**Why use a blockchain if prompts are just locally signed?*…

**Why use a blockchain if prompts are just locally signed?**
- Canonical root of trust: The owner key, authorized signers, scopes, and revocation live on-chain, so anyone (your agent, third‑party tools, other agents) can independently verify authority without trusting your server or a shared database.
- Revocation and delegation: Session keys can be granted/revoked on-chain. If a session key leaks, you can revoke it globally; everyone sees the new truth immediately.
- Interop and least-privilege: External tools can require on-chain capability proofs before they act. This constrains what a signed prompt is allowed to do, even if the agent is tricked by content.
- Auditability: You can anchor hashes/receipts on-chain for tamper‑evident logs.
- Without the chain, you’re back to “who says this key is the owner?” answered by a centralized registry. The chain provides a neutral, verifiable answer.