Web technology (short name 'sxg') that lets a cacheable HTTP exchange (request + response + headers) be cryptographically signed by the origin, so a third party — in practice Google's SXG cache — can serve the package to browsers while the URL bar still shows the original origin and the user trusts it hasn't been modified. Introduced in 2018 as a successor approach to AMP: unlocks full HTML, provides privacy (Google doesn't leak user IPs/referers to origin), is not mobile-only, and removes AMP's ugly google.com URLs. Currently a draft standard (nearly final). Supported by all Chromium-based browsers, Cloudflare (as a one-click subscription feature that generates packages as a reverse proxy), an nginx module, and Fastly (with manual work). Flow: Googlebot fetches with Accept: signed-exchange, receives a signed package, stores it in the opaque Google SXG cache (web-pkg-c.com), prefetches to the user from SERPs, browser validates signature and uses original URL. Subject to strict requirements: cacheable responses (public Cache-Control with max-age 120 s – 7 days), no server-side personalization, no server-side cookies, no HSTS, sub-resources on the same domain with hashes listed in the Link header, capped at ~20 sub-resources, and all-or-nothing prefetching.