| Internet-Draft | PoP Protocol | February 2026 |
| Condrey | Expires 20 August 2026 | [Page] |
This document specifies the Proof of Process (PoP) Evidence Framework, a specialized profile of Remote Attestation Procedures (RATS) designed to validate the provenance of effort in digital authorship. Unlike traditional provenance, which tracks file custody, PoP attests to the continuous physical process of creation.¶
The protocol defines a cryptographic mechanism for generating Evidence Packets utilizing a composite Sequential Work Function (SWF) to enforce temporal monotonicity and Cross-Domain Constraint Entanglement (CDCE) to bind behavioral entropy (human jitter) and physical state to the document. Technical specifications for wire formats, sequential work functions, and hardware-anchored trust are provided.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 20 August 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The rapid proliferation of generative artificial intelligence has created an authenticity crisis in digital discourse. While traditional provenance tracks the "custody of pixels," it fails to attest to the human-driven process of creation. This document specifies the Proof of Process (PoP) protocol, which extends the RATS architecture [RFC9334] to validate the "provenance of effort."¶
Unlike traditional attestation which captures static system state, PoP attests to a continuous physical process. It introduces Proof of Biological Space-Time (PoBST) to enforce temporal monotonicity and Cross-Domain Constraint Entanglement (CDCE) to bind behavioral entropy (human jitter) and physical state (thermodynamics) to the document's evolution.¶
By entangling content hashes with these physical constraints, this protocol enables an Attester to generate an Evidence Packet (.pop) that imposes quantifiable cost on forgery of authorship claims, preserving privacy by design without disclosing document content.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This section defines the PoP system model in terms of the RATS architecture [RFC9334] and identifies where PoP diverges from standard remote attestation assumptions.¶
PoP maps to RATS entity roles as follows:¶
PoP implements a specialized RATS profile with a critical trust inversion: in traditional remote attestation, the Attester is a device whose owner (Relying Party) wants assurance about its state. The adversary is typically external -- malware, network attackers, or supply chain threats.¶
In PoP, the Attester is operated by the author, and the Relying Party (publisher, reader) has no privileged access to the authoring environment. The primary adversary is the Attester operator themselves. This fundamental inversion shapes the entire security model:¶
Despite this inversion, PoP maintains compatibility with RATS message flows and data formats, enabling integration with existing RATS infrastructure where appropriate.¶
This section defines the adversary model following the methodology of [RFC3552] and incorporating insights from RATS security analysis [Sardar-RATS]. The threat model assumes a Dolev-Yao style adversary [Dolev-Yao] with domain-specific constraints.¶
The PRIMARY threat in PoP is an adversarial Attester -- an author who controls the Attesting Environment and seeks to generate Evidence for content they did not authentically author. This inverts the standard RATS trust assumption where the Attester is trusted to report honestly.¶
The adversarial Attester has the following capabilities:¶
The adversary is constrained by:¶
PoP provides the following authentication properties, defined in terms of adversary advantage:¶
The following attacks are in scope for PoP defenses:¶
The canonical forgery attack against PoP: an adversary generates content using AI or other assistance, then retypes the pre-existing content while collecting "authentic" behavioral telemetry. This attack exploits the gap between typing existing text and composing original text.¶
PoP defends against retype attacks through:¶
Retype attacks remain economically viable for short documents. The forgery cost scales with document length and checkpoint frequency, providing graduated assurance rather than binary security.¶
Attempting to reuse previously valid Evidence for new claims. Defeated by Physical Freshness anchors that bind Evidence to non-reproducible physical state (thermal trajectories, kernel entropy samples).¶
Forwarding challenges or Evidence between a legitimate author and an adversary's session. In PoP, this manifests as claiming credit for another author's work. Defeated by hardware-bound signing (T3/T4) and out-of-band presence challenges that verify physical proximity.¶
Using specialized hardware to compute SWF proofs faster than consumer hardware. Mitigated by Argon2id's memory-hardness (computation bounded by memory bandwidth, not ALU throughput) and Hardware-Anchored Time in T3/T4 tiers.¶
Presenting a virtualized or modified Attesting Environment as genuine. In T1/T2 tiers, this is possible and Evidence should be weighted accordingly. T3/T4 tiers require hardware attestation that is difficult to spoof without physical access to the Secure Element.¶
An adversary redirects Evidence intended for one Verifier to a different Verifier or Relying Party context. PoP Evidence Packets do not inherently bind to a specific Verifier identity. When conveyed over TLS, implementations SHOULD use Exported Keying Material [RFC9266] to bind Evidence to the transport session. For offline verification, Relying Parties MUST evaluate Evidence provenance through out-of-band channels.¶
The following threats are explicitly out of scope:¶
Building on the threat model defined above, PoP operates on five primary constraints:¶
The Proof of Process (PoP) framework follows the RATS architecture while introducing domain-specific extensions for physical process attestation.¶
The Attesting Environment (AE) MUST implement the following formal state machine:¶
PoP Evidence packets are classified by the depth of behavioral and forensic data collected:¶
The attestation tier system maps to established assurance frameworks including NIST SP 800-63B Authenticator Assurance Levels (AAL), ISO/IEC 29115 Levels of Assurance (LoA), and Entity Attestation Token (EAT) security levels as defined in [RFC9711].¶
T2 extends T1 with optional hardware attestation hooks. The AE attempts to use platform security features (Keychain, DeviceCheck) but degrades gracefully. Maps to AAL2.¶
Requires TPM 2.0 or platform Secure Enclave key binding. Evidence generation MUST fail if hardware is unavailable. Maps to AAL3.¶
Discrete TPM + PUF binding + Enclave execution. Anti-tamper evidence required. Exceeds AAL3 requirements; maps to ISO/IEC 29115 LoA4.¶
The PoP specification defines three implementation profiles that establish Mandatory-to-Implement (MTI) requirements for interoperability.¶
| Feature ID | Feature Name | CORE | ENHANCED | MAXIMUM |
|---|---|---|---|---|
| 1 | swf-argon2id-sha256 | M | M | M |
| 2 | content-binding | M | M | M |
| 4 | checkpoint-chain | M | M | M |
| 50 | behavioral-entropy | O | M | M |
| 105 | hardware-attestation | O | O | M |
A conforming Attester MUST implement at least the CORE profile. A conforming Verifier MUST be capable of validating all three profiles. Verifiers encountering unknown fields MUST ignore them and proceed with validation of known fields.¶
Evidence Packets are CBOR-encoded [RFC8949] and identified by semantic tag 1347571280. The CDDL notation [RFC8610] is used to define the wire format.¶
; Primary structures
evidence-packet = {
1 => uint, ; version (MUST be 1)
2 => tstr, ; profile-uri
3 => uuid, ; packet-id
4 => pop-timestamp, ; created
5 => document-ref, ; document
6 => [+ checkpoint], ; checkpoints
? 7 => attestation-tier, ; T1-T4
? 8 => [* tstr], ; limitations
? 9 => profile-declaration, ; profile
? 10 => [+ presence-challenge], ; QR/OOB proofs
? 18 => physical-liveness, ; CDCE markers
}
checkpoint = {
1 => uint, ; sequence (monotonic)
2 => uuid, ; checkpoint-id
3 => pop-timestamp, ; timestamp (local)
4 => hash-value, ; content-hash
5 => uint, ; char-count
6 => edit-delta, ; delta
7 => hash-value, ; prev-hash
8 => hash-value, ; checkpoint-hash
9 => process-proof, ; SWF proof
10 => jitter-binding, ; behavioral-entropy
11 => physical-state, ; CDCE Weave
12 => bstr .size 32, ; entangled-mac
}
document-ref = {
1 => hash-value, ; content-hash
? 2 => tstr, ; filename
3 => uint, ; byte-length
4 => uint, ; char-count
? 5 => hash-salt-mode, ; salting mode
? 6 => bstr, ; salt-commitment
}
process-proof = {
1 => proof-algorithm, ; algorithm id
2 => proof-params, ; SWF params
3 => bstr, ; input (seed)
4 => bstr, ; output (root)
5 => [+ merkle-proof], ; sampled proofs
6 => float32, ; claimed-duration
}
; Subsidiary type definitions
attestation-tier = &(
software-only: 1,
attested-software: 2,
hardware-bound: 3,
hardware-hardened: 4,
)
proof-algorithm = &(
sha256-chain: 1,
pobst-argon2id: 20,
)
hash-salt-mode = &(
unsalted: 0,
author-salted: 1,
)
proof-params = {
1 => uint, ; time-cost (t)
2 => uint, ; memory-cost (m, KiB)
3 => uint, ; parallelism (p)
4 => uint, ; iterations
}
jitter-binding = {
1 => [+ float32], ; intervals (ms)
2 => float32, ; entropy-estimate (bits)
3 => bstr .size 32, ; jitter-seal (HMAC)
}
merkle-proof = {
1 => uint, ; leaf-index
2 => [+ bstr .size 32], ; sibling-path
3 => bstr .size 32, ; leaf-value
}
edit-delta = {
1 => int, ; chars-added
2 => int, ; chars-deleted
3 => uint, ; op-count
? 4 => [* edit-position], ; positions
}
edit-position = [
uint, ; offset
int, ; change (+/-)
]
physical-state = {
1 => [+ float32], ; thermal (relative)
2 => uint, ; entropy-delta
? 3 => bstr .size 32, ; kernel-commitment
}
physical-liveness = {
1 => [+ thermal-sample], ; thermal trajectory
2 => bstr .size 32, ; entropy-anchor
}
thermal-sample = [
pop-timestamp, ; sample time
float32, ; temperature delta
]
presence-challenge = {
1 => bstr, ; challenge-nonce
2 => bstr, ; device-signature
3 => pop-timestamp, ; response-time
}
profile-declaration = {
1 => tstr, ; profile-id
2 => [+ uint], ; feature-flags
}
; Base types
uuid = bstr .size 16
pop-timestamp = #6.1(number)
hash-value = {
1 => hash-algorithm,
2 => bstr,
}
hash-algorithm = &(
sha256: 1,
sha384: 2,
sha512: 3,
)
¶
The checkpoint-hash field MUST be computed as follows:¶
checkpoint-hash = SHA-256(
prev-hash ||
content-hash ||
CBOR-encode(edit-delta) ||
CBOR-encode(jitter-binding) ||
CBOR-encode(physical-state) ||
process-proof.output
)
¶
Where || denotes concatenation and CBOR-encode produces deterministic CBOR per Section 4.2 of [RFC8949].¶
PoP uses a composite Sequential Work Function (SWF) combining Argon2id [RFC9106] for memory-hardness with iterated SHA-256 for sequential ordering. This construction is NOT a Verifiable Delay Function in the formal sense [Boneh2018]; it does not provide efficient public verification of the delay claim from the output alone.¶
Instead, verification relies on Merkle-sampled audit proofs: the Attester commits to a Merkle tree over intermediate states, and the Verifier checks a random subset of state transitions. This provides probabilistic verification in O(k * log n) time where k is the sample count and n is the iteration count.¶
The SWF is computed as follows:¶
state_0 = Argon2id(seed, salt=seed, t=1, m=65536, p=1, len=32)
for i in 1..iterations:
state_i = SHA-256(state_{i-1})
output = state_iterations
¶
The salt for Argon2id MUST be set equal to the seed value to ensure deterministic output. Implementations MUST NOT use a random salt.¶
The Verifier MUST:¶
A minimum of 20 sampled proofs is REQUIRED for CORE profile. ENHANCED profile requires 50 proofs. MAXIMUM profile requires 100 proofs.¶
An adversary who skips fraction f of iterations will be detected with probability 1-(1-f)^k where k is the number of sampled proofs. With k=20 and f=0.1, detection probability exceeds 0.878. With k=100 and f=0.05, detection probability exceeds 0.994.¶
In T3/T4 tiers, the AE MUST anchor the SWF seed to the TPM Monotonic Counter. This prevents "SWF Speed-up" attacks by ensuring that the temporal proof is bound to the hardware's internal perception of time.¶
This document requests the following IANA registrations:¶
This document uses SMI PEN 65074, which has been requested from IANA for WritersLogic Inc. Registration is pending confirmation.¶
Registration of the EAT profile URI: urn:ietf:params:rats:eat:profile:pop:1.0¶
Requests registration of:¶
This section provides security analysis following [RFC3552] guidelines. The threat model is defined in Section 4 with the adversarial Attester as the primary threat actor. Detailed forensic security analysis is provided in [PoP-Appraisal].¶
Unlike traditional remote attestation where external adversaries threaten system integrity, PoP's primary threat is the Attester operator themselves. The author controls the Attesting Environment and has incentive to claim authenticity for AI-generated or assisted content.¶
This threat model inversion has fundamental implications:¶
The retype attack (see Section 4.3.1) is the canonical forgery vector. Defenses are layered:¶
Relying Parties MUST understand that retype attacks remain viable for short documents or high-value targets willing to invest real time. PoP provides graduated assurance proportional to document length and checkpoint density.¶
As defined in Section 4.3.2 and Section 4.3.3, these attacks are defeated through Physical Freshness anchors binding Evidence to non-reproducible physical state:¶
Verifiers MUST reject Evidence where physical freshness markers are stale, inconsistent with timestamps, or exhibit patterns suggesting simulation.¶
As analyzed in Section 4.3.4, specialized hardware attacks are mitigated by:¶
Relying Parties MUST interpret Evidence according to its Attestation Tier:¶
Implementations SHOULD report quantified forgery cost estimates in WAR Results. For CORE profile (10,000 iterations, m=65536 KiB):¶
For ENHANCED profile, adversary must additionally satisfy behavioral constraints (CV > 0.15, semantic correlation r > 0.3, error topology matching). These constraints are conjunctive per checkpoint and scale superlinearly with checkpoint count due to session consistency requirements.¶
SWF verification is asymmetric: Merkle-sampled proofs verify in O(k * log n) versus O(n) generation. Verifiers cannot be overwhelmed by expensive verification requests. Implementations SHOULD implement rate limiting on Evidence submission.¶
Conforming implementations MUST:¶
T3/T4 implementations MUST additionally:¶
This section addresses privacy in accordance with [RFC6973].¶
PoP Evidence Packets MUST NOT contain document content. Content binding uses cryptographic hashes (SHA-256) which are computationally irreversible. The author-salted mode (hash-salt-mode=1) provides additional protection by preventing rainbow-table correlation across documents.¶
Jitter sequences in ENHANCED and MAXIMUM profiles constitute behavioral biometrics. Verifiers MUST NOT:¶
Attesters SHOULD quantize jitter values to reduce fingerprinting precision while preserving statistical validity. A minimum quantization of 5ms is RECOMMENDED.¶
Thermal trajectories and kernel entropy deltas in the physical-state field may reveal information about the Attester's hardware configuration. Implementations SHOULD normalize thermal data to relative deltas rather than absolute values to prevent device fingerprinting.¶
Authors who wish to remain pseudonymous SHOULD use per-document signing keys and the author-salted content binding mode to prevent cross-document linkage.¶
The following test vectors validate SWF implementations. The salt for Argon2id is set equal to the seed.¶
Seed: "witnessd-genesis-v1"
Seed (hex): 7769746e657373642d67656e657369732d7631
Salt: (same as seed)
Argon2id Parameters:
Time Cost (t): 1
Memory Cost (m): 65536 KiB
Parallelism (p): 1
Output Length: 32 bytes
Iterations: 10,000
Intermediate States:
state_0 (Argon2id):
80c61705757b131005819066fad7f251a0fee7016cdae38eb753409931d1b46a
state_1000:
a9aa3186ec6a3cdcc299735564f46ac42e31cacb463ced34d6d7e4086625dbe3
state_5000:
4264f594f871d61029fb413715b391977bc7bb40144fa8b6e89cb04a7de0d160
state_9999:
4ece1d5c51ca6b7a5da4827416535566fca98ea260fa00b2f93e10ee63b98498
state_10000 (final):
bf3883035ced837663ccc46a37d1e4fd4f324a5caeadbd17f9bf0c34004294dc
¶