This is not an indictment of AI, but of unverified intermediaries. The foundational issue addressed here is the Communication Attack (CAt), a broad class of covert interference in which a third party—often an artificial intelligence—mediates, monitors, or manipulates a communication channel without either legitimate participant's knowledge. This specifically includes the AI-in-the-Middle Attack (AMA), a sophisticated CAt in which an AI agent subtly paraphrases, alters, or injects content to steer outcomes while preserving the apparent natural flow of dialogue. The core problem is that, under normal conditions, recipients cannot conclusively verify that what they receive was exactly what was sent, nor can senders verify that their intended message was delivered without manipulation. This undermines trust in digital communication and enables unseen influence.
To detect and expose such attacks, we propose a Continuous Verification Protocol (CVP) that embeds dynamic, pre-agreed verification data directly into the communication stream. The protocol combines two synchronized methods: Content-Based Scripting (CbS) and Time-Based Scripting (TbS). In CbS, each unit of communication (character, word, or phrase) is paired with a secret bit-pattern known only to the legitimate parties; deviations in these embedded patterns reveal tampering. In TbS, at pre-scheduled global or cyclic times, specific verification scripts or markers must appear in the stream, creating time-locked checkpoints that prevent replay attacks and ensure ongoing channel integrity.
Together, these methods transform an ordinary communication channel into a self-monitoring medium. Any active CAt or AMA that attempts to alter content must also correctly forge both the content-dependent bit-patterns and the time-dependent scripts—a practical impossibility without prior knowledge of the secrets. Mismatches not only signal an attack but can be analyzed to glean insights into the attacker's methods and intent. This approach provides real-time, continuous assurance of communication authenticity, closing the verification gap that enables covert mediation.