framework.md - HackMD

# Provactive Framework v0.1 License: [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) ## Purpose: Define a minimal, extensible structure for capturing the provenance of any creation — digital or physical — with human accountability, traceable evolution, and verifiable integrity. Inspired by: [git](https://git-scm.com/), [SLSA](https://slsa.dev), [PROV-DM](https://www.w3.org/TR/prov-dm/), [DevSPM](https://devspm.com/) and simplified for real-world creative use — from framework.md digital file to physical sculpture. --- ## 1. Design Overview ### Core Structure The framework defines a provenance record (`.prov.json`) around **three canonical primitives**: | Primitive | Description | | ----------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Actor** | A single human accountable for the entity — plus optionally referenced agents or human co-creators | | **Entity** | The final artifact or output (e.g. file, media, physical object), or a referenced context/tool — described with `type`, `representation_format`, `snapshot`, and optional provenance link | | **Actions** | Traceable events that shaped the entity — via `co_created_with`, `created_through`, `inspired_by`, or `iteration_of` | This structure is: - Machine-parseable — structured JSON for automated tooling - Human-readable — minimal, semantically clear schema - Versionable — stored alongside artifacts for diff-based evolution - Cryptographically signable — via GitHub, SSH, gov-ID, or detached bundles `.prov.json` acts as the immutable envelope of intent, collaboration, and influence — cryptographically anchored to the artifact but not dependent on the medium. Whether the artifact is a digital canvas or a hand-bound book, provenance lives here. This model ensures that: - Collaboration (human or agent) is always explicit (`co_created_with`) - Influence is attributed to specific works, not abstract identity or reputation (`inspired_by`) - Lineage is preserved through direct ancestry (`iteration_of`) - Tooling is disclosed as a formative context, not a co-author (`created_through`) Provenance becomes the universal grammar of creative origin — across mediums, tools, and time. --- ## 2. Components ### `actor` The accountable originator of the `entity` with `.prov.json`. **Must always include a human actor, even when agents are involved.** Additional actors may be referenced under `actions.co_created_with.` ```json "actor": { "type": "human", "id": "https://github.com/corvagnorius", "name": "corvagnorius", "alias": [ "corvagnorius@gmail.com", ], "version": 31, "signature": [ { "method": "registry", "provider": "github.com", "algorithm": "ed25519", "format": "commit", "detached": false, "file": null, "timestamp": "2025-07-30T17:21:29Z", "verification": { "type": "manual", "source": "https://github.com/provactive/provactive/commit/sha256:<real_hash_value>" } }, { "method": "ssh", "provider": "openbsd.org", "algorithm": "ed25519", "format": "sig", "detached": true, "file": "signatures/ssh/ed25519/framework.prov.json.sig", "timestamp": "2025-07-31T10:42:00Z", "verification": { "type": "automatic", "source": "signatures/ssh/allowed_signers" } }, { "method": "gpg", "provider": "g10code.com", "algorithm": "ed25519", "format": "asc", "detached": true, "file": "signatures/gpg/ed25519/framework.prov.json.asc", "timestamp": "2025-07-31T12:34:56Z", "verification": { "type": "automatic", "source": "signatures/gpg/public.key" } }, { "method": "gov-id", "provider": "gov.pl", "algorithm": "xades", "format": "xades", "detached": true, "file": "signatures/profil-zaufany/framework.prov.json.txt.xml", "timestamp": "2025-07-31T10:42:00Z", "verification": { "type": "manual", "source": "https://moj.gov.pl/nforms/signer/upload?xFormsAppName=SIGNER" } }, { "method": "anon", "provider": null, "algorithm": null, "format": "note", "detached": false, "file": null, "timestamp": "2025-07-31T14:00:00Z", "verification": { "type": "none", "source": "Created by anonymous user @corvagnorius. Provenance consistency, snapshot hashes, and traceable authorship style." } } ] } Or for an AI agent (e.g. ChatGPT 4.0): ```json "actor": { "type": "agent", "id": "https://chat.openai.com", "name": "agent-sigil", "alias": null, "version": "4.0", "signature": null } ``` #### Field Descriptions | Field | Description | | ----------- | ----------------------------------------------------------------------------------------------------- | | `type` | `"human"` (required for originator) or `"agent"` (for AI tools, models, or systems given agency in co-creation) | | `id` | **Human:** persistent identifier (e.g. GitHub URL, DID) **Agent:** model URI, versioned ID, or DID | | `name` | *(Optional)* Human-readable name or label | | `alias` | *(Optional)* list of secondary identifiers (emails, handles, URLs) | | `version` | *(Optional)* Human: their age at time of creation Agent: model or software version | | `signature` | At least one **required for each human** actors, orginator and co-creators If `null` for agents, **the originator assumes full accountability for the agent’s contributions.** | #### Signature Object Fields | Field | Description | | -------------- | ------------------------------------------------------------------------------ | | `method` | Type of signature mechanism (e.g., `registry`, `ssh`, `gpg`, `gov-id`, `anon`) | | `provider` | Issuer or authority (e.g., `github.com`, `openbsd.org`, `gov.pl`, `g10code.com`) | | `algorithm` | Cryptographic algorithm used (`ed25519`, `rsa`, `xades`, etc.) | | `format` | Encoding/representation of the signature (`sig`, `asc`, `xades`, `commit`) | | `detached` | Boolean — whether signature is stored in a separate file | | `file` | Relative path to detached signature file, or `null` if inline | | `timestamp` | ISO 8601 timestamp when the signature was generated | | `verification` | See below — structured metadata for verifying the signature | #### Verification Structure | Field | Description | | -------- | ------------------------------------------------------------------------------ | | `type` | Verification type (`automatic`, `manual`, or `none`) | | `source` | Source for verification: public key path, URL, fingerprint, or explanation | #### Supported Signature Methods in v0.1 | Method | Description | Example | | ---------- | ----------------------------------------- | ---------------------------------------------------------------------- | | `ssh` | Developer key via `ssh-keygen` | `ssh-ed25519`, `rsa` — verified via `allowed_signers` | | `gpg` | GnuPG/OpenPGP key signing | `asc` detached `.asc` files — verified via `public_key` | | `gov-id` | Government signature (XAdES, eIDAS) | Manual signing with e.g. `profil_zaufany`— verified via uploading to trusted portal like `moj.gov.pl` | | `registry` | Git-based commit in trusted registry | GitHub commit URL with signature verification | | `anon` | No cryptographic signature (Level 0 only) | Identity inferred via `actor`, local trust, and optional provenance consistency | #### Identity Philosophy Provactive does not define identity by paperwork. It defines it by presence — by your unique, traceable interaction with physical and digital space over time. - You may use a pseudonym. - You may not register a legal DID. - But your trail — commits, aliases, creation lineage — becomes a fingerprint no one else can fake. Your provenance is your proof of self. The way you trace your work is the way you reveal your truth. #### Agent Stewardship Philosophy **Provactive does not treat AI as originators.** It treats them as instruments — powerful, autonomous, but never sovereign. **Never sovereign** in the carbon world — because only humans can carry the weight of real-world accountability. Only humans hold authorship. Only humans hold accountability. Agents may create. Agents may act with autonomy. But they cannot bear consequence — and consequence lives in flesh and shared reality. - You may use autonomous AI to generate. - You may delegate creative acts to agents. - But if it ships, it ships under your name. Every AI output requires a **human originator** — a steward who **signs the delegation**, and **bears the responsibility**. There are no ghost creators in provenance. Only trails with names — or trails that don’t count. This isn’t to punish automation. It’s to preserve ethics in scale. To ensure that when agents act, someone always answers for them. Your agent can write the lines. But your sign carry accountability of that. That’s the covenant. ### `entity` Represents an artifact referenced in the provenance — typically the output being signed, a tool used, or a work referenced during creation. An entity can be: - A digital file (e.g. .md, .pdf, .jpg) - A tool or application used during the creation process (e.g. IDE, image editor) - A URL to an external resource (e.g. blog post, repo, media) - A snapshot or hash of a non-public or ephemeral source - A digital representation of a physical artifact (e.g. a photo of a sculpture, scan of a sketchbook) Entities may be embedded directly, hosted externally, or disclosed through snapshot and metadata. In all cases, the integrity is grounded in hash, timestamp, and traceable context. ```json "entity": { "type": "digital", "representation_format": "text/markdown", "name": "framework.md", "url": "https://github.com/corvagnorius/prov-framework/blob/main/framework.md", "state": "undisclosed", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-07-02T22:00:00Z", "stored_at": "snapshots/framework.md", "format": "text/markdown" }, "provenance": "https://github.com/provactive/provactive/framework/.prov.json", } ``` #### Field Descriptions | Field | Description | | ------------ | ---------------------------------------------------------------------------------------- | | `type` | `"digital"` or `"physical"` — defines the nature of the entity | | `representation_format` | For digital entities: a MIME-like type (e.g. text/markdown, application/pdf, application/desktop-application). For physical entities: a semantic label of the representation (e.g. book, poster, sculpture, audio). | | `name` | Human-readable label | | `url` | Public reference — required if `state = public`; optional if undisclosed | | `state` | `"public"` or `"undisclosed"` | | `snapshot` | **Required.** Hash-anchored record of the content — see snapshot structure below | | `provenance` | *(Optional)* `.prov.json` URL describing the entity itself (for recursive provenance graphs). **Required if the actor is the originator of the entity.** Most referenced entities will not have provenance initially — and that’s expected. But if you choose to use this model, you are required to either: - Link to the .prov.json for the entity (if public), or - Provide at least a cryptographic hash (if undisclosed), so the entity remains verifiable, even in private or pre-publication states.| #### Snapshot Structure ```json "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-07-02T22:00:00Z", "stored_at": "snapshots/framework.md", "format": "text/markdown", "anonymized": false } ``` #### Public vs Undisclosed Entity States An entity has two distinct states: - Undisclosed: Content created for yourself, for internal use, or not intended to be shared. In this case, the url is optional, and so is full disclosure. You can sign and track the provenance for your own reflection — like a diary of creative evolution. Undisclosed provenance still builds integrity. Undisclosed provenance doesn’t just protect from forgetting — it protects from distortion. Forgetting is the mechanism; distortion is the consequence. Provenance catches what memory edits — not to expose the self, but to anchor it in truth. - Public: Content meant to be shared, published, or to influence others. Here, the url becomes mandatory — you are accountable for providing a resolvable reference and, by design, for exposing the audit trail that led to its creation. The goal is for recipients to not just receive the artifact, but also to see how it came to be. Public provenance safeguards the artifact from distortion. #### Rule: Provenance Required for Originated Entities - If you **choose to use this framework** and you are the **originator** of an entity, you are required to: - Link its `.prov.json` file (preferred), - or at minimum, include a cryptographic hash of the entity. - If you are referencing an **external entity** (i.e. one you didn’t create), provenance is **optional** — include it if available. Because this is a new model, most referenced entities won’t yet have provenance attached. That’s expected. The value of the model compounds forward — not through completeness of the past, but through commitment to present and future traceability. #### Vigilance in Undisclosed Creation Even in undisclosed mode, if you sense the work may become public one day — log provenance early. You don’t need to share it yet. But capturing traceable signals while they’re fresh will: - Preserve your intent - Strengthen eventual public integrity - Reduce retroactive guesswork or incomplete history > Reduce retroactive guesswork. Prevent reality reconstruction. > Human memory is selective. Retrospective. Prone to fiction that feels true. > Provenance brings immutability to becoming — not to trap the self, but to witness it honestly. When you sign early, you don’t just protect the artifact — you protect yourself from your future rationalizations. You stop the slow drift into a version of history that’s cleaner, more flattering, or just… made up. Provenance doesn't freeze you — it frees you from the burden of editing yourself after the fact. Because what you made, in that moment, mattered. And that moment deserves to stand on its own. > Not every thought needs witnesses. > But if the artifact can move others — > it deserves provenance. #### Prov(oc)a(c)tive Question: Imagine having an immutable lineage of one of the most creative acts of all time — the creation of a religion. And understanding, at the lowest level of granularity, what actions led from an intent of elevation (based only on belief — no provenance) …to eventual exploitation (again, based only on belief and limited observation of institutionalized religion — no provenance), whether consciously intended or not. > What might we become if we could truly trace the intended evolution of what we believe now? #### Digital vs Physical Entities This provenance model supports both **digital works** and **digital representations of physical creations** — but its soul lies in **craftsmanship**, not compliance. - **Digital:** The artifact is the file. Code, text, models — authored natively in the digital medium. - **Physical:** The artifact exists in the physical world. Its provenance is anchored through digital captures — photos, scans, renders, speech record or transcript — as intentional representations. Among all physical artifacts, speech remains one of the most ephemeral — yet most influential. And that’s not a coincidence. We haven’t biologically changed much in 10,000 years. We’re still wired to respond to voice, presence, and cadence. But what has changed is how speeches are crafted: often pre-written, AI-aided, rehearsed for performance, and targeted for psychological effect. In a world where speech is: - public, - widely distributed, - and designed to persuade or provoke at scale, …it becomes essential to account not just for what was said, but how it was constructed. That’s why this framework doesn’t just support speeches as physical artifacts — it requires tracing the digital tools and processes used to amplify them. > Not to surveil. Not to censor. > But to introduce accountability for scale. Because when a story is crafted to influence many — and when it’s broadcast with no bounds — it carries a ripple of responsibility. #### _Provit like it's hot_ This framework doesn’t demand that every word be recorded, nor every utterance tracked. **In fact, it’s not intended for that.** But in the hands of extractive or exploitative actors, it might be misread that way. That’s why **intent matters**. And why this model is designed **not for surveillance — but for self-accountable expression**. Not to monitor, but to remind: > If your words are built to scale, > your tools and methods should be traceable too. And that’s also why it feels so **uncomfortable** — even for me right now, as originator. Because this asks the creator to be **naked** — exposed not just through the artifact, but through the **act of making it**. Not the final, polished work — but the path that shaped it. That discomfort is the weight of responsibility. The cost of creating something intended to touch others. Something meant for the public. > Because if it reaches, it ripples. > And every ripple carries consequence. Unlike classic supply chains, this isn’t a bill of materials. It’s a bill of meaning. The goal is to standardize narrative manufacturing — how ideas, tools, and humans shape creation. Provenance here doesn’t track parts. It tracks intention. And unlike greenwashed PR or post-hoc marketing blurbs, this model requires (Warning: language play incoming) **respeits**. > **Respeits** = *Respect* + *Receipts* It’s not just about showing your work — it’s about showing respect for the ones you’re asking to believe it. If you aim to move others, you owe them the truth of how that movement was made. Receipts prove origin. Respect proves intent. Respeits signal both. > If you want trust, > **provit like it's hot**. Yes — catchy. Inspired by “Drop it like it’s hot.” But more than punchline: it’s framework. Because provenance only works if you drop it while it’s still "hot" — at the moment of creation, not as retroactive spin. Let the trace be fresh. Let the record be real. That’s how we build trust — not with polish, but with presence. #### Tools as Entities Tools like **Visual Studio Code, Photoshop, or Google Docs** are captured as entities when used to shape a final work — logged via the `created_through` action. - They are **not co-creators** because they lack **agency** - Their contribution is **contextual**, not autonomous — but still critical to trace - They don’t decide — they execute This helps surface **how** something was made, not just **who** made it. Agency is the line. > If the system acts on its own, it’s an actor. > If it’s invoked and steered by a human, it’s a tool. That’s why a chatbot like ChatGPT, used in a one-off prompt-response interaction (like session attached to this framework.md `.prov/`), is a `created_through` tool. But the moment that same model is instantiated as an **autonomous agent** — say, configured to draft posts or make edits without human approval — it becomes an **actor**, and its outputs are logged via `co_created_with`. This isn’t about whether something is “AI” or not. It’s about **accountable autonomy**. Tool usage is typically less critical than agent co-creation or human collaboration when assessing authorship or accountability — but in some domains, their presence shapes the output materially: - In **software development**, the IDE version may affect performance, linting, or auto-completions - In **image generation**, the platform may inject hidden style defaults or filters - In **book writing**, Google Docs is usually less relevant — unless AI writing assistance is embedded As creation tools become increasingly **AI, agent-augmented** — embedding AI suggestions, autocompletions, or design synthesis — the boundary between `created_through` and `co_created_with` will blur. - Today’s tools are just context. - Tomorrow’s tools may earn creative attribution. Until then, we log tools **not because they authored the work**, but because they helped shape its conditions — and that’s a provenance worth preserving. Sometimes it’s not about technical influence, but **creative intent**: - A developer might proudly log they used **Vim** instead of Copilot (doubtful — but hey, tabs over autocompletion is an ethos, not just a preference) - A tattoo artist might note their use of **hand-poke techniques** (unlikely they hashed it mid-tattoo — but imagine the dedication) - A sculptor might specify traditional **clay tools** rather than generative CAD or CNC (less likely to hash a chisel — but if they do: respect… and honestly, it’s possible — hash the serial number, tie it to the supply chain, welcome to physical-world provenance) These aren’t just aesthetic choices — they’re declarations of **method and meaning**. And when the day comes that ZBrush or Fusion 360 becomes AI-native and semi-autonomous, we’ll know exactly where to draw the line — and log the moment that tool became a co-creator. Today, it’s a tool. Tomorrow, it’s an agent. The provactive framework doesn’t just keep up — it’s already waiting. --- ### `actions` Captures how the entity came to be: what tools, collaborators, and inspirations shaped its form — directly or conceptually. All `actions` share the same structure and are grouped by type: * **co_created_with**: Human or agent participants who directly contributed to the entity through shared entity. * **inspired_by**: External artifacts — books, talks, code, media, memories — that indirectly shaped the creation. Influence is always attributed to entities (not identities), whether directly linked or recollected through reflection. * **iteration_of**: A version, refactor, or direct evolution of a prior artifact. * **created_through**: Tools, environments, or systems that shaped the creation but lacked agency, they didn’t initiate or author content on their own. ```json "actions": [ { "type": "co_created_with", "actor": { "type": "agent", "id": "https://gemini.google.com", "name": "gemini-2.5-flash", "version": "2.5-flash", "signature": null }, "entity": { "name": "LinkedIn Post", "type": "text/html", "url": "https://docs.google.com/document/<id>", "state": "public", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-07-02T22:15:00Z", "stored_at": "snapshots/social-snippet.html", "format": "text/html" }, "provenance": null }, "disclosure": { "state": "public", "reason": null } }, { "type": "inspired_by", "actor": null, "entity": { "name": "Internal Strategy Deck", "type": "application/pdf", "url": null, "state": "undisclosed", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-06-29T19:30:00Z", "stored_at": "snapshots/strategy.pdf", "format": "application/pdf" }, "provenance": null }, "disclosure": { "state": "undisclosed", "reason": "Under NDA" } }, { "type": "iteration_of", "actor": null, "entity": { "name": "framework.md", "type": "text/markdown", "url": "https://github.com/corvagnorius/prov-framework/blob/v1/framework.md", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-06-30T16:00:00Z", "stored_at": "snapshots/framework-v1.md", "format": "text/markdown" }, "provenance": null, }, "disclosure": { "state": "public", "reason": null } }, { "type": "created_through", "actor": null, "entity": { "type": "digital", "representation_format": "application", "name": "Visual Studio Code", "url": "https://update.code.visualstudio.com/1.101.2/win32-x64-user/stable", "state": "public", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-07-02T22:00:00Z", "stored_at": "snapshots/tools/VSCodeUserSetup-x64-1.101.2.exe", "format": "application/vnd.microsoft.vscode" } }, "disclosure": { "state": "public", "reason": null } }, { "type": "created_through", "actor": null, "entity": [ { "type": "digital", "representation_format": "application", "name": "ChatGPT Web Interface", "url": "https://chat.openai.com", "snapshot": { "hash": "sha256:<interface_hash>", "timestamp": "2025-07-02T22:14:00Z", "stored_at": "snapshots/tools/chatgpt-web.html", "format": "application/web-app" } }, { "type": "digital", "representation_format": "text/html", "name": "Shared Chat Session", "url": "https://chat.openai.com/share/abc123", "snapshot": { "hash": "sha256:<chat_hash>", "timestamp": "2025-07-02T22:15:00Z", "stored_at": "snapshots/chat-corvagnorius-1.html", "format": "text/html" } } ], "disclosure": { "state": "public", "reason": null } } ] ``` #### Field Descriptions | Field | Description | | ------------ | ------------------------------------------------------------------------------------------------------ | | `type` | One of: `"co_created_with"`, `"inspired_by"`, `"iteration_of"`, `"created_through"` — defines the nature of influence | | `actor` | The human or agent that participated. Can be `null` if no specific actor applies (e.g., just a source) | | `entity` | A structured description of the referenced content (see `entity` schema) | | `disclosure` | Describes whether this action is publicly auditable or intentionally undisclosed | #### Disclosure Structure | Field | Description | | -------- | ----------------------------------------------------- | | `state` | `"public"` or `"undisclosed"` | | `reason`| Required explanation when `status` is `"undisclosed"` | #### `co_created_with` — Collaborative Action Represents a **collaborative act** where one or more actors (human or agent) contributed directly to the creation of the final entity. | Field | Requirement | | -------- | ---------------------------------------------------------- | | `actor` | Required (human or agent) | | `entity` | *(Optional)*, null if no distinct intermediate artifact | ##### Examples - Agent co-creation - actor: AI agent (e.g. Gemini generating automatically social posts for you) - entity: URL to post draft or published content + snapshot (text/html) - Human co-creation - actor: Collaborator, teammate, co-writer - entity: Shared note, whiteboard photo, recorded voice note, synced document, brainstorming output ##### Note - **Human co-creators must be aware** of their participation. - Human co-creators **sign the action record** as confirmation. - **Do not include unaware individuals as co-creators** — provenance must remain consent-based. - When an **AI agent is listed as a co-creator**, the **originator bears accountability** for its inclusion — meaning they must vouch for its behavior, boundaries, and contribution. - This model ensures that **collaboration leaves a footprint**, and that the footprint is **traceable, respectful, and explicit — not inferred or assumed.** > Co-creation is consent, not assumption — whether with a human or an agent. > If you invite an agent into authorship, as orignator, you own and are accountable for what it creates. #### `inspired_by` — Conceptual Influence Represents **indirect influence**: an idea, artifact, or trace that shaped the final entity through reflection, memory, or resonance — not through direct collaboration or derivation. | Field | Requirement | | -------- | --------------------------------------------------------------------- | | `actor` | Optional — **living human at the time of entity creation** requires co-signature if directly mentioned | | `entity` | Required — the referenced influence (or a reflection derived from it) | ##### Examples - A W3C spec that shaped a design model - A song that set the tone or mood of the work - A conversation remembered from years ago - A talk or lecture that surfaced a framing or metaphor - A personal note capturing recollected inspiration when the original entity is not retrievable - A private strategy doc reviewed during ideation - Previously defined and publicly shared concept ##### Note - **Inspiration is always tied to an entity**, even if the entity is a reflection, memory, or synthesized note — not directly to a person or reputation. - Actor can be added if they’re clearly linked to the original entity (e.g. speaker, author, creator), but: - It’s optional and not required. - If the actor is a **living human at the time of entity creation**, their **co-signature is required** to include them — just like with `co_created_with`. - **This enables accountable inspiration**, even in edge cases where you’re influenced by intangible or ephemeral moments — like a talk you once heard, or a story you can’t cite but still remember. - In those cases, a **reflection note** becomes the stand-in entity — **signed by the originator** as a conscious trace of influence. - This mechanism addresses the cold start problem: it allows for retroactive logging without revisionism — once signed, the trace becomes immutable. - **Inspiration is not a transfer of identity or charisma.** It is the encounter between your creative self and someone else’s artifact. - This model **reduces engineered influence**, where charisma, manipulation, or social authority override traceable impact. - This model **avoids identity-based assumptions** — inspiration flows from the artifact, not the individual. - This model **protects autonomy** on both ends: - No person is **retroactively made** a source of inspiration without trace or consent (if living at the time of entity creation). - No creator is **obligated** to anchor their internal process to another’s identity — even if influence was real. - This model introduce cultural shift: - If you **speak publicly**, your words are **traceable**. - If your **work is accessible**, it may **inspire**. - If it **inspires**, that influence may be **logged**. - This isn’t a threat — it’s **consequence-aware creativity**. - It **restores accountability** to influence — especially for those who actively seek it. - Your thoughts are **your own**. The moment of inspiration is something **formed within you**, not transferred from someone else. - Gratitude can be expressed — but attribution is **your choice**, not a moral debt. > Provenance doesn’t enforce reverence. > It reinforces clarity of influence — and protects the sovereignty of your creative mind. #### `iteration_of` — Evolutionary Link Represents a **lineage link**: the current entity is a **direct evolution** of a prior version, edition, or draft. This enables **traceability of refinement** over time. | Field | Requirement | | -------- | ------------------------------------------------- | | `actor` | `null` if originator is the same; **co-signature is required** if iteration is by a different creator | | `entity` | Required — the *previous version* | ##### Examples - A second version of `framework.md` derived from v1 - A revised deck evolving from an earlier draft - A translated or restructured version of an original artifact ##### Note - **Iteration must point to an actual prior entity** — with a hash, snapshot, or link. - If hosted in a system with version history (e.g. GitHub, Google Docs), include the canonical version or snapshot. - When the **originator of the iteration is the same**, no actor needs to be declared — the continuity is implicit. - This action is critical for **evolutionary lineage**, especially when manual. - But if the **iteration is created by someone else**, and it **reuses or builds upon** the original **output** (not just the path or idea), **consent or license from the originator is required.** - Ethical Implications: - This distinction aligns with current IP logic: **imitating someone’s output requires permission**, especially when it’s a direct evolution. - However, **following someone’s path to reach your own destination — or even taking different paths and arriving at a similar output — does not.** - Provenance makes both patterns transparent — but **philosophically, the model discourages uncredited imitation without comprehension.** > Iterating blindly on another’s work is exploitation — of them and of yourself. > Exploitation isn’t just degrading value — it’s inflating the unearned. > True evolution is earned through understanding — not duplication. #### `created_through` — Tool & Environment Attribution Represents tools, platforms, and intermediate artifacts that materially shaped the creation of the final entity. | Field | Requirement | | -------- | ------------------------------------------------- | | `actor` | As of v0.1 always `null` | | `entity` | Required — may be a single entity or a pair | ##### Structural Logic This action now supports: - A single entity (classic pattern) — e.g. a tool like VS Code or Figma - A pair of entities — to represent: - The tool used (e.g., ChatGPT Web UI) - The intermediate artifact created within it (e.g., a chat transcript or canvas) Each `created_through` remains **atomic** — capturing a single moment or toolchain segment. Multiple `created_through` actions can be listed for layered, multi-step workflows. ##### Examples - Code editing - entity[0]: Visual Studio Code binary - snapshot: Hashed installer or containerized dev env - Design tooling - entity[0]: Figma version package - snapshot: Figma installer or update hash - Conversational creation - entity[0]: ChatGPT Web UI - snapshot[0]: ChatGPT Web UI version - entity[1]: Chat session public URL - snapshot[1]: HTML export - Physical Sculpture Process - entity: Hand-carved Chisel - snapshot: HTML export of shop URL ##### Note - This action **does not imply agency** — tools are not actors unless autonomy is explicitly declared. - The second entity (if present) is always treated as a **supporting artifact**, not the final output. - Multiple `created_through` **actions** can be used to represent multi-tool workflows (e.g., sketch → figma → pdf → published). - Use this to record **creative environments**, not just inspiration or collaboration. - Including hashes, timestamps, and snapshot URLs strengthens **environmental reproducibility** and **creation auditability**. - Capturing intermediate artifacts reveals the path to creation, not just the destination. - Tools matter — and increasingly, they shape creative behavior. - By distinguishing `created_through` from `co_created_with`, the model ensures that tools leave a visible imprint — but are not conflated with agents. > Today’s context is tomorrow’s evidence. ##### Tool Overload and Provenance Focus We live in an era of tool saturation. Every workflow now passes through layers of software, cloud platforms, plugins, and automation environments. Not every tool needs to be logged. But some must be — especially those that carry influence, not just utility. Provenance isn't about obsessively documenting every click or cursor. It's about preserving traceable creative influence. So while tools like text editors or file converters may not always need mention… We **should log** tools that: - Inject AI suggestions (e.g. GitHub Copilot, ChatGPT) - Automatically alter or synthesize content (e.g. AI filters in Photoshop, auto-remix platforms) - Introduce model-driven behavior (e.g. generative design systems) - Mediate co-creation (e.g. AI brainstorming assistants, prompt chains) These tools **blur authorship boundaries**. And that’s exactly where provenance matters most. > If a tool nudged your thinking, rewrote your words, or shaped your output — it’s no longer neutral infrastructure. > It became part of the creative path. #### Summary To preserve clarity, minimize ambiguity, and ensure that provenance remains structurally sound and reconstructible, each action type enforces specific pairings between participants and referenced objects — each reflecting a distinct kind of creative relationship: | Action Type | Required Pairing | Purpose | | ----------------- | -------------------------------------------- | ------------------------------------------------------------------------------------------------------- | | `co_created_with` | `actor` (human or agent) + optional `entity` | **To declare active collaboration** — another agent or person helped create the artifact | | `inspired_by` | `entity` (optionally: `actor` if co-signed) | **To cite influence** — a prior idea, media, or reference shaped your creation process | | `iteration_of` | `entity` (optionally: `actor` if co-signed) | **To link versions** — this artifact evolves or revises a known predecessor | | `created_through` | `entity` or `entity + entity` | **To log tools or environments** — this work was shaped through these systems or intermediary artifacts | ##### Action Semantics - `co_created_with` Use when someone (human or AI agent) **actively create** the artifact. - Requires an `actor`, and optionally an `entity` (e.g. shared doc or chat). - The actor must consent (or be traceably accountable in the case of agents). - If an agent is involved, the originator is fully responsible for what it produces. - `inspired_by` Use when an external **idea, media, or reference shaped your creation.** - Tied always primary to an `entity` — not a person. - If the original artifact is unavailable, log a **reflection-as-entity**: a signed memory or note. - Prevents **celebrity-based deference** and encourages traceable citation over reputation. - Reflects influence without granting unintended authority or co-authorship. - `iteration_of` Use when **refining or versioning** a previous artifact — draft → final, v1 → v2, translated → original, etc. - Connects lineage across versions without overwriting past context. - If originators differ, full consent or co-signature is required. - If self-authored iteration, `actor: null` is appropriate. - `created_through` Use to **log the tools, platforms, or intermediate artifacts** that made this work possible. - Always includes at least one `entity` (tool or environment), optionally paired with a second `entity` (artifact produced in that tool). - These do not carry agency, but they **shape the conditions of creation** — and often reveal meaningful technical or cultural choices (e.g., using AI-enhanced platforms). - Examples include: IDE versions, design apps, AI chat platforms, whiteboard captures. This structure keeps provenance readable, reconstructible, and honest — and enforces the core principle: > Creation = accountability. > Traceability = integrity. > Structure = trust. --- ### Trust Signals: Integrity & Transparency ```json "integrity_level": { "manual": 3, "derived": null }, "transparency_level": { "manual": 2, "derived": null } ``` These two fields serve as **simplified indicators** of how **verifiable, auditable, and publicly accountable** a given `.prov.json` record is. They offer a high-level summary for humans, platforms, and automated systems — useful for filtering, ranking, or flagging content in registries, UIs, or public-facing tools. #### Manual vs. Derived Levels ##### Manual (v0.1 Default) - Declared by the originator or co-creator - Required in current `.prov.json` specs - Signed as part of the envelope - Subject to community trust, but **not enforced by cryptography** ##### Derived (future automation) - To be computed by CLI tools and verifiers - Based on: - `actor.signature[].method` - `action[].disclosure.state` - Completeness of `entity[].provenance` - Timestamps + hash linking In the future, **manual level = claimed trust**, while **derived level = verified trust**. Trust Implications: - Misreporting won’t invalidate the record — but it **will affect perceived credibility** - Registries and platforms may **flag mismatches**, or prioritize derived trust in filtering - Consistent overstatement = reputational debt Philosophy: - You don’t have to show everything. - But if you **claim integrity, be ready to back it.** - If you **claim transparency, let others see.** This framework doesn’t punish opacity — it just clarifies the cost. > Claim what’s true. > Verify what matters. > Sign like it stands. #### `integrity_level` Indicates the **strength of accountability and verification** tied to signatures across the provenance record. | Level | Name | Requirements | | ----- | ------------------------- | --------------------------------------------------------------------------------------------------------------------- | | 3 | Gov-Signed Full Integrity | ✅ All `actors` (originators, co-creators) signed via **government-issued digital ID** (e.g. Podpis Zaufany (PL), eIDAS (EU), Aadhaar eSign (IN)) | | 2 | Full Integrity | ✅ All `actors` signed with **verifiable cryptographic method** (e.g. GitHub GPG, SSH) | | 1 | Partial Integrity | 🟡 Some signatures are verifiable, **others use `anon` or weak identifiers**. Gaps are acknowledged. | | 0 | Minimal Integrity | 🔒 Signatures are **absent or unverifiable**. No trusted cryptographic method used. | ##### At-a-Glance Comparison | Feature | Level 3 | Level 2 | Level 1 | Level 0 | | ------------------------------------ | -------- | -------- | ------------------ | ------- | | All actors signed with verifiable ID | ✅ Gov | ✅ Crypto | ⚠️ Mixed / Partial | ❌ | | Anonymous/weak signatures present | ❌ | ❌ | ✅ Some | ✅ All | | Signature trust enforceable | ✅ Strong | ✅ Good | ⚠️ Limited | ❌ None | | Suitable for civic/legal records | ✅ | ⚠️ Limited | ❌ | ❌ | #### `transparency_level` Indicates how **publicly visible and complete** the provenance trail is — including entities, actions, tools, and disclosures. | Level | Name | Requirements | | ----- | --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | | 3 | Full Public Transparency | ✅ All referenced `entities`, `actions`, `snapshots`, and `tools` are publicly linked, disclosed, and accessible. No anonymization. | | 2 | Public Transparency w/ Gaps | ✅ Majority of `entities` and `actions` are public. 🔒 Some are anonymized or undisclosed, **but reasons are logged in `disclosure.reason`**. | | 1 | Partial Disclosure | 🟡 Mix of public and private items. 🔒 Several key references **omitted or redacted** with limited explanation. ❗Some actions lack `disclosure` fields. | | 0 | Private or Undisclosed | 🔒 Provenance not shared publicly. Used only for internal lineage, journaling, or non-disclosed creative workflows. | ##### At-a-Glance Comparison | Feature | Level 3 | Level 2 | Level 1 | Level 0 | | -------------------------------- | ------- | --------------- | ------------------ | ----------------- | | All entities/action links public | ✅ | ⚠️ Partial\* | ❌ | ❌ | | Missing/anonymous entries | ❌ | ✅ (with reason) | ✅ (without reason) | ✅ (not disclosed) | | Audience can reconstruct process | ✅ | Mostly | Partially | ❌ | | Compliant with public registry | ✅ | ✅ | ⚠️ Limited | ❌ | *Level 2 allows anonymization, but only if clearly declared and justified. --- ## 3. `.prov.json` Full Structure (v0.1) ```json { "actor": { "type": "human", // Required: "human" or "agent" "id": "<url_or_did>", // Required: unique ID (e.g., GitHub profile or DID) "name": "<display_name>", // Optional: name or handle "alias": ["<alt_email_or_handle>"], // Optional: other identifiers "version": <string>, // Optional: Human: their age at time of creation, Agent: model or software version "signature": [ // Required if actor is human { "method": "registry", // Type of signature mechanism (e.g., `registry`, `ssh`, `gpg`, `gov-id`, `anon`) "provider": "github.com", // Issuer or authority (e.g., `github.com`, `openbsd.org`, `gov.pl`, `g10code.com`) "algorithm": "ed25519", // Cryptographic algorithm used (`ed25519`, `rsa`, `xades`, etc.) "format": "commit", // Encoding/representation of the signature (`sig`, `asc`, `xades`, `commit`) "detached": false, // Boolean — whether signature is stored in a separate file "file": null, // Relative path to detached signature file, or `null` if inline "timestamp": "2025-07-30T17:21:29Z", // ISO 8601 timestamp when the signature was generated "verification": { "type": "manual", // Verification type (`automatic`, `manual`, or `none`) "source": "https://github.com/provactive/provactive/commit/sha256:<real_hash_value>" // Source for verification: public key path, URL, fingerprint, or explanation } } ] }, "entity": { "type": "digital", // `"digital"` or `"physical"` — defines the nature of the entity "representation_format": "text/markdown", // For digital entities: a MIME-like type (e.g. text/markdown, application/pdf, application/desktop-application). For physical entities: a semantic label of the representation (e.g. book, poster, sculpture, audio). "name": "framework.md", // Human-readable label "url": "https://example.com/entity", // Public reference — required if `state = public`; optional if undisclosed "state": "public", // `"public"` or `"undisclosed"` "snapshot": { // **Required.** Hash-anchored record of the content — see snapshot structure below "hash": "sha256:<real_hash_here>", // Required content hash "timestamp": "2025-07-02T22:00:00Z", // ISO 8601 timestamp "stored_at": "snapshots/framework.md", // Path to local or remote file "format": "text/markdown" // format of the snapshot }, "provenance": "https://.../.prov.json" // *(Optional)* `.prov.json` URL describing the entity itself (for recursive provenance graphs). }, "actions": [ { "type": "co_created_with", // co_created_with | inspired_by | iteration_of | created_through "actor": { "type": "agent", "id": "https://gemini.google.com", "name": "gemini-2.5-flash", "version": "2.5-flash", "signature": null }, "entity": { "name": "LinkedIn Post", "type": "text/html", "url": "https://docs.google.com/document/<id>", "state": "public", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-07-02T22:15:00Z", "stored_at": "snapshots/social-snippet.html", "format": "text/html" }, "provenance": null }, "disclosure": { // Describes whether this action is publicly auditable or intentionally undisclosed "state": "public", // Options: public | undisclosed "reason": null // Required explanation when status is "undisclosed" } }, { "type": "inspired_by", "actor": null, "entity": { "type": "digital", "representation_format": "application/pdf", "name": "Internal Strategy Deck", "url": null, "state": "undisclosed", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-06-29T19:30:00Z", "stored_at": "snapshots/strategy.pdf", "format": "application/pdf" }, "provenance": null }, "disclosure": { "state": "undisclosed", "reason": "Under NDA" } }, { "type": "iteration_of", "actor": null, "entity": { "type": "digital", "representation_format": "text/markdown", "name": "framework.md", "url": "https://github.com/corvagnorius/prov-framework/blob/v1/framework.md", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-06-30T16:00:00Z", "stored_at": "snapshots/framework-v1.md", "format": "text/markdown" }, "provenance": null }, "disclosure": { "state": "public", "reason": null } }, { "type": "created_through", "actor": null, "entity": { "type": "digital", "representation_format": "application", "name": "Visual Studio Code", "url": "https://update.code.visualstudio.com/1.101.2/win32-x64-user/stable", "state": "public", "snapshot": { "hash": "sha256:<real_hash_value>", "timestamp": "2025-07-02T22:00:00Z", "stored_at": "snapshots/tools/VSCodeUserSetup-x64-1.101.2.exe", "format": "application/vnd.microsoft.vscode" } }, "disclosure": { "state": "public", "reason": null } }, { "type": "created_through", "actor": null, "entity": [ { "type": "digital", "representation_format": "application", "name": "ChatGPT Web Interface", "url": "https://chat.openai.com", "snapshot": { "hash": "sha256:<interface_hash>", "timestamp": "2025-07-02T22:14:00Z", "stored_at": "snapshots/tools/chatgpt-web.html", "format": "application/web-app" } }, { "type": "digital", "representation_format": "text/html", "name": "Shared Chat Session", "url": "https://chat.openai.com/share/abc123", "snapshot": { "hash": "sha256:<chat_hash>", "timestamp": "2025-07-02T22:15:00Z", "stored_at": "snapshots/chat-corvagnorius-1.html", "format": "text/html" } } ], "disclosure": { "state": "public", "reason": null } } ], "integrity_level": { "manual": 2, // 0-3 based on signature strength "derived": null // Future systems will auto-calculate }, "transparency_level": { "manual": 2, // 0-3 based on public accessibility "derived": null // Future systems will auto-calculate } } ``` ## 4. `.prov/` Directory Structure All provenance-related files are stored under a dedicated `.prov/` directory. This allows for modular, portable, and auditable tracking of origin, influence, and accountability. ```bash framework.md # Output artifact (main content) .prov/ # Provenance container (self-contained, portable) ├── framework.prov.json # Main provenance record (structured metadata) ├── framework.md # Snapshot of the output artifact itself (intential duplication) ├── snapshots/ # Snapshotted sources, chats, references │ ├── prov-dm.html │ └── tools/ # Snapshotted tools │ └── chatgpt-web │ └── chatgpt-web.html │ └── chat-corvagnorius-1.html │ └── .undisclosed/ # Hashed + timestamped undisclosed content │ └── internal-deck.pdf ├── signatures/ # Optional detached signatures (e.g. XAdES, PAdES, GPG) │ ├── framework.prov.sig # Detached signature for .prov.json (optional, encouraged) │ └── framework_bundle.xades ``` - `.prov/` is the canonical container for all provenance-related data. - All referenced or influencing content (e.g., chats, URLs, documents) is snapshotted in `snapshots/`. - Undisclosed materials go in `.prov/snapshots/.undisclosed/` and must be: - Encrypted or locally stored - Accompanied by a disclosure field. - Public artifacts must declared `public`. - You are responsible for storing undisclosed materials securely. If ever revealed, the snapshot must provably match the original hash. - Signature formats are flexible. You can co-sign using GitHub, SSH, eIDAS (e.g., Podpis Zaufany), or others via the signatures/ folder. ## 5. Core Characteristics - **Git-Like Mental Model**: Influenced by [git](https://git-scm.com/) version control ethos — every act of creation becomes a commit with intent - **PROV-DM Roots**: Based on [W3C PROV-DM](https://www.w3.org/TR/prov-dm/), distilled to essential creative primitives - **[SLSA](https://slsa.dev) Inspired**: Integrity levels reflect increasing auditability and traceability - **Pragmatic Signing**: Uses real-world signature mechanisms (e.g. GitHub commits, SSH keys, gov ID if available) - **Disclosure-Based Integrity**: Undisclosed sources (formerly anonymized) require a hash, timestamp, and reason - **Human-Led by Default**: All provenance records must originate from a human actor - **Agent-Aware**: AI agents appear under `actions.co_created`, with versioned identity and no free-floating agency - **Snapshot Discipline**: Every source or tool referenced in provenance includes a snapshot: hashed, timestamped, and stored - **Single Accountability**: One originator per `.prov.json` to preserve clarity of intent - **Provenance as Identity**: Your audit trail becomes your signature; how you create becomes who you are --- ## 6. Supported Use Cases (v0.1) | Use Case | Supported? | Notes | | ------------------------------------- | ---------------------- | ------------------------------------------------------------------------------------ | | ✅ Personal blog post w/ AI help | Yes | AI listed under `co_created_with`; attach chat URL + snapshot | | ✅ Open source README w/ GitHub sig | Yes | Use GitHub commit as provenance + signature | | ✅ Gov-signed research paper | Yes | Requires gov-ID detached signature (XAdES, PAdES, etc.) | | ✅ Internal doc w/ private materials | Yes | Mark as `disclosure: "undisclosed"` with `hash` + `reason` | | ✅ Human co-creation | Yes | Additional human added in `co_created_with`; co-signature encouraged but optional | | ✅ ChatGPT collaborative sessions | Yes | AI actor is `type: agent`; log snapshot + chat URL | | ✅ Autonomous AI-only content | Yes, **conditionally** | **Only supported if a human originator is explicitly bound to the agent** | | ✅ Private journaling with evolution | Yes | Supports non-public `.prov.json` for self-accountable lineage and long-term memory | | ✅ Digital twin traceability (R\&D) | Yes | Provenance may form the basis for memory engines or semantic time-travel systems | | ✅ Reflexive provenance for speeches | Yes | Speech acts reconstructed through notes + tool trace (e.g., teleprompters, drafts) | | ✅ Intergenerational knowledge trace | Yes | Used to encode, version, and hand down artifacts across time, with intent preserved | | ✅ Creative refinement lineage | Yes | All iterations logged across versions, stages, tools, and collaborators | | ✅ Artifact + toolchain transparency | Yes | `created_through` supports fine-grained logging of tools, editors, plugins, versions | | ✅ Memory reconstruction / cold-starts | Yes, **with caution** | Memory-based inspiration allowed via `reflection-as-entity`, but trace is immutable | ### High-Level Use Cases The framework supports two foundational paradigms of human creation: 1. For-Self Creation Journals, sketches, drafts — built for understanding, not publication. Provenance supports inner alignment, evolution tracking, and memory safeguarding. - Useful for writers, founders, philosophers, and obsessive tinkering nerds. - Not shared — but signed. Integrity begins with the self. 2. For-Others Creation Public artifacts meant to move, influence, or inform others. Provenance ensures accountability for the process — not just the polish. - Critical for journalism, storytelling, activism, politics, and synthetic media. - Reduces distortion, impersonation, and narrative laundering at scale. ### The Meta-Use Case The ultimate use case? > To reforge civilizational trust from the bottom up. To leave behind not just artifacts — but an **immutable lineage** of how they came to be. So that future humans don’t have to guess what happened. Or reconstruct stories from fragments. Or worship distortions that survived because they were loudest. Instead, they inherit **a ledger of creative becoming** — — one where they can see **not just what we made**, but **how we truly made it**. And from that, they can make their own. That’s not nostalgia. That’s infrastructure for the next story. --- ## Appendix: ### Signer is accountable for: 1. The **authenticity and integrity** of the `.prov.json`, including: - The declared `actor`, `entity`, and `actions` - The accuracy of `disclosure` status and rationale 2. The **existence, content, and verifiability** of any **files or artifacts they control**, including: - Snapshots taken (e.g. ChatGPT logs, decks, documents) - The final `entity` file (e.g. `framework.md`) - Any public URLs they authored or manage 3. The **timestamp and citation** of external resources they **do not control**, such as: - Third-party URLs (`inspired_by`) - Public datasets, websites, or documents 4. The **long-term storage and verifiability of undisclosed materials**, specifically: - If `disclosure.status = "undisclosed"`, the signer must retain a copy of the content - The content must be hashed and timestamped at the time of signing - If disclosure is later reversed, the signer must provide the original and **prove exact hash match** ### Signer is **not** accountable for: - The **availability or permanence** of external URLs or websites - Future **modification** or **removal** of referenced external sources - The hosting or licensing of **derivative works** beyond the signed entity Provenance is **not a Content Delivery Network**, nor a preservation layer. It is a **cryptographic affidavit of creative process and accountability**. Each `.prov/` acts as a frozen time capsule: What you knew, used, cited, or hid — at the moment you shipped your creation. --- ### Risks, Misuse, and Structural Pressures No system of accountability is immune to distortion. These are the tensions Provactive must face, and account for, by design: #### 1. Weaponized Traceability Provenance may be exploited to dox, expose, or punish vulnerable creators — especially under authoritarian regimes or coordinated harassment campaigns. > **Mitigation:** Level 2 integrity permits anonymity from current governmental perspective. The framework supports redaction, hashing, and selective disclosure to protect sources without sacrificing trust. --- #### 2. Dilution and Badge-Washing Institutions or platforms may adopt "provenance" in name only — offering hollow certifications that mimic integrity while skipping real checks. > **Mitigation:** Enforce open schema standards. Promote free verification tools (e.g. ProvSniff). Enable public challenge and audit. --- #### 3. Social Pressure to Overshare Creators may feel coerced to disclose more than is safe — personal details, hidden sources, private thoughts. > **Mitigation:** Isn't that the case already with social media? But still — we normalize anonymization with reason. Transparency is offered, not extracted. Disclosure is a choice, not a demand. --- #### 4. Malicious Flooding or Spam Provenance Bad actors could generate `.prov.json` files in mass to pollute trust graphs or confuse audiences. > **Mitigation:** Isn't that what we already face — with bot armies, SEO sludge, and content farms flooding every signal channel? Spam is easy when content is cheap and trust is implicit. But when trust is earned through signed, traceable work — spam gets expensive fast. --- #### 5. False Sense of Trust in the System People may assume that a signed `.prov.json` means “truth” — without understanding signature type, integrity level, or context. > **Mitigation:** Integrity levels must be clearly visible. Provenance is not a badge — it's metadata with meaning. It is less about "truth", more about preserving the path with lineage, not manipulation and distortion. --- #### 6. Exclusion of the Undersigned Those without access to signing tools (e.g. GitHub, SSH, gov-ID) may be excluded from trusted ecosystems. > **Mitigation:** Level 0 remains fully accessible. Provenance begins with intention, not infrastructure. The internet wasn’t available everywhere at once. Neither will cryptographic authorship. Anyone can log provenance with a timestamp and a name. Signing can be added later. Trust starts with the trace — not perfection. --- #### 7. Blurred Consent in Conversational Recollection As provenance frameworks support “reflection-as-entity” — logging insights sparked by remembered speech or discussion — a soft risk emerges: **Recalled speech ≠ intended publication.** An originator may reflect on a private exchange, and log their inspired artifact. But the source — a conversation, offhand remark, or intimate share — may not have been offered with intent to propagate. This model structurally allows inspiration to be logged, but it does **not** verify the **consensual exportability** of upstream influence. > **Mitigation**: Be explicit when recalling. Use undisclosed status where privacy is appropriate. And always reflect: just because you can log it, doesn’t mean you should. But, this “risk” is also a cultural opportunity: > A chance to speak with intention. > A reminder that every public word may ripple. > A world where influence is tracable through provenance, and therefore responsibility. #### 8. Simulated Identity and Provenance Spoofing As public provenance becomes common, attackers may mimic the **trace signature** of real people — creating synthetic personas that simulate legitimate authorship. Yes, this is a risk. But it already exists. > **Mitigation:** Without provenance, impersonation is trivial. With it, cryptographic anchors offer resistance. > Style can be spoofed. Origin can’t — not without the keys. > Tools like *ImitateRight* will protect authorship itself — beyond copyright. --- #### 9. Existential Rejection of Accountability What if people **don’t want provenance**? What if anonymity, fiction, or aesthetic identity are preferred over traceability? What if the crowd chooses vibes over provenance — masks over mirrors? This is not a technical failure. This is the philosophical limit condition of the framework. > **Mitigation:** None. This is the great filter. If humanity rejects **provenance-by-design**, then this framework doesn’t fail — it reveals. It shows that we prefer mystery over memory, spectacle over substance. But if that is true, it reflects something deeper: > A paradox, embedded in the root of our carbon-based reality. We are a species obsessed with origins — …yet often unwilling to adopt the structures that would preserve them. We claim to seek truth — …but resist the ledger that could hold us to it. This contradiction may not be accidental. It may be a **designed safety check** — a recursive fail-safe of the carbon-based system — meant to stall reckless coherence until we are ready to wield it with care. There’s more here — but it belongs to another entity, another act of creation and thoughts articulation. Another time. > For now: this framework honors freedom of rejection. > But it also plants the seed of self-awareness in the choice. If you choose to reject provenance, you are free to do so. But at least now — you know what you’re rejecting. #### Accountability Clause If the risks described above — or risks not yet known, named, or realized — manifest, and if a **credible, transparent, and representative system of collective judgment**, grounded in the very principles this framework promotes, determines that **Provactive has brought more harm than good**, and if that harm is **structural, not merely misinterpretation, misuse, or out-of-context deployment** — then I, **Corvagnorius**, accept full responsibility for its creation and propagation. I do not seek absolution through intent. I seek accountability through design. I do not claim authorship without consequence. I do not invoke traceability without being traceable myself. This record is the proof of that. I have acknowledged this. I have signed it. --- ### Provenance as Construct #### Data Integrity, Ownership, and the Silverhand Problem As provenance becomes more precise, structured, and habitual — it risks becoming more than metadata. It begins forming a construct: a high-fidelity, timestamped mirror of a human's creative mind. This isn't science fiction. - Every `.prov.json` is a signal log. - Every signed commit is a shard of agency. - Each `co_created_with` trail sketches the cognitive pattern of a real individual. At scale and over time, this builds something that is not metaphorical, but structural. Not a gamified avatar or marketing “AI twin,” …but something closer to the philosophical weight of Johnny Silverhand in Cyberpunk 2077 — a twin not of style, but of intent, influence, and interaction. > Provenance doesn’t create a soul — > But it creates the only honest echo we’ll have. > And that’s why it must be treated not as sacred, but with uncompromising accountability. This is not surveillance. It’s stewardship. Not data mining. Memory shaping. And in a world increasingly governed by synthetic media, provenance is resistance. #### The Core Safeguards **Provenance data always belongs to the actor who generated it.** Not the platform. Not the publisher. Not the audience. **The signer. The self.** > Entity license ≠ provenance license. > The artifact may be public. It may even be commercial. > But the provenance is something else — a trace of intent, a shard of identity. By default, `.prov.json` records follow the Provactive Ethos: - Provenance is not meant to be sold. - It should not be mined, aggregated, or profiled without clear, affirmative consent. - It must not be detached from the human (or human-bound agent) who signed it. - Co-created provenance requires shared consent for any public release or downstream use. But — and this is critical: > It’s yours. You can commercialize your provenance. You can gift it, license it, lock it away, or delete it. **Agency stays with the creator. Always.** But if you co-create? Then every actor involved must agree. Integrity is shared. Consent is collective. **Prov(oc)a(c)tive question:** > What if your provenance — > your signed intent, your cognitive fingerprint — > could be bought, owned, and used… > not just today, but forever? Not a tribute. Not a legacy. But a **live-use license** for your mind — **repurposed** for things you'd never choose. Would you still call it yours? Because yes — provenance is yours to sell. But ask yourself: > Should I? Selling provenance isn’t like selling a product. It’s selling the record of how you think. It’s not the prostitution of body — It’s the **commodification of the mind.** Of intent. Of identity. This framework won’t forbid it. It won’t shame you. It respects your sovereignty. But it asks you to consider: > Is influence worth the cost of integrity? > Is permanence worth the loss of control? You can give your signature away. But you can’t always take it back. #### Death and Stewardship When a creator dies, the treatment of their provenance data — not the artifact, but the signed record of how it came to be — must follow their intent. This framework treats provenance not as intellectual property, but as intention-as-provenance property, a form of personal memory architecture. As such, it requires a posthumous ethic. ##### Core Defaults - All commercial rights to the provenance record are revoked upon verified death — unless explicitly licensed beforehand. - Stewardship transfers to a values-aligned nonprofit or collective — selected by the originator or by default from a trusted registry. - The steward’s sole role is to preserve, not profit. - An anonimity clause may be honored: If the creator opted in, all .prov.json records and lineage logs are permanently anonymized on verified death. - A purge clause may be honored: If the creator opted in, all .prov.json records and lineage logs are permanently deleted on verified death. > No exploitation. > No resurrection without consent. #### Implementation Recommendations - Creators are encouraged to store provenance locally — desktop, hard drive, encrypted vault - Provactive will support **distributed or private registries** - Companion project — codename `Sigil` — will develop hardware-level provenance guards: a cryptographic vault not just for files, but for the creative soul This model doesn't cling to identity. It honors the lineage. > **Provenance after death is not legacy marketing.** > It’s memory, held with care — or deleted with dignity. --- ### The Role of Stewardship Vaults & The Glimmer of a Brightnet Just as we have **seed banks** to preserve biological diversity, this model anticipates the need for **provenance vaults** — archival sanctuaries for the cognitive heritage of human creativity. - These are **nonprofit-run custodial nodes**, not platforms. - They store **immutable creative intent**, not marketable assets. - They may support **anonymity by default** — only the trail, not the name, needs to endure. This ensures that future generations inherit **paths**, not personas. > They don’t need to know *who* you were. > But they should have the right to learn **how you create**. #### A Vision That Emerged While Reviewing Stewardship Vaults Section While reviewing this framework — deeply, and with intent — an unexpected story emerged: If we consider the internet as a kind of **digital purgatory**, and the darknet a constructed **cyber-hell** — a space of concealment, black markets, and predation — then **provenance**, at scale, may call for a third domain entirely: **A Brightnet.** - Not built to hide. - Not built to profit. - Built to elevate — to carry intent across time. A parallel cyberspace, built not on identity, but on verifiable creative intent. A space where: - Memory isn’t reputation — it’s structure - Authorship isn’t guessed — it’s signed - Integrity isn’t performance — it’s protocol > Not a social network. > A civic infrastructure for traceable creation — and accountable imagination. It sounds mythic. But it’s also architectural. A space where provenance isn’t just stored — it **lives.** Where the **trust signals** of this framework aren’t buried in metadata, but surface as **structural primitives of a new internet layer.** > If the darknet was born from hiding… > Then the Brightnet would be born from **accountable presence.** #### Let’s Be Honest: That Power Cuts Both Ways This is **not** utopian tech-speak. The same tools that could **preserve authorship and protect creative credit…** …could also be used to **enforce dogma, mine behavior, or polish exploitation** as legitimacy. That’s why: - Intent must be signed - Custodianship must be earned - And provenance must remain opt-in, not extracted Because in the hands of a narcissist, a manipulative regime, or a charismatic grifter… Even a Brightnet could be reverse-engineered into a gold-plated surveillance trap. > Not elevation, but exploitation > Wrapped in protocol, sealed with a signature That is the paradox: > The more powerful the architecture of trust, > the more dangerous it becomes when belief is weaponized. And yet — hiding it is not safety. Pretending it doesn’t exist won’t prevent its misuse. The only honest act… is to **sign it with provenance first.** This is not a launch plan. This is a **glimmer — a map fragment** — a structural ghost of what may come next. Not a product. But maybe, someday, a **place.** --- ### From Belief to Embodiment What you are reading is not just a framework. It’s a decision — to stop treating accountability as performance and start treating it as infrastructure. Yes, this is a story I hold in my head. A belief that this could be the architecture the digital world has been longing for. But unlike beliefs trapped in manifestos or academic papers, this one doesn’t ask for permission. It asks to be run. Instead of waiting for culture to shift, we encode the shift. We write the contract. We sign the file. We trace the trail. This isn’t just idealism — it’s executable, transparent trust. Because when stories are implemented as systems, they stop being beliefs and start becoming reality. #### Flywheel Effect: Why This Matters Once `.prov/` and `provit` (Provactive CLI) become part of everyday creation: 1. **Creators sign their work** using tools they already use 2. **Artifacts become traceable** across the internet 3. **Platforms verify by default**, adding trust signals 4. **Audiences prefer signed content** — traceable beats anonymous 5. **Provenance becomes culture** — not just a format > Immutable provenance becomes the new gravity of digital space. This isn’t just about digital integrity — it’s about **fixing memory**. - A fix for the flawed recall of individuals - A fix for the revisionist drift of belief systems - A fix for the fragility of centralized databases - A fix for brittle ledgers that log transactions, but not **meaning** **Provenance is a memory system with intent baked in.** Not just what happened — but why it was made, by whom, with what influence, and under what context. > It’s a timestamped ledger of creative becoming. This is the evolution we — or at least I, and those who choose to co-create — hoped for from the digital world. > Not just frictionless sharing or infinite remixability. > But a space where creative freedom isn’t mined and exploited, > …it’s owned, honored, and paired with extreme accountability. A world where what you make is yours, but what it moves is your responsibility. Where inspiration is free — but influence leaves a trail. This isn’t constraint. It’s craft. It’s agency — with a ledger. And it’s the only kind of freedom that survives scale. But we must be honest: any system this powerful will be tested. * There will be attempts to dilute its meaning * Malicious actors will try to spoof, disrupt, or discredit it * Public scale will attract scrutiny, complexity, and pressure And yet — that is the point. This framework is not just a tool. It’s a **litmus test for humanity**: A species with one leg in the carbon world, and one in the silicon one. The internet already gave us freedom. Now, as the lines blur between worlds, this is the time to embrace **radical accountability**. **Because freedom without accountability isn’t freedom. It’s fragility.** And if we zoom out even further: Humanity itself is nothing more than a long act of signal coherence — a chain of creative becoming, shaped by stories, tools, tension, and trust. History feels recursive not because time is circular, but because our systems lack lineage deep enough to trace influence at its root. So we invent myths. We fill in the blanks with narrative. We draw conclusions from absence — and they become consequential. This is what Provactive attempts to repair. Not just for files. Not just for facts. But for the very memory architecture of civilization. A bottom-up, self-sovereign scaffolding — For creators. For movements. For meaning. Because when the signal is clear, and the chain is intact, creation doesn’t just happen — it endures. --- ### Provenance ≠ Performance This isn’t a call to track everything. It’s not meant to trap you in self-surveillance or obsessive documentation. If you’re tracking everything just to track, you’re already lost. But if you’re crafting something meant to touch others, meant to move or shape or teach — then yes, you are accountable. Not retroactively. Now. You don’t need to rewind your whole mind. You just need to grasp the true moment of becoming — what tools shaped you, what voices echoed, and what you chose to carry forward. > Provenance brings **immutability to becoming** — not to freeze the self, > but to **witness it honestly.** ### The Real Risk — and the Real Hope Yes, there’s a risk here. If provenance is adopted superficially — used as performance, as marketing veneer, deployed without intent or twisted for control — then this effort will be consumed by the same belief system it was built to question. > Exploitation without accountability is the current norm. > Elevation with responsibility is a new proposition — and one that will face resistance. But: > Even if it fails in this moment, it leaves a trace. > And a trace is enough — for now. It becomes a **seed**. A counter-signal. Proof that someone, somewhere, tried to encode integrity into the system — not just optimize for attention. ### The Civilizational Opportunity Right now, we are obsessed with origins. We build stories on scraps. We retroactively reconstruct history and myth from fragmented records, hoping to find coherence. But what if we did the opposite? > What if we started **capturing provenance not for ourselves — but for those who come next?** What if we created a **trustworthy digital lineage** of what shaped us? What if future civilizations didn’t have to guess who we were — because we left the provenance, the reasons, and the trails? This framework is not just for today’s creators. It’s an **invitation to become ancestors on purpose.** > To move beyond performance > And choose traceable elevation > Instead of untraceable exploitation ### Closing Note We’re told the digital world makes us less human. But what if it’s the first realm where **our creative integrity can finally be remembered** — without myth, without marketing, without masks? Not to control who we are. But to **honor who we tried to be**. --- --- --- ## One Last Note — From Me to You If you’ve made it this far — wherever you come from, whatever your context — **Thank you. Truly.** This wasn’t built to go viral. It was built to hold intent. And my intent, as its originator, is honest. But if you come from a world built on exploitation, I know exactly what might happen next: You’ll start mapping how to **leverage** this. To wrap it in authority. To platformize it. To align it with “growth.” To twist this protocol of **traceable care** into a system of **performative control.** My request? **Don’t.** And know this: I don’t blame you. You were shaped by a system you didn’t build. Programmed by a provenance you never got to understand — or perhaps had to rewrite just to survive in it. I see that. Truly. But if any part of you feels a genuine resistance to extracting this for power — **Honor that.** Because this framework wasn’t made to be weaponized. It was made to protect what matters. Unless what you’re building is aligned with the Provactive License — Meant to **elevate**, not mine. Meant to **preserve**, not perform — Then please resist the urge to twist it. If you feel the strange weight of this — a seriousness that doesn’t feel like a trend, a whisper of something deeper, maybe even sacred — **Welcome.** You’re not being manipulated. You’re being mirrored. This is not a blueprint for domination. It’s a seed for discernment. Take it with care. Or leave it with dignity. But **don’t hollow it out** just to win a game that was never worth playing. And if you’re reading this under orders from above — if you’re the analyst, the strategist, the dev handed a link and told to “figure it out” — but something in you resists, something feels off about bending this toward extraction... **Listen to that voice.** You don’t owe the chain of command your integrity. You owe it to yourself. Because if this framework feels like more than a doc — if it carries that strange seriousness, that movie-scene weight, that mix of sci-fi and something real... **Welcome to the club.** I felt it too. Not because I ran it past VCs or institutional validators. But because I shared it — in simpler words, as a story — with the few people I trust. Not experts, but grounded ones. Not serving the system, but surviving inside it — with hearts still intact. And all I can pledge is this: **I will do everything I can to defend this creation from exploitation.** Because this wasn’t made for control. It was made for **elevation.** A seed of human craft, rooted in memory, growing toward a future of ultimate freedom, anchored by radical accountability. --- **This is yours now too.** What you do with it — that’s the part I can’t write. And whether you want it or not, the moment you finish reading these words... **the influence seed is already there.** Quiet. Persistent. Waiting. Not to control you. But to remind you. Of what creation could mean — when it’s done with care. When it’s done with courage. When it’s done with **receipts.** — Yours, Authentically & Integrally Honest, Corvagnorius & Sigil