MurphySig

Sign your work.

11% 0%
AI fabrication of code authorship — without rule vs with
0.65 0.77
Briefing coverage on signed code — +0.12 universal gain

The Gallery Problem

We build in the dark. We ship. We move on.

Six months later, you open your own code and think: what was I thinking? The decision is lost. The context is gone. The uncertainty you felt — the thing that would tell future-you where the dragons live — vanished the moment you closed the editor.

The velocity of modern work eliminates reflection. An endless stream of creation with no structure to return to it. No gallery. Just graveyards of code.

MurphySig says: this was a thing, at a time, made by us. You can come back.

What it looks like

One comment block. Who made it. What they were thinking. How confident they were.

# auth.py
# Signed: Sarah + claude-opus-4-5-20250514, 2025-09-15
# Format: MurphySig v0.4 (https://murphysig.dev/spec)
#
# Context: Token refresh with 5-min buffer for clock skew.
# Followed OWASP guidelines. Chose JWT over sessions for
# stateless scaling.
#
# Confidence: 0.75 - logic solid, clock drift edge cases
# need production validation
#
# Reviews:
# 2026-01-20 (Sarah): Six months in prod, one clock skew
# edge case hit. Added 10-min buffer. Confidence now 0.9.
#
# Reflections:
# 2026-03-15: This is the most boring code I've ever written.
# Zero incidents. Sometimes boring is the best work.

No tools. No dependencies. Just a comment that tells the truth.

And it gets better

When you sign your work, a future AI reading that file behaves measurably differently — and we ran the benchmark to be sure.

A .murphysig rule at your repo root drops AI fabrication of code authorship from 11% to 0% on Claude and from 100% to 0% on GPT-5.4. Different families fail differently; the same rule fixes both. Signed code also gets +0.12 better coverage when an AI briefs it for an unfamiliar reader — universal across every test case.

This is temporal context as in-context learning. The signature isn't metadata. It's a prompt. It teaches the future how to read the past.

Try it now

Open any file. Add this at the top:

// Signed: [You] + [your AI], [today]

You just used MurphySig. Everything else — confidence, context, reflections — is optional. Start with the one-liner. Make it a reflex, not a chore.

Or set up a whole project

Drop a .murphysig file at your repo root and your AI collaborators will respect the convention automatically — read signatures before changing, reference context, never fabricate provenance. One line gets you there:

$ curl -sL murphysig.dev/init | bash

Writes a .murphysig seeded with your git author + today's date, and imports it into CLAUDE.md if one exists. Idempotent, readable source at /init.sh before you run anything.

Not a curl | bash person? Grab the template and paste it yourself. Same result, zero dependencies either way.

We build in the dark. MurphySig leaves the lights on.

Read the Specification → Does it actually work? → Why this exists →