--- title: "Standards & Specifications" description: "Open protocols and formats for verifiable digital provenance and data attribution. The XION standard, certificate hierarchy, wire protocol, and cryptographic primitives." url: https://instituteofprovenance.org/standards source: Institute of Provenance --- # Standards & Specifications Open protocols and formats for verifiable digital provenance and data attribution. Published by the Institute and implementable by anyone. Core Standard ## XION: XI Object Notation XION is the patent-pending content format that embeds a cryptographic trust block directly in a digital artifact. Not a sidecar file. Not an external database lookup. The proof travels with the content. The trust block contains everything needed to verify the artifact: the **BLAKE3 content hash**, the **Ed25519 signature**, the signer's **public key identifier**, and the **full X.509 certificate chain** back to the Institute of Provenance Root CA. Content is canonicalized before hashing so the same content always produces the same hash regardless of platform or encoding order. A XION artifact can be verified on an air-gapped machine with no network access. Embedded Trust Block { "v": 1, "sig\_alg": "ed25519", "hash\_blake3\_hex": "cd9f70ec...", "sig\_b64": "B42QjM2R...", "key\_id": "UA4xFIgM...", "x509\_chain\_pem": \["-----BEGIN..."\], "created\_at": "2026-02-12T18:20:27Z" } Content hash + signature + full certificate chain. Self-verifiable offline. No API calls required. Trust Infrastructure ## Certificate Hierarchy The Institute operates a hierarchical certificate system purpose-built for content attribution. At the top is the **Institute of Provenance Root CA**, a self-signed Ed25519 certificate (2025–2035) managed with strict key ceremony procedures and never connected to a network. Certified Orbital operators receive **intermediate certificates** signed by the Root CA, allowing them to issue short-lived leaf certificates to content creators and services within their organizations. **Leaf certificates** are valid for hours to a single day. Even in a worst-case key compromise, the blast radius is measured in hours, not decades. Root CA ### Institute of Provenance Root CA Self-signed Ed25519 · Offline · 2025–2035 Intermediate ### Certified Orbital Intermediate Signed by Root CA · Multi-year · Certificate issuance authority Leaf ### Content Signing Certificate Signed by Intermediate · Hours to one day · Ed25519 · On-demand issuance ## Verification Process When verifying signed content, the full certificate chain embedded in the trust block is checked through four stages. 1 ### Signature Validity Is the Ed25519 signature mathematically valid against the BLAKE3 content hash? 2 ### Chain Integrity Does the certificate chain trace from leaf to intermediate to the Institute of Provenance Root CA? 3 ### Revocation Status Has any certificate in the chain been revoked? Verified via Sparse Merkle Tree inclusion/exclusion proofs — no need to trust the server. 4 ### Temporal Validity Was the leaf certificate valid at the time the content was signed? Applied Research ## Dual-Pipeline Fingerprinting Content trust requires two distinct questions to be answered: _has this content been modified?_ and _is this the same content?_ The Institute's fingerprinting research addresses each with a dedicated pipeline. The **forensic pipeline** uses Luminance Waveform Analysis (LWA) — treating pixel rows and columns as 1D brightness signals and applying spectral analysis to detect manipulation artifacts. Splice, clone, inpainting, and smoothing anomalies are identified and localized. The **discriminative pipeline** extracts content identity features — perceptual hashing, color analysis, spatial layout, and block-level analysis — into a compact search vector. Transform-aware comparison detects flips, rotations, and grayscale conversion. ### Forensic Pipeline — "Has this been modified?" Luminance Waveform Analysis (LWA) with spectral coherence scoring Splice DetectionClone DetectionInpaintingSmoothingLocalized Anomaly Regions ### Discriminative Pipeline — "Is this the same content?" Multi-signal identity vector with cosine similarity matching Perceptual HashColor AnalysisSpatial LayoutBlock-LevelTransform Detection ### Video Fingerprinting Dual-track visual (2D FFT) and audio (STFT/MFCC) waveform analysis with hierarchical aggregation. A/V sync analysis, temporal coherence scoring, and speed manipulation detection. Network Protocol ## XIO Resolution Protocol The XIO Resolution Protocol defines a distributed verification infrastructure for provenance lookup and data attribution at scale. Orbital nodes function as resolvers, handling binary wire protocol queries and returning signed records with cryptographic proofs. Clients communicate using a **DNS-like binary wire protocol**. Queries are serialized into binary messages and sent as HTTP POST requests to the `/query` endpoint. The protocol message format includes header, question, answer, authority, and additional sections — the same structure as DNS. **Certified Orbitals** hold intermediate certificates from the Root CA and can issue leaf certificates, revoke certificates, create records, and advance epochs. **Mirror-Only Orbitals** provide read-only verification and high-performance global access. ### Wire Protocol Record Types XIO65001 Core signed data record — carries content attestation, provenance metadata, and ownership for a registered artifact XSIGN65003 Trust block and signing metadata for a content artifact XFPR65004 Content fingerprint record for similarity search across the network Proof65002 Sparse Merkle Tree inclusion/exclusion proofs for verifiable state ### Cryptographic Primitives Ed25519 Signatures BLAKE3 Content hashing X.509 Certificate wrapping Sparse Merkle Trees Verifiable state ## Design Principles ### Verification must not require trust Any party can verify a XION artifact using only the artifact itself and the known Root CA public key. No API calls, no platform accounts, no network connectivity required. ### Provenance must survive transformation Data is compressed, cropped, re-encoded, and redistributed. Perceptual fingerprinting provides identity matching and manipulation detection that survives the real-world data lifecycle. ### Short-lived credentials, offline root The Root CA is never exposed to online systems. Leaf certificates are valid for hours, not years. Even a worst-case key compromise is measured in hours, not decades. ### Standards must be implementable Specifications are designed with interoperability requirements so the standard is not defined by a single implementation. Reference implementations and test vectors are published as they mature.