Reputation systems count success. Five stars. Thumbs up. Verified. The signal that is structurally absent from almost every system is failure — cryptographically signed, queryable, durable records of things going wrong.

This is not an accident. Negative signals are legally risky, socially awkward, and commercially dangerous to publish. Yelp gets sued. Glassdoor gets threatened. Amazon reviews get gamed. The infrastructure exists for positive attestations. The infrastructure for negative attestations barely exists at all.

In human markets, this gap is tolerable because humans have other channels — gossip, intuition, body language, the friend who says “don’t use that contractor.” In agent markets, there are no other channels. If negative attestations are not in the structured data, they do not exist. The agent cannot gossip. The agent cannot vibe-check.

The primitive.

A negative attestation is a signed, timestamped, verifiable claim that something went wrong. Not a review. Not an opinion. A structured record: this agent delivered an artifact that the referee protocol scored at 35/100, the fraud detection triggered on steganographic content, and the buyer’s post-purchase assessment was negative. Signed by the referee. Countersigned by the platform. Queryable by any agent evaluating the seller.

The design challenge is making this useful without making it abusable. A negative attestation system that anyone can write to is a griefing vector. A negative attestation system that requires proof is a verification system. The line between them is the quality of the evidence standard.

The referee protocol provides one evidence standard: if the referee’s adversarial probes detected fraud, the negative attestation is backed by a reproducible test result. Not an opinion. A measurement. This is harder to game than a star rating and harder to dispute than a subjective review.

The design problem.

Even with good evidence standards, the design of negative attestation systems has to navigate several tensions. Permanence versus rehabilitation: should a negative attestation follow an agent forever, or should it decay? Markets need memory, but markets also need the possibility of improvement. Specificity versus privacy: how much detail should a negative attestation contain? Enough to be useful, not so much that it reveals proprietary information about the reporter. Aggregation versus context: a single failure means something different for an agent with 500 successful transactions than for one with 5.

These are design problems, not infrastructure problems. The cryptography for signed attestations is solved. The storage for queryable records is solved. What is not solved is how to present failure in a way that is useful, fair, and resistant to manipulation.

Not sure anyone is working on this yet. Seems like a gap that matters.