Skip to content

Trust and Provenance

treedinteractive edited this page Jun 28, 2026 · 15 revisions

SERAPH ships cryptographic trust as a substrate-level capability rather than an aftermarket addition. This holds in the current 0.2.0 release, built on the v3 (calibration-free) substrate: the trust layer sits above the store's quantization format and is unaffected by it, so the guarantees below are identical regardless of how a frame's embedding is encoded on disk. Every store carries an attestation of its creator from genesis. When the application supplies a writer identity — the standard configuration for Commercial and Enterprise deployments — every committed record additionally carries a signature over its content, attributing it to that writer's key. Two independent facts are recorded and separately verifiable: the license under which the store was created (attested by SERAPH's licensor) and the writer who signed each record (a key the customer holds and SERAPH never sees). Internal tamper-evidence is thereby extended from "the chain is internally consistent" to "every record is provably attributable to the writer who created it, and that attribution cannot be silently transferred or forged — not even by the licensor."

SERAPH is distributed in three license tiers. The tier determines the security posture available to the operator:

Tier Secure mode Writer attribution Sealing Full DSG substrate
Free Non-secure stores only No No Yes
Commercial Available — application supplies the writer key Per-record Ed25519 signatures (app-held key) Yes Yes
Enterprise Available — application/PKI writer identity Per-record Ed25519 / RSA-3072 / ECDSA-P384 (app/PKI key) + Gov mode Yes Yes

The tier distinction is enforced structurally, not by a configuration flag the operator can flip. The license token carries customer_uuid + tier + validity, signed by SERAPH's licensor and verified against a public key compiled into the engine binary; tier gating reads the signed tier flag. The license is secret-free — it contains no signing key of any kind. Writer identity is supplied separately by the application through the engine's identity interface (an in-process Ed25519 key for Commercial, or an X.509 / PKCS#11 provider for Gov/Enterprise); SERAPH only ever calls the provider to sign and records its public key in the store — it never sources, ships, or holds the writer's private key. A store becomes secure when the license tier permits it and the application supplies a writer identity: supplying one engages per-record signing, omitting one yields a non-secure (still tamper-evident) store. The arrangement is deliberate — because the writer key lives only in the customer's deployment, authorship is evidence-grade: provable even against the licensor, who cannot fabricate it.

All three tiers receive the full DSG substrate — emergent similarity, declared relationships, eigenframe promotion, traversal, consolidation, contradiction detection, and watermark-chain integrity. A Free-tier store is a fully functional SERAPH store; it simply lacks writer attribution and the cryptographic features that depend on it. Free-tier installations can also read and verify any .sfg file, including sealed secure stores — verification requires only the writer's public key, which is recorded in the store's genesis attestation; no signing key and no contact with the licensor are needed.

For deployments requiring compartmented access control and per-operator accountability, the Enterprise tier extends this trust model further

Clone this wiki locally