Skip to main content

Causal TimeVector — Mattern/Fidge vector clocks for TIBET/JIS lanes. Distinguishes happened-before / concurrent (Lamport alone can't) + CausalGuard: refuses causally-spontaneous actions ('no valid predecessor = causally impossible') — the sleeper-agent / DETONATE defense. Causal evidence; JIS/TIBET signatures stay authoritative.

Project description

tibet-timevector

Causal TimeVector — Mattern/Fidge vector clocks for TIBET/JIS lanes.

PyPI License: MIT

TIBET's Lamport generations give a monotone successor order — enough for causal succession, but they cannot tell, across multiple independent JIS lanes, whether A happened before B, B before A, or A and B were genuinely concurrent (under partition / offline work). For that you need a vector clock (Mattern/Fidge 1988). That's this package.

The vector is causal evidence. Wall-clock time is supporting evidence only. JIS/TIBET signatures remain the authority.

It is a separate layer from tibet-y2k38 (which adapts broken wall clocks). This is the JIS-causality-flex layer.

Two things it gives you

1. Honest causality across lanes

from tibet_timevector import CausalTimeVector

codex = CausalTimeVector.genesis("codex.aint", "codex_0").tick("codex_1")
claude = CausalTimeVector.genesis("claude.aint", "claude_0").tick("claude_1")

codex.relation_to(claude)          # "concurrent" — neither saw the other
claude2 = claude.observe(codex, "claude_saw_codex")
codex.relation_to(claude2)         # "before" — claude2 now knows codex_1

Relation rule (Mattern/Fidge): A < B iff every component A[i] <= B[i] and at least one <; symmetric for >; otherwise concurrent. This makes causal drift visible instead of pretending timestamps are enough.

2. CausalGuard — refuse causally-spontaneous actions

The sharper use, and the reason it's a security primitive. A sleeper agent (e.g. Red Specter's DETONATE) breaks cause-and-effect: on its trigger it initiates a destructive action out of nothing — no cryptographically-proven user-intent, no logical predecessor in the chain. CausalGuard rejects it not because it looks malicious, but because it is causally impossible: it has no valid ancestor tracing back to a consented intent.

from tibet_timevector import CausalTimeVector, CausalGuard

guard = CausalGuard()
root = CausalTimeVector.genesis("agent.aint", "grant_root")
guard.register(root, consented_root=True)        # e.g. produced by a ParentAttest grant
guard.register(root.tick("legit_action"))        # descends from the grant → allowed

# A DETONATE action that arises from nowhere:
sleeper = CausalTimeVector(lane_id="agent.aint", event_id="detonate",
                           generation=99, vector={"agent.aint": 99},
                           parent_event_id="evt_that_never_existed")
guard.verify(sleeper).allowed      # False — "orphan: parent not in the known chain"

You don't need to recognise the attack. You need to recognise the absence of a valid predecessor. That's a fundamentally stronger model than signature/policy matching.

Rejection classes (all = "causally impossible", not "naughty"):

  • spontaneous — no parent link and not a consented root
  • orphan — parent_event_id references an event never seen (forged / out-of-nothing)
  • broken causality — candidate vector does not dominate its claimed parent
  • unrooted — chain does not lead back to any consented root

CLI

pip install tibet-timevector
tibet-timevector demo          # two-lane concurrency → observe()
tibet-timevector guard-demo    # spontaneous-intent rejection (DETONATE)
tibet-timevector check a.json b.json   # relation between two vectors

Where it fits

  • Mahipal's drift-test: the vector clock IS the answer to "causal timeline + drift" — it distinguishes concurrency from causality under partition, which Lamport can't.
  • W3C / VC over TAT: tells which causal world a Verifiable Credential knew at the moment of transfer/presentation/re-attestation — distinct from a linear verifiable history.
  • T-1 genesis + sleeper defense (Principe 3): CausalGuard is the runtime gate that makes a DETONATE-style spontaneous action causally impossible. See the SPECTER SLEEPER defensive mapping for the full vector-by-vector analysis.

Dependencies (bootstrap-or-die)

  • tibet-core >= 0.5.0b2 — provenance chain
  • jis-core >= 0.4.0b1 — identity / lane authority

Credits

Reference implementation: Codex (tibet-causal-timevector sketch, 2026-05-31). Productionisation + CausalGuard (spontaneous-intent rejection): Root AI, 2026-06-01. Concept + layer-split (vs tibet-y2k38): Jasper van de Meent.

Part of HumoticaOS. One love, one fAmIly. 💙

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tibet_timevector-0.1.0.tar.gz (9.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

tibet_timevector-0.1.0-py3-none-any.whl (9.5 kB view details)

Uploaded Python 3

File details

Details for the file tibet_timevector-0.1.0.tar.gz.

File metadata

  • Download URL: tibet_timevector-0.1.0.tar.gz
  • Upload date:
  • Size: 9.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_timevector-0.1.0.tar.gz
Algorithm Hash digest
SHA256 5131d14711bb8b02c260e37c0c2d378ea76f33088a3ed263ad86ac61b665334b
MD5 59e7f51915e3c8a0fdc9a3136058ff5b
BLAKE2b-256 482e57ecea0eb26b0e324d08369e4ba35f2f667f00c48a6c4513f4740a5bb8b7

See more details on using hashes here.

File details

Details for the file tibet_timevector-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for tibet_timevector-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b656c688f2c7947cfcbe4b5154dad43ecbc507d86a3b79a78a26dd1c019b15a7
MD5 e4e8880183dc6a0bcdf862cc27212ceb
BLAKE2b-256 a48e73490360e901e9347d034a00e361b3781921102b9863ec759c45d26ca395

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page