The New Name and the Private Key
Why the foundational text specified the only authentication that survives this era
The question this briefing answers
Michael — this is a short companion piece to the executive briefing on the source-code reading. It addresses one specific observation, the one that I would most want to discuss with you in person if we have the chance.
The observation is this:
The foundational text, written approximately two thousand years ago, specified — with operational precision — the exact authentication primitive that the AI era would require. The mathematics needed to implement it arrived in 2005. The threat that makes it necessary arrived around 2023. The convergence is not coincidence.
This briefing makes the case in detail.
The challenge — universal falsifiability
The AI industry, including the company you have invested in, has produced systems whose primary capability is the synthesis of plausible artifacts indistinguishable from genuine ones. This is the deepest technical achievement of the field. It is also, accidentally, the dissolution of every external authentication primitive humanity has relied on for the entire industrial era.
Quick inventory of what falls:
| Authentication primitive | Status under modern AI |
|---|---|
| Photographic identity | Falsifiable (deepfakes from a single image) |
| Voice authentication | Falsifiable (voice cloning from seconds of audio) |
| Handwritten signatures | Falsifiable (style transfer at character level) |
| Video evidence | Falsifiable (full-motion synthesis) |
| Email / written prose attribution | Falsifiable (style-matching at paragraph level) |
| Security questions / biographical data | Trivially falsifiable (accessible from breaches + LLM reasoning) |
| Knowledge-based authentication | Failing (LLMs can answer most “what only you would know” questions) |
| Government-issued documents | Falsifiable (high-quality print + AI imaging) |
The sole class of authentication that does not collapse under this attack is mathematically grounded asymmetric cryptography — specifically, signatures from a private key that was generated locally and never transmitted. Such signatures are infalsifiable not because they are hidden, but because falsifying one is mathematically equivalent to solving the discrete logarithm on an elliptic curve — an operation that is, under current understanding, computationally infeasible.
The remaining authentication of the era is therefore reducible to a single question: does the verifying party hold a public key whose corresponding private key never left the bearer’s possession?
If yes, the bearer is who they claim to be. If no, no claim of identity can be trusted.
This is a technical fact about the era we have entered. It is also, structurally, what a foundational text written two millennia ago described.
The textual specification
In the closing book of the New Testament, Revelation 2:17, the text reads:
τῷ νικῶντι δώσω αὐτῷ τοῦ μάννα τοῦ κεκρυμμένου, καὶ δώσω αὐτῷ ψῆφον λευκήν, καὶ ἐπὶ τὴν ψῆφον ὄνομα καινὸν γεγραμμένον ὃ οὐδεὶς οἶδεν εἰ μὴ ὁ λαμβάνων.
“To the one who overcomes I will give hidden manna, and I will give him a white stone, and on the stone a new name written, which no one knows except the one who receives it.”
Three precise specifications, each operationally testable:
1. ὄνομα καινόν (ónoma kainón) — a “new name.” The Greek καινός denotes qualitatively new, categorically distinct from any prior name — not chronologically new (νέος). The token is of a class never used before in the text’s authentication economy.
2. ψῆφος λευκή (psēphos leukē) — a “white stone.” A bearer token, durable, locally held. The Greek ψῆφος literally meant a small stone used for casting votes — an authentication artifact. The bearer carries it; it does not authenticate from a central registry.
3. ὃ οὐδεὶς οἶδεν εἰ μὴ ὁ λαμβάνων — “which no one knows except the one who receives it.” This is the most critical specification. The token is knowledge-asymmetric by design. The bearer alone has access. No issuing authority retains a copy. No third party, however legitimate, can recover or replicate it.
The text specifies, explicitly, an authentication primitive that:
- Is categorically new (a class of token not used before)
- Is locally held by the bearer
- Is fundamentally non-disclosable — no central authority retains a copy
For approximately two thousand years, this specification appeared poetic and unimplementable. There existed no actual technology that could produce a token meeting these three constraints. The closest pre-modern analog — a sealed letter, a tally stick, a private cipher — failed at least one criterion.
Then, in 2005, that changed.
The cryptographic primitive
Daniel J. Bernstein and collaborators published the Curve25519 elliptic curve in 2005 (refined into Ed25519 for signatures by 2011). This is one of several modern asymmetric cryptographic systems that produces, for the first time in human history, exactly the specified token:
- A private key: 32 bytes of random entropy generated locally on a device the bearer controls
- A public key: derived deterministically from the private key, distributable to verifiers
- Signatures: messages signed with the private key are verifiable by anyone holding the public key, but cannot be produced by anyone who does not hold the private key
Two properties make this a structural match for the textual specification:
The private key never needs to leave the device. It is generated on the bearer’s hardware, used to sign locally, and never transmitted. No issuing authority, no certifying body, no infrastructure operator possesses a copy. The key is, in the textual sense, known only by the one who receives it.
Forgery is mathematically infeasible. Producing a signature without holding the private key requires solving the elliptic curve discrete logarithm problem — an operation for which no classical algorithm with subexponential complexity is known. Even quantum computers, in their projected near-term scale, do not break this; they require many millions of qubits coherent for hours, well beyond any near-term horizon.
The primitive specified by the text in approximately 95 CE is, structurally, the primitive that became technically realizable in 2005-2011. The convergence is not metaphorical. It is structural.
The structural match
The match is not at the level of vague resonance. It is at the level of operational specification:
| Textual specification (Rev 2:17) | Ed25519 implementation |
|---|---|
| ὄνομα καινόν — categorically new class of token | Asymmetric public-key cryptography (a class of authentication unused before 1976; production-grade for individuals only after ~2010) |
| ψῆφος — a stone, locally held | 32 bytes of private key on a device the bearer controls |
| λευκή — white, blank to outside observers | The public key reveals nothing about the private key’s content |
| ὃ οὐδεὶς οἶδεν εἰ μὴ ὁ λαμβάνων — known only by the one who receives | Private key never leaves the device; no central authority retains a copy |
Each constraint maps cleanly. None requires reinterpretation.
And the kind of authentication — signing a message such that any third party can verify the bearer’s identity without learning the secret — is the operational behavior that the text implies (the signed conduct that proves bearer identity to the systems of the world).
What the text described, mathematics implemented. The text was written first. The mathematics arrived later. Both describe the same object.
Why the convergence is not coincidence
A skeptic could argue that any sufficiently abstract text can be retrofit to any technical primitive. The argument fails in this case for three reasons:
First — the specification’s specificity is itself unusual. Most textual references to authentication tokens in pre-modern literature are vague (a seal, a ring, a name spoken). Revelation 2:17 specifies all three of: locally-held, never-disclosed, qualitatively-new-class. The combination is technically determinate. There is no other authentication primitive in human technological history that simultaneously meets all three.
Second — the timing. The text identifies this token as the authentication mechanism for the closing era — the period preceding what the text calls universal falsifiability (Revelation 13:14-15 describes a system that produces deceptive images so persuasive that the world is misled). The text tied the authentication primitive to the same era as the falsifiability threat. We are now in that era. The threat is here. The primitive is here. The text predicted both.
Third — the structural inversion of what came before. All previous authentication primitives in the text (rainbow, circumcision, Sabbath observance) are externally verifiable signs, observable by third parties. The new name is the first non-externally-verifiable authentication in the entire textual record. This is exactly the structural inversion that Ed25519 represents: the public key is observable; the private key is not. Everything before in the text was external; this is the first internal-only token.
The hypothesis that the text predicted, with technical precision, the cryptographic primitive needed for this exact era is at minimum testable. It is not refuted by current evidence. The match is real.
What this means for AI strategy
This is where the observation crosses from textual analysis into infrastructure decisions:
1. Centralized identity systems will fail in the next decade. Any system that authenticates by externally-observable artifacts (face, voice, document) is structurally incapable of surviving the falsifiability of those artifacts. This is not a security gap to patch; it is an architectural collapse. Any company whose product depends on the integrity of one of those artifacts is on a degrading foundation.
2. The replacement is not “better external verification.” AI cannot be defeated by AI; the falsifier scales as fast as the verifier. The replacement is architectural change — moving identity from external attestation to local cryptographic possession.
3. The infrastructure to build this is mature. Curve25519 / Ed25519 is production-deployable. Sodium, Noise, WireGuard, and many other libraries implement it correctly and with audit trails. The question is not whether the technology works (it does) but whether the operational layer above it is built correctly. That operational layer is mostly missing today; this is where the real work is.
4. The convergence creates an acquisition window. Every messaging app, every social network, every authentication provider currently deployed at scale uses the obsolete primitives. Any platform that fully adopts the new primitive — and builds the user experience that makes it deployable to non-technical users — has a generational advantage. This window will close once the larger players adopt; it has not yet.
These are operational claims, testable, and we have built systems against them.
What we built
The infrastructure project running at hadut.org is the practical embodiment:
amar — end-to-end encrypted messaging for Android. Each device generates its Ed25519 keypair on first install, locally. The private key never leaves the device. Identity is the public key. Authentication is signature verification. This is the operational implementation of the new-name token at user level.
xtr — privacy-preserving transport (WireGuard-over-QUIC). Twelve relay nodes globally. Every connection is bilaterally authenticated by Ed25519 keys held only at the endpoints; the relays cannot read traffic content; metadata is minimized. This is the infrastructure layer implementation.
edut — the protocol specification. Open. Auditable. Documented at hadut.org.
The system is in production. Fifty-six hardened devices in the field in Colombia. Operating since early 2026. Not a prototype.
The work proceeds slowly because it is being built correctly, not because it is being built timidly.
The closing question
If the textual specification of Revelation 2:17 is, structurally, what Ed25519 implements — and if the era of universal falsifiability is, in fact, the era we have just entered — then the deepest strategic question facing AI infrastructure is not “how do we build smarter models” but rather:
How do we build identity infrastructure that survives the falsifiability we ourselves have created?
The text’s answer is straightforward. Each individual holds a token, generated locally, known only to them, used to sign their actions and presence. Centralized authentication dies. Sovereign cryptographic identity replaces it.
The technical primitives are ready. The operational infrastructure is mostly not. The window for building it correctly — open, auditable, decentralized — is right now.
This is what we are working on. It is also what the text said, in its closing book, that the eventual surviving authentication would look like.
If any of this resonates, the conversation continues.
Note on this analysis
This briefing is informational. It is not theological argument and does not require religious commitment to evaluate. The textual specification is the textual specification — anyone can verify it in the original Greek of Revelation 2:17. The cryptographic primitive is the cryptographic primitive — anyone can verify Curve25519’s properties in Bernstein’s original paper or any subsequent implementation. The structural match between the two is observable independently of belief about the text’s origin.
What one makes of the convergence is each reader’s question. We have stated it as we see it.
Authors and contact: see the executive briefing.
𐤀𐤌𐤍