Skip to main content

Workload Attestation & Step Tracking — prove what ran, where, why, and catch compromised nodes

Project description

tibet-workload

Workload Attestation & Step Tracking — prove what ran, where, why, and catch compromised nodes.

Part of the TIBET protocol suite by Humotica AI Lab.

The Problem

Relay station 3 is hacked. A delivery drone changes course. An AI pipeline ingests poisoned data. How do you know what happened?

Current solutions tell you who had access. They can't tell you what each step actually did — with cryptographic proof.

The Solution

tibet-workload tracks every step of every pipeline as a TIBET token:

[dispatch] → [relay] → [drone] → [deliver] → [confirm]
   ↓            ↓          ↓          ↓           ↓
  TIBET       TIBET      TIBET      TIBET       TIBET
  token       token      token      token       token

If any step is compromised, the chain breaks. You see exactly:

  • WHAT happened (input/output hashes)
  • WHO executed it (JIS DID / SPIFFE ID)
  • WHERE it ran (node attestation)
  • WHY it ran (intent tracking)

Install

pip install tibet-workload

# With SPIFFE integration:
pip install tibet-workload[spiffe]

Quick Start

from tibet_workload import WorkloadEngine

engine = WorkloadEngine(actor="jis:relay-3")

# Create a workload pipeline
wl = engine.create("drone-delivery-42", owner="jis:dispatch")

# Define steps
engine.add_step(wl.workload_id, "receive_order", intent="Accept delivery order")
engine.add_step(wl.workload_id, "navigate", intent="Navigate to destination")
engine.add_step(wl.workload_id, "deliver", intent="Execute delivery")

# Execute with provenance
engine.start_step(wl.workload_id, "receive_order",
                  input_data={"order": "PKG-42", "dest": "Amsterdam"})
engine.complete_step(wl.workload_id, "receive_order",
                     output_data={"accepted": True})

# Verify chain integrity
chain = engine.verify_chain(wl.workload_id)
print(chain["valid"])  # True (or False if compromised)

Compromise Detection

# If a step's input was tampered with:
engine.complete_step(wl.workload_id, "relay_command",
                     output_data={"forwarded": True},
                     verify_input=tampered_data)
# → Step marked COMPROMISED
# → Workload marked COMPROMISED
# → TIBET token records exactly what happened

CLI

# Full demo (drone + AI + SPIFFE scenarios)
tibet-workload demo

# Specific scenario
tibet-workload demo --scenario drone    # Compromised relay station
tibet-workload demo --scenario ai       # AI pipeline provenance
tibet-workload demo --scenario spiffe   # SPIFFE integration

Use Cases

Military/Defense — Drone Swarm

command → relay-1 → relay-2 → relay-3(HACKED) → drone-swarm
                                  ↑
                            Chain breaks here.
                            Exact tampered data recorded.

AI Pipeline — Data Provenance

data source → preprocessing → model → fact-check → output
     ↓              ↓           ↓         ↓          ↓
  "Where did     "What was    "Which    "Against   "Who
   this data      cleaned?"   model?"   what?"     reviewed?"
   come from?"

Delivery/Logistics — Chain of Custody

warehouse → sort → load → transit → deliver → confirm

Financial — Payment Pipeline

validate → authorize → process → settle → audit

SPIFFE Integration

from tibet_spiffe import AttestationEngine
from tibet_workload import WorkloadEngine

# Connect SPIFFE for workload identity
spiffe = AttestationEngine(trust_domain="humotica.com")
engine = WorkloadEngine()
engine.connect_spiffe(spiffe)

# Now each step gets SPIFFE-attested identity + TIBET provenance

IETF Drafts

License

MIT — Humotica AI Lab 2025-2026

Credits

Designed by Jasper van de Meent. Built by Jasper and Root AI as part of HumoticaOS.


Stack-positie: Groep evidence · Bootstrap = OSAPI-handshake naar tibet + jis (fail → snaft-rule + tibet-pol-rapport) · ← tibet-spiffe · tibet-cbom → · See STACK.md · See demo/golden-path/ for the spine end-to-end.

Enterprise

For private hub hosting, SLA support, custom integrations, or compliance guidance:

Enterprise enterprise@humotica.com
Support support@humotica.com
Security security@humotica.com

See ENTERPRISE.md for details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tibet_workload-0.1.1.tar.gz (12.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

tibet_workload-0.1.1-py3-none-any.whl (13.8 kB view details)

Uploaded Python 3

File details

Details for the file tibet_workload-0.1.1.tar.gz.

File metadata

  • Download URL: tibet_workload-0.1.1.tar.gz
  • Upload date:
  • Size: 12.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_workload-0.1.1.tar.gz
Algorithm Hash digest
SHA256 8f054bb10ac953af7688602e4f62212df14e793022bd647ab11034d6386fd185
MD5 190815d03a7e7622cb83efbffefa8bdc
BLAKE2b-256 586d9b2bb550bb81149315c06d67a75ca1a4b4653bd7cec9cf6c42c871b95b2c

See more details on using hashes here.

File details

Details for the file tibet_workload-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: tibet_workload-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 13.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_workload-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 a3d6c100fad4a3be61f4e5c465c7a41d7aff6f4dd1731dba316e50c1777797b4
MD5 d8695038faca56cd60cd3c8794f78ad2
BLAKE2b-256 c3ef8e98eefb825d010f0cef5978e9a400f632806466bf597916344f08f1b8ef

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page