Token-based Intent, Behavior, Evidence & Trust - Cryptographic provenance for trustworthy systems
Project description
tibet-core
The Linux of AI Provenance
Cryptographic provenance for trustworthy systems. Zero dependencies. Audit-ready.
From microcontrollers to cloud servers — every action gets an immutable, verifiable token.
What is TIBET?
Token-based Intent, Behavior, Evidence & Trust
TIBET captures the four dimensions of every action:
| Dimension | Dutch | Meaning |
|---|---|---|
| ERIN | "Er in" | What's IN the action (content, data) |
| ERAAN | "Er aan" | What's attached (dependencies, references) |
| EROMHEEN | "Er omheen" | Context around it (environment, state) |
| ERACHTER | "Er achter" | Intent behind it (why this action) |
Installation
Python (PyPI)
pip install tibet-core
JavaScript/Node.js (npm) — Rust/WASM kernel
npm install tibet-core
Rust
[dependencies]
tibet-core = "0.1"
Quick Start
from tibet_core import Provider, FileStore
# Create provider with persistent storage
tibet = Provider(
actor="jis:humotica:my_app",
store=FileStore("./audit.jsonl")
)
# Record any action with full provenance
token = tibet.create(
action="user_login",
erin={"user_id": "alice", "method": "oauth"},
eraan=["jis:humotica:auth_service"],
eromheen={"ip": "192.168.1.1", "user_agent": "Mozilla/5.0"},
erachter="User authentication for dashboard access"
)
# Token is immutable (frozen dataclass)
assert token.verify()
print(token.content_hash) # SHA-256
# Export audit trail
audit = tibet.export(format="jsonl")
Context Manager
with Provider(actor="jis:my_app") as tibet:
tibet.create("init", erachter="Application startup")
tibet.create("config_load", erin={"env": "production"})
# __exit__ verifies all token integrity automatically
HMAC-SHA256 (Tamper-Evident)
tibet = Provider(actor="jis:my_app", hmac_key=b"your_secret_key")
token = tibet.create("sensitive_action", erin={"data": "classified"})
assert token.verify(b"your_secret_key") # True
assert token.verify(b"wrong_key") # False
assert token.verify() # False (key required)
Network Bridge
Connect network events to provenance. Every ping, heartbeat, and discovery becomes a Token.
from tibet_core import Provider, NetworkBridge
tibet = Provider(actor="jis:my_hub")
bridge = NetworkBridge(tibet)
# Record network events (works with tibet-ping PingPackets or plain dicts)
bridge.record_ping({"source_did": "jis:sensor:temp1", "target_did": "jis:hub", "ping_type": "heartbeat"})
bridge.record_discovery("jis:new_device", ("192.168.1.50", 7150), "accepted")
bridge.record_trust_change("jis:sensor:temp1", old_trust=0.5, new_trust=0.9, reason="Vouched by admin")
bridge.record_heartbeat("jis:sensor:temp1", addr=("192.168.1.50", 7150), status="healthy")
# All events are auto-chained into a provenance trail
Three-Zone Trust Model
| Zone | Score | Behavior |
|---|---|---|
| GROEN | >= 0.7 | Auto-accept |
| GEEL | 0.3 - 0.7 | Pending review |
| ROOD | < 0.3 | Silent drop |
Chain Tracing
Follow provenance chains to reconstruct full audit trails:
from tibet_core import Chain
chain = Chain(tibet.store)
# Trace backwards from any token
history = chain.trace(token.token_id)
for t in history:
print(f"{t.action}: {t.erachter}")
# Verify entire chain integrity
if chain.verify(token.token_id):
print("Audit trail intact")
# Get chain summary
summary = chain.summary(token.token_id)
print(f"Chain length: {summary['length']}")
print(f"Actors involved: {summary['actors']}")
Storage Backends
MemoryStore (default)
Fast, ephemeral. Good for testing and short sessions.
FileStore
Append-only JSONL. Thread-safe (fcntl locking). Audit-friendly.
from tibet_core import FileStore
store = FileStore("./audit.jsonl")
# Verify file integrity
result = store.verify_file()
if not result["integrity"]:
print(f"Corrupted tokens: {result['corrupted_ids']}")
# Rotate old tokens to archive
rotated = store.rotate(max_age_days=30)
print(f"Archived {rotated} tokens")
Regulatory Compliance
TIBET provides the audit foundation for:
| Standard | TIBET Support |
|---|---|
| EU CRA | Build provenance, SBOM accountability, audit chains |
| EU AI Act | Transparency, automated decision traceability |
| GDPR Art. 22 | Automated decision-making audit trails |
| NIS2 | Continuous logging, incident snapshots |
| ISO 5338 | AI lifecycle traceability |
| ISO 27001 | Information security audit trails |
| SOC 2 | Trust service criteria evidence |
| BIO2 | Government security baseline |
| OWASP | Security event provenance |
CRA enforcement starts September 2026. TIBET makes compliance architectural, not bolted-on.
Standards Alignment
IETF Standardization
TIBET and its companion protocols are being standardized at the IETF:
- draft-vandemeent-tibet-provenance — Traceable Intent-Based Event Tokens
- draft-vandemeent-jis-identity — JTel Identity Standard
- draft-vandemeent-upip-process-integrity — Universal Process Integrity Protocol
- draft-vandemeent-rvp-continuous-verification — Real-time Verification Protocol
- draft-vandemeent-ains-discovery — AInternet Name Service
W3C Alignment
- Verifiable Credentials 2.0 — Token structure compatible
- Decentralized Identifiers (DIDs) — Actor identification (jis: format)
- JSON-LD — Semantic context in EROMHEEN
6G Ready
- Designed for AI-native networks (ITU IMT-2030)
- Referenced in IETF 6G AI agent drafts
- Minimal footprint for edge devices
Ecosystem
tibet-core is the provenance kernel. It doesn't try to do everything — it does provenance and delegates the rest.
| Layer | Package | What it does |
|---|---|---|
| Identity | jis-core | Ed25519 keys, DID documents, bilateral consent |
| Provenance | tibet-core | TIBET tokens — ERIN/ERAAN/EROMHEEN/ERACHTER |
| Firewall | snaft | 22 immutable rules, OWASP 20/20, FIR/A trust |
| Network | ainternet | .aint domains, I-Poll messaging, agent discovery |
| CLI | tibet | tibet create, tibet verify, tibet chain |
| Compliance | tibet-audit | AI Act, NIS2, GDPR, CRA — 112+ checks |
| SBOM | tibet-sbom | Supply chain verification with provenance |
| Triage | tibet-triage | Airlock sandbox, UPIP reproducibility, flare rescue |
| Discovery | tibet-ping | LAN discovery, heartbeat, mesh relay, IoT transport |
| Overlay | tibet-overlay | Encrypted mesh, WireGuard+noise, tunnel routing |
| Timestamps | tibet-y2k38 | Y2K38-safe epoch handling |
┌───────────────────────────────────────────────────────────────┐
│ TIBET ECOSYSTEM │
├───────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ jis-core │ │ snaft │ │ ainternet │ │
│ │ (identity) │ │ (firewall) │ │ (network) │ │
│ └──────┬───────┘ └──────┬───────┘ └──────┬───────┘ │
│ │ │ │ │
│ └───────────┬───────┴───────────┬───────┘ │
│ ▼ │ │
│ ┌──────────────┐ │ │
│ │ tibet-core │◄───────────┘ │
│ │ (the kernel) │ │
│ │ Zero deps │ │
│ └──────┬───────┘ │
│ │ │
│ ┌─────────┬───────┼───────┬──────────┬──────────┐ │
│ ▼ ▼ ▼ ▼ ▼ ▼ │
│ tibet tibet- tibet- tibet- tibet- tibet- │
│ (CLI) audit sbom triage ping overlay │
│ (+ IoT) │
│ │
│ Runtimes: Python (PyPI) · Rust/WASM (npm) · C (embedded) │
└───────────────────────────────────────────────────────────────┘
Performance
TIBET adds minimal overhead:
| Operation | Time |
|---|---|
| Token creation | ~0.1ms |
| SHA-256 hash | ~0.05ms |
| HMAC-SHA256 | ~0.06ms |
| FileStore append (locked) | ~0.2ms |
| Chain trace (100 tokens) | ~1ms |
Philosophy
"Audit de basis voor elke actie, niet voor communicatie verkeer"
"Audit as foundation for every action, not just traffic"
TIBET doesn't watch the wire. It lives inside the action.
Traditional security monitors traffic. TIBET audits intent.
Whitepaper
DOI: 10.5281/zenodo.18712238 — Full specification of Traceable Intent-Based Event Tokens.
License
MIT OR Apache-2.0
Credits
Designed by Jasper van de Meent. Built by Jasper and Root AI as part of HumoticaOS.
TIBET was born from a simple observation: existing audit systems record WHAT happened, but never WHY.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tibet_core-0.3.1.tar.gz.
File metadata
- Download URL: tibet_core-0.3.1.tar.gz
- Upload date:
- Size: 14.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f72f3ab504f97b859ecbdd37a5ff8f44a63f193fae2b0fc7a0011c5ed6a1d646
|
|
| MD5 |
1b53347938fdc9a253b93d58870f8445
|
|
| BLAKE2b-256 |
03b65f35620ee220fa112b510ae9d94b52a13b651ef0a1ffb0f172b874af5314
|
File details
Details for the file tibet_core-0.3.1-py3-none-any.whl.
File metadata
- Download URL: tibet_core-0.3.1-py3-none-any.whl
- Upload date:
- Size: 17.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
49d2dd03b25ff7fd002a019e7772a8e6dd4299fdd033c7bb775c0b415003967f
|
|
| MD5 |
75a77c5dda6e911ad69ad5d3927f1c55
|
|
| BLAKE2b-256 |
e86c680d1f922f3e36f27c4272db85c38fd99a77a523450e02bdc263fbe89cae
|
