SEP / UECIID Protocol
Snowflake→base-62 entity IDs (SEP-{11 chars}). Cryptographically-unique, sortable, collision-free.
Inter-Community Peering
Three sharing modes: MIRROR_ONLY, REWRAP_ALLOWED, FULL_SYNC. HMAC-SHA256 handshake. Duplicate guard.
Knock-and-Verify Invitations
72-hour Redis-backed one-time invitation tokens. Invitee identity verified before member enrollment.
Reputation Engine
5-badge system: NEWCOMER → TRUSTED → CONTRIBUTOR → EXPERT → ELITE. Anonymised leaderboard (GDPR-safe).
Charter & Governance
Versioned community charters (DRAFT→ACTIVE→SUPERSEDED). Member acceptance tracking. Compliance scoring.
Behavioral Anomaly Detection
Z-score anomaly scoring. NORMAL/ELEVATED/CRITICAL thresholds. 30-day rolling baseline. SQLite event store.
OAuth Agent Discovery
14-provider OAuth catalog. Scope-based risk scoring. ALLOW/MONITOR/BLOCK verdicts. Redis-backed policy.
Community Intelligence Reports
Weighted risk score: 40% transfer rejection + 35% anomaly + 25% governance gap. SAFE→CRITICAL labels.
STIX 2.1 Tamper-Evident Audit
SHA-256 prev_hash chain per community. Genesis block. OASIS STIX JSONL export for SIEM ingestion.
AI Incident Register
STIX 2.1-linked AI incident journal. Severity: LOW/MEDIUM/HIGH/CRITICAL. Auto-log from filter BLOCK events. Status transitions: open→investigating→resolved→closed. Every incident appended to STIX audit chain.
Supplier AI Risk Assessment
5-criteria composite scoring: data access, AI capability, compliance posture, peering history, disclosure recency. Risk labels: LOW/MEDIUM/HIGH/CRITICAL. Derived from sep_transfers velocity — no external API calls.
Shared Prompt Library
UECIID provenance on every prompt. Injection screening via POST /filter before save. Versioning, community sharing via Causal Transfer Guard. 6 endpoints at /prompt-library/*.
Employee AI Training Records
HMAC-SHA256 attested completion records (VAULT_MASTER_KEY). Expiry tracking, compliance report. Behavioral anomaly hook on ai_training_completed. 5 endpoints at /training/*.
Agentic Commerce Protocols (UCP/AP2/MCP) integration
Secure AI-driven procurement with mandate controls, vendor validation, and BI analytics. UCP store discovery, AP2 signed spending mandates, MCP agent intent bridge, Vendor Governance integration, Cost Allocation recording, STIX audit chain per order.
Web3 On-Chain Mandates (Ethereum/Polygon)
SmartContract mandate deployment via eth_tester/Sepolia. IPFS metadata storage. Immutable on-chain audit trail for AI spending.
Multi-Agent Procurement Auction (Claude/Gemini/GPT)
Parallel vendor proposals from 3 AI providers. Supplier risk scoring. Winner selection by composite score.
Tax & Invoice Engine (VAT/GST/Sales Tax)
EU VAT OSS, US Sales Tax (50 states), UK VAT, SG GST, AU GST. PDF invoices via ReportLab stored in MinIO.
FIDO2 Passkeys for AP2 Mandate Signing
WebAuthn Passkey registration and authentication. Optional FIDO gate on mandate execution. Phishing-resistant.
shadow-warden-sdk Python Package
pip install shadow-warden-sdk. ShadowWardenClient + SecureAgent mixin. Any AI agent gets mandate controls in 3 lines.