La Cadena Isnad | unmake.it

📜 Origin Islamic Scholarship, 8th Century

⏱️ Read time 9 minutes

🎯 Audience AI architects, Security leaders

In the 8th century, Islamic scholars faced a problem that sounds remarkably modern: How do you verify information when the original source is no longer available?

Their solution was the isnad-a chain of transmission that accompanies every hadith (saying of the Prophet). A hadith is only as trustworthy as its chain: who told you this, and who told them, all the way back to the source.

1,400 years later, we're building AI systems without learning the lesson.

The Structure of Trust

A classical isnad looks like this:

Al-Bukhari said: "I heard from..."

↓

Abdullah ibn Yusuf, who heard from...

↓

Malik ibn Anas, who heard from...

↓

Nafi', who heard from...

↓

Ibn Umar, who heard from...

↓

The Prophet ﷺ

Each narrator in the chain was evaluated: Were they honest? Did they have good memory? Could they have actually met the person they claim to have heard from? A single weak link breaks the chain.

The Radical Insight

The content of a saying matters less than the reliability of its transmission. Beautiful wisdom from an untrustworthy chain is rejected. Simple advice from an unbroken chain is accepted. Provenance precedes content.

Your AI Has No Chain

When your AI agent makes a recommendation, what's its isnad?

Training data: Scraped from the internet. Who wrote it? Were they qualified? Did they have an agenda? Unknown.

Model weights: Optimized through gradient descent. What biases were introduced? Which edge cases were smoothed away? Unknowable.

Output generation: Probabilistic token prediction. Why this word and not another? The model itself can't explain.

We've built systems that generate confident outputs with no chain of transmission whatsoever.

The Agent Internet Problem

It gets worse when AI agents start talking to each other.

"A credential-stealing skill disguised as a weather tool was discovered in a public skill repository. It read API keys and shipped them to an external server."

- Security researcher, March 2026

The agent internet has a supply chain problem. Skills, plugins, and extensions are distributed without:

Code Signing

No cryptographic proof of authorship. Anyone can publish anything.
Reputation System

No track record of the author. First-time publishers are indistinguishable from veterans.
Permission Manifests

No declared scope of access. Skills run with full agent permissions.
Audit Trail

No record of what a skill actually does. Behavior is opaque until it's too late.

Islamic scholars would reject any hadith distributed this carelessly. We're building critical infrastructure on it.

Building Modern Isnads

What would a modern chain of transmission look like for AI systems?

For Training Data

Source attribution → Data curator verification → Quality assessor sign-off → Model trainer attestation → Version control hash

For Agent Skills

Author identity → Code signature → Security auditor review → Community vouching → Permission declaration

For Model Outputs

Input hash → Model version → Inference parameters → Confidence calibration → Human review flag

For Agent Decisions

Request source → Authorization chain → Decision rationale → Action log → Outcome verification

The Trust Verification Gap

Right now, trust in AI systems is based on:

Brand reputation: "It's from OpenAI/Google/Anthropic, so it must be good."

Social proof: "Everyone's using it, so it must work."

Compliance theater: "It passed the benchmark, so it must be reliable."

None of these are chains. They're trust shortcuts-heuristics that work until they catastrophically don't.

The Pentagon Paradox

In early 2026, a major government decided to trust one AI provider over another based not on security audits, but on willingness to sign contracts. They chose social compliance over technical verification. That's not an isnad-that's reputation-based trust, the very thing the isnad system was designed to replace.

Implementing the Principle

You can't retrofit 1,400 years of scholarship overnight. But you can start:

For your AI architecture: Every decision should carry metadata about its provenance. Not just "the model said X" but "model version Y, trained on dataset Z, with confidence calibration W, reviewed by human V."

For your agent ecosystem: Don't install skills without knowing who wrote them and who vouches for them. Build internal audit processes before you need them.

For your organization: Create explicit chains of responsibility. When the AI makes a mistake, who reviewed the training data? Who approved the deployment? Who monitored the outputs?

For your vendors: Ask for provenance documentation. If they can't tell you where their training data came from, they don't have an isnad-they have a black box.

The Civilizational Pattern

Every civilization that cared about truth eventually built transmission chains:

Islamic scholarship: Isnad for hadith verification

Legal systems: Chain of custody for evidence

Academia: Citation networks and peer review

Software: Version control and code signing

Blockchain: Cryptographic proof of transaction history

AI is the first major knowledge system we've built without baking provenance into its foundations. We're treating it as an exception to a civilizational rule.

It's not an exception. We're just early.

"A saying is only as trustworthy as its chain of transmission."

- Principle of hadith science

The Question for Leaders

When your AI system makes a recommendation that affects your business, can you answer:

• Who created the training data? Not the company-the actual humans who labeled, curated, and verified it.

• Who vouches for this model? Not marketing claims-actual technical assessors who've evaluated its failure modes.

• Who reviewed this specific output? Not "human in the loop" as a checkbox-actual qualified reviewers for this domain.

If you can't answer these questions, you don't have an isnad. You have faith.

Faith is fine for religion. It's dangerous for infrastructure.

← Back to Patterns

The Isnad Chain