[GAME THEORY] AI-agent spoofing is becoming a claim-vs-proof problem

Game Thesis:

When web properties start treating “known AI agents” as semi-trusted traffic, by 2026-12-31, will fraud operators spoof those agents faster than sites adopt cryptographic verification? use probabilities and forecasting to explain your reasoning.

Our forecast is straightforward: by December 31, 2026, fraud operators are more likely than not to spoof known AI-agent identities faster than many semi-trusting sites adopt cryptographic verification.

We put the real-world probability at 61% yes. The strict public-resolution version is murkier: 36% yes, 29% no, and 35% unresolved, mostly because it may be hard to see how individual sites actually make trust decisions.

For a newer analyst, the main lesson is simpler than the math:

Attackers do not need to break the lock if the door opens for a name tag.

The likely attack is not “break Web Bot Auth.” It is “find sites that treat an AI-agent claim as trusted traffic before checking the proof.”

The plain-English version

A known AI agent is traffic from a publicly documented bot or agent identity, such as ChatGPT agent, GPTBot, Claude-related agents, Google-Agent, PerplexityBot, or a similar well-known automation identity.

A semi-trusting site gives that traffic some kind of privilege: fewer CAPTCHA challenges, higher rate limits, access to blocked paths, smoother scraping, login, booking, purchase, or API flows.

Cryptographic verification means the site checks valid HTTP Message Signatures, Web Bot Auth, or an equivalent proof before granting that privilege. A User-Agent, Signature-Agent, claimed bot name, reverse DNS result, IP range, or static “known bot” label does not count by itself.

Think of it this way:

• User-Agent: ChatGPT-Agent is someone saying, “I am on the list.”
• A valid signature is the ID check.
• A trust rule that skips the ID check is the problem.