ODIN OPE – Open Proof Envelope

Robust, lightweight primitives for verifiable payload exchange across AI agents, services, and humans. A minimal, deterministic container + signing scheme for provable JSON state hand‑offs.

It gives you a tamper‑evident, portable, and tool‑friendly way to prove exactly what JSON was processed or exchanged—ideal for audit trails, agent hand‑offs, chain‑of‑thought checkpoints, compliance artifacts, or marketplace receipts.

What Is OPE?

A deterministic envelope format + signature recipe:

  1. Canonicalize a JSON payload (stable key ordering & encoding)
  2. Compute a CID: sha256:<hex> of canonical bytes
  3. Assemble envelope metadata: payload_type, target_type, trace_id, ts
  4. Sign compact string: "{cid}|{trace_id}|{ts}" using Ed25519
  5. Distribute envelope; receivers verify & derive fine‑grained failure reasons

Example Envelope (JSON)

{
  "version": 1,
  "payload_type": "agent_step",
  "target_type": "llm_call",
  "trace_id": "trc_f91a2b3",
  "ts": 1735248512456,
  "cid": "sha256:0f7c9d0c9b6c8c3db9d8adbd3e4d6ad1c2f6ef...",
  "sig_alg": "ed25519",
  "sig": "ih0W5QxtYkz+9v0u1Pj...base64...",
  "payload": {
    "model": "gpt-4o-mini",
    "input_tokens": 142,
    "output_tokens": 318,
    "cost_usd": 0.0021,
    "prompt_hash": "sha256:ab81..."
  }
}

Everything outside payload is deterministic & signed; payload itself is canonicalized before CID.

Tamper Evident

Any byte change breaks CID or signature—detect drift instantly.

Composable

Bundle envelopes (chains, batches) while preserving individual provenance.

Tool Friendly

Plain JSON + widely available Ed25519 libs; easy to inspect & diff.

Verification Flow

  • Re‑canonicalize payload → recompute CID
  • Compare to envelope cid
  • Rebuild signing string "{cid}|{trace_id}|{ts}"
  • Verify Ed25519 signature vs expected public key
  • Validate freshness / trace lineage (optional)

Failure surfaces structured reason codes (cid_mismatch, signature_invalid, stale_timestamp, etc.).

Pseudo‑Code (Verify)

canon = canonical_json(envelope.payload)
if sha256(canon) != envelope.cid_hash: fail("cid_mismatch")
msg = f"{envelope.cid}|{envelope.trace_id}|{envelope.ts}"
if !ed25519_verify(pubkey, msg, envelope.sig): fail("signature_invalid")
if envelope.ts < now()-MAX_AGE: warn("stale_timestamp")
return OK

Deterministic steps keep independent verifiers aligned.

Roadmap Highlights

  • CLI pack / verify / bundle
  • Language SDKs (Python, TS, Go)
  • Envelope chain integrity proofs
  • Optional compression layer
  • Trace lineage graph export
  • Hash-based selective redaction