{ "schema_version": "veridian-deployment-manifest-v1", "deployment": { "name": "Veridian Sovereign Showcase Agent", "operator": "OptimaX Solutions LLC", "category": "Runtime AI Governance Demonstration", "domain": "veridian.governedai.ai", "production_url": "https://veridian.governedai.ai/", "revision": "1.0.0", "issued": "2026-05-22T00:00:00Z", "operator_contact": "counsel@governedai.ai" }, "cryptographic_roots": { "agent_identity": { "purpose": "Signs session attestations binding ephemeral session keys to engagement contexts. The agent identity is the long-lived root of trust for the runtime agent.", "algorithm": "ECDSA-P256", "hash": "SHA-256", "public_key_url": "https://veridian.governedai.ai/.well-known/veridian-agent-key.jwk", "fingerprint_sha256": "a71efd8c109b77e578b1ec7472bb82e6af1cb21597dd6c5479f3c88e96ca5211", "private_key_custody": "OptimaX Vercel encrypted environment variables; future upgrade path to GCP Cloud KMS HSM-backed signing.", "rotation_policy": "Rotated per engagement cohort or annually, whichever comes first." }, "corpus_signing": { "purpose": "Signs the sealed reference corpus. The corpus signature provides tamper-evidence on the knowledge surface the agent operates against.", "algorithm": "ECDSA-P256", "hash": "SHA-256", "public_key_url": "https://veridian.governedai.ai/.well-known/veridian-corpus-key.jwk", "fingerprint_sha256": "3d2e99e27fe6951953ea7cae99743c71c20a938ea1ca6caf85f5709c6bf7072b", "private_key_custody": "Cold storage; offline workstation only; never present on production infrastructure.", "rotation_policy": "Rotated per corpus version release." }, "counsel_issuing": { "purpose": "Signs engagement access tokens (JWTs) that gate access to the agent. Each acquirer engagement receives a counsel-issued token under NDA.", "algorithm": "ECDSA-P256", "hash": "SHA-256", "public_key_url": "https://veridian.governedai.ai/.well-known/optimax-counsel-key.jwk", "fingerprint_sha256": "a69898ba22865b82183bb48e18392d80d30dd95dd168226412e0d796042a8fd6", "private_key_custody": "Corporate counsel secure workstation; offline ceremony for each token issuance.", "rotation_policy": "Rotated annually or upon counsel rotation." } }, "corpus": { "url": "https://veridian.governedai.ai/.well-known/veridian-corpus.json", "signature_url": "https://veridian.governedai.ai/.well-known/veridian-corpus.sig", "version": "1.0.0-2026-05-22", "entry_count": 40, "disclosure_scope": "Public-tier strategic and architectural narrative for the Veridian acquisition engagement. Implementation specifics, source code, algorithm parameters, and cryptographic primitives at the parameter level are explicitly excluded by the IP-protection discipline." }, "trust_model": { "summary": "The agent is deterministic by construction. Every response is composed from the signed corpus via keyword-based intent classification and template retrieval. There is no generative model in the demonstration loop. Every interaction emits a Replayable Decision Ledger entry signed by an ephemeral session key, with the session key authorized by an attestation signed by the agent identity root. The entire chain is verifiable offline against the published roots.", "verification_path": [ "Step 1: Fetch this manifest and verify it is served from veridian.governedai.ai over TLS.", "Step 2: Fetch the three public keys at the URLs above and fingerprint them independently.", "Step 3: Fetch the corpus and corpus signature, verify the signature against the corpus signing public key.", "Step 4: During a live session, observe that each ledger entry carries an attestation reference and a session signature.", "Step 5: Export the ledger and verify offline: each entry's session signature against the attested session public key, each attestation against the agent identity public key, each chain link against the prior entry's hash.", "Step 6: Optionally replay the ledger queries against the published corpus and confirm deterministic byte-identical reproduction." ] }, "canonicalization": { "scheme": "veridian-canonical-v1", "summary": "Deterministic JSON canonicalization rule used to produce the byte sequence over which the corpus signature, session attestation signature, and Replayable Decision Ledger entry signatures are computed. External verifiers must reproduce these rules to recompute signed bytes, or may use the canonical_form_for_verification field embedded in each signed artifact starting with bundle schema v1.1.", "rules": [ "Input is a JSON value (null, boolean, number, string, array, object).", "Strings serialize as JSON.stringify-equivalent: standard JSON escapes for \\\" \\\\ \\b \\f \\n \\r \\t and ASCII control characters; non-ASCII characters pass through as their UTF-8 byte sequence (ensure_ascii=False equivalent).", "Numbers serialize as their JSON form; no NaN; no Infinity; no negative zero.", "Booleans serialize as 'true' or 'false'. null serializes as 'null'.", "Arrays serialize as '[v1,v2,...]' preserving original element order, each element recursively canonicalized, comma-separated, no whitespace.", "Objects serialize as '{\"k1\":v1,\"k2\":v2,...}' with keys sorted lexicographically by Unicode code point, no whitespace, comma-separated.", "Output is the resulting JSON string. The signed bytes are the UTF-8 encoding of that string.", "For ledger entries, the canonical input is the entry with these envelope fields excluded: signature_hex, signature_algorithm, hash_algorithm, entry_hash, canonicalization, canonical_sha256, canonical_form_for_verification.", "For the entry hash: entry_hash = SHA-256(canonical_bytes || signature_hex_ascii_bytes), hex-encoded lowercase.", "For the corpus signature: canonical input is the entire corpus JSON object. corpus_canonical_sha256 = SHA-256(canonical_bytes), hex-encoded lowercase. Signature is ECDSA-P256/SHA-256 over canonical_bytes, raw r||s format, 64 bytes, hex-encoded.", "For the session attestation signature: canonical input is the attestation object. Signature is ECDSA-P256/SHA-256 over canonical_bytes, raw r||s format, 64 bytes, hex-encoded." ], "compatibility": "Subset compatible with RFC 8785 JCS for the data shapes used in the Veridian corpus (ASCII strings, integer numbers, no float-as-integer edge cases). Diverges from strict JCS on negative zero and certain Unicode-escape edge cases not present in this corpus.", "reference_verifier": "tools/verify_trust_bundle.py in the source repository. Runs the full 15-check acceptance suite against any v1.0 or v1.1 trust bundle export, exits 0 on PASS." }, "engagement_protocol": { "access_model": "Pre-engagement counsel-issued JWT bearer token. Tokens are scoped to a single engagement and expire on a defined window.", "scope_claim": "veridian:demo:read", "audit_logging": "All authenticated sessions are logged at the Vercel Edge with engagement_id, session timing, query count, and refusal count.", "session_lifetime_minutes_default": 90, "renewal": "Re-engagement requires a fresh counsel-issued token; tokens are not refreshable." }, "governance_attestation": { "category": "Runtime AI Governance", "product_family": "OptimaX Governance Infrastructure (GovernedAI)", "related_products": [ "ARS-OMEGA \u2014 Runtime AI governance for higher-stakes workloads in capital markets, sovereign defense, regulated industries", "PEL \u2014 Public Evidence Layer for cryptographic disclosure and tiered access controls", "Constitutio \u2014 Foundational governance compiler underlying the broader stack" ], "demonstrated_properties": [ "Bounded reference window \u2014 the agent cannot answer outside its sealed corpus", "Structural refusal at policy boundaries \u2014 IP-zone questions are deflected by design rather than by training", "Append-only cryptographically signed decision ledger \u2014 every response chains to the prior", "Full replayability \u2014 the entire session can be re-executed against the published corpus to verify integrity", "Capability-bound session authority \u2014 ephemeral session keys are attested by the long-lived identity root, mirroring the CapTok pattern from ARS-OMEGA" ] } }