Is It For?
Website Owners
Publish verifiable trust metadata about your domain. Whether you self-sign for development or use an official issuer for production, AiHint gives you a machine-readable way to declare your site's identity and trustworthiness.
AI System Developers
Consume a standardized trust signal for any domain. Instead of building custom heuristics per site, check for an AiHint file, verify its signature, and use the trust score in your decision-making.
Trust Issuers
Issue signed AiHint metadata for domains you've evaluated. Your public key becomes a root of trust that AI systems can verify against.
Key Properties
| Property | Description |
|---|---|
| Open | MIT-licensed, no vendor lock-in, anyone can implement |
| Simple | A single JSON file at a well-known URL |
| Verifiable | RSA-SHA256 signatures prevent tampering |
| Machine-readable | Designed for automated consumption, not humans |
| Decentralized | Any entity can issue hints; trust is established via public keys |
Open Source vs. Official Issuer
This standard is fully open source. Anyone can create, sign, and publish AiHint files.
However, self-signed hints are not globally trusted by default — just as self-signed TLS certificates are not trusted by browsers. For production use where global trust matters, an official AiHint Issuer Service (coming soon) will provide domain validation and a globally recognized trust authority.
| Use Case | Approach |
|---|---|
| Development and testing | Self-signed hints |
| Private / internal use | Self-signed hints |
| Production / public-facing | Official Issuer Service (coming soon) |
Next Steps
- Protocol Specification — The complete spec for the
aihint.jsonformat - Implementation Guide — Step-by-step guide to deploying AiHint on your domain
- JSON Schema — Machine-readable schema for validation