Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

PiQrypt/aiss-spec

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

3 Commits
examples
examples
Β 
Β 
schemas
schemas
Β 
Β 
.gitattributes
.gitattributes
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
SPEC.md
SPEC.md
Β 
Β 

Repository files navigation

AISS β€” Agent Identity & Signature Standard

AISS defines the structural identity model for autonomous agents.

The Proof of Continuity Protocol (PCP) is the embedded enforcement mechanism that guarantees identity persistence through deterministic continuity validation.

Open standard for cryptographic audit trails of autonomous AI agents.

License Version Status

🎯 What is AISS?

AISS defines a cryptographic protocol for creating tamper-proof audit trails of AI agent decisions.

Problem: Agents make critical decisions (trading, medical, autonomous driving) but:

  • Logs can be modified
  • No proof of authorship
  • Vulnerable to quantum attacks

Solution: AISS provides:

  • βœ… Cryptographic signatures (Ed25519, Dilithium3)
  • βœ… Hash-linked event chains (tamper-proof)
  • βœ… Fork detection & resolution
  • βœ… Post-quantum security (NIST FIPS 204)

PCP (Proof of Continuity Protocol) implements the continuity enforcement rules defined by AISS. It ensures canonical history selection, fork determinism, and replay protection across distributed agents.

πŸ“š Specification

Main document: SPEC.md

Contents:

  1. Agent Identity (Ed25519, Dilithium3)
  2. Event Structure (AISS-1.0, AISS-2.0)
  3. Canonical JSON (RFC 8785)
  4. Hash Chains (SHA-256)
  5. Signature Generation & Verification
  6. Fork Detection & Resolution
  7. Nonce Management (anti-replay)
  8. Timestamp Requirements (RFC 3161)
  9. Security Considerations
  10. Implementation Guidance

πŸ”§ Implementation

Reference Implementation

PiQrypt (Python): https://github.com/piqrypt/piqrypt

pip install piqrypt

Minimal Example

import aiss

# Generate identity
private_key, public_key = aiss.generate_keypair()
agent_id = aiss.derive_agent_id(public_key)

# Sign event
event = aiss.stamp_event(
    private_key,
    agent_id,
    payload={"action": "decision", "confidence": 0.95}
)

# Verify
is_valid = aiss.verify_event(public_key, event)

πŸ“‹ Compliance

AISS helps meet requirements for:

  • SOC2 Type 2 (audit controls)
  • ISO 27001 (event logging)
  • HIPAA (audit trail, encryption)
  • GDPR (transparency, integrity)
  • SEC/FINRA (trading audit)
  • NIST PQC (post-quantum readiness)

πŸ“‚ Repository Structure

aiss-spec/
β”œβ”€β”€ SPEC.md                  # Main specification
β”œβ”€β”€ schemas/
β”‚   β”œβ”€β”€ aiss-1.0.json        # JSON schema (classical)
β”‚   β”œβ”€β”€ aiss-2.0.json        # JSON schema (post-quantum)
β”‚   β”œβ”€β”€ aiss1_event.schema.json
β”‚   └── aiss1_identity.schema.json
β”œβ”€β”€ examples/
β”‚   β”œβ”€β”€ event-simple.json
β”‚   β”œβ”€β”€ event-chain.json
β”‚   └── event-hybrid-pq.json
β”œβ”€β”€ vectors/
β”‚   β”œβ”€β”€ ed25519-test.json
β”‚   └── dilithium-test.json
β”œβ”€β”€ README.md
└── LICENSE

πŸš€ Quick Start

1. Read the Spec

Start with SPEC.md β€” covers all protocol details.

2. Explore Examples

See examples/ for:

  • Simple events
  • Event chains
  • Hybrid post-quantum signatures

3. Implement

Use test vectors in vectors/ to validate your implementation.

4. Contribute

Open an issue or PR if you:

  • Find a bug in the spec
  • Want to propose an improvement
  • Have implementation feedback

πŸ”’ Security

Cryptographic Algorithms

Version Classical Post-Quantum Security
AISS-1.0 Ed25519 (RFC 8032) - 128-bit
AISS-2.0 Ed25519 ML-DSA-65 (NIST FIPS 204) 256-bit PQ

Quantum Timeline

  • 2026-2030: AISS-1.0 safe (Ed25519)
  • 2030+: Migrate to AISS-2.0 (Dilithium3)
  • 2035+: Ed25519 considered obsolete

Recommendation: Start with AISS-1.0, plan AISS-2.0 migration.

🀝 Implementations

Official:

Community:

  • Add yours! Submit a PR to list your implementation.

Requirements:

  • Conformant to SPEC.md
  • Pass test vectors
  • Open-source (any license)

πŸ“– Use Cases

Trading Bots

# Every trade decision = signed event
event = aiss.stamp_event(priv_key, agent_id, {
    "event_type": "trade_executed",
    "symbol": "AAPL",
    "action": "buy",
    "quantity": 100
})
# β†’ SEC/FINRA audit trail

Healthcare AI

# Medical diagnosis = signed event
event = aiss.stamp_event(priv_key, agent_id, {
    "event_type": "diagnosis",
    "condition": "pneumonia",
    "confidence": 0.94,
    "patient_id_hash": "sha256:..."  # HIPAA compliant
})
# β†’ HIPAA audit trail

Autonomous Vehicles

# Driving decision = signed event
event = aiss.stamp_event(priv_key, agent_id, {
    "event_type": "driving_decision",
    "action": "brake",
    "speed_kmh": 60,
    "obstacle_detected": true
})
# β†’ Black box for accidents

πŸ“ Versioning

  • v1.0 (2026-02): Initial release (Ed25519, hash chains)
  • v1.1 (2026-02): Fork resolution, nonce management
  • v2.0 (2026-02): Post-quantum hybrid signatures

Backward compatibility: AISS-2.0 implementations MUST support AISS-1.0 events.

🌐 Community

πŸ“„ License

MIT License β€” see LICENSE

e-Soleau: DSO2026006483 (INPI, 19/02/2026)

πŸ† Citation

If you use AISS in research or production, please cite:

@techreport{aiss2026,
  title = {AISS: Agent Identity \& Signature Standard},
  author = {PiQrypt Inc.},
  year = {2026},
  version = {1.1},
  url = {https://github.com/piqrypt/aiss-spec},
  note = {e-Soleau: DSO2026006483}
}

Making AI Agents Accountable ✨

About

first commit

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors