SIGIL Ledger Specification

The permanent, tamper-evident audit trail for every action in DEFONEOS. Ed25519-signed ยท RFC3161-timestamped ยท Bitcoin OTS-anchored. Append-only. Permanent. Sovereign.

500+
Receipts Logged
3
Crypto Layers
โˆž
Retention
0
Tamper Events

1. What Is SIGIL?

SIGIL (Sovereign Integrity Guard for Immutable Logging) is DEFONEOS's permanent audit trail. Every tool invocation, governance decision, data access, data release, and system event generates a SIGIL receipt. Each receipt is cryptographically signed, timestamped, and anchored to the Bitcoin blockchain โ€” making the ledger tamper-evident and permanent.

Three cryptographic layers: (1) Ed25519 signature proves who acted. (2) RFC3161 timestamp proves when they acted. (3) Bitcoin OTS anchor proves the receipt existed at that time and has not been modified since.

2. SIGIL Receipt Structure

Every SIGIL receipt contains the following fields:

{ "sigil_id": "sig_0123_abc456...", // Ed25519-derived unique ID
"tick": 103, // Global tick counter
"action": "tool_invoke", // What happened
"mcp_id": "sentinel-hub-mcp", // Which MCP server
"tool_name": "get_satellite_image", // Which specific tool
"caller": "ed25519:0xABC...", // Who called it
"ring": 1, // Trust ring (0, 1, or 2)
"data_hash": "sha256:0xDEF...", // Hash of input + output
"timestamp": "2026-07-14T19:30:00Z", // ISO 8601
"rfc3161_receipt": "base64:...", // Trusted timestamp proof
"ots_proof": "bitcoin:block:850000...", // Bitcoin OTS anchor
"signature": "ed25519:0x123...", // Caller's signature
"bft_witness": "ed25519:0x456...", // BFT agent co-signature
"release_condition": null, // RC-1 to RC-6 (for data releases)
"metadata": {} // Action-specific context }

3. The Three Cryptographic Layers

Layer 1 โ€” Ed25519 Signature (Who)

Every actor in DEFONEOS (human or AI) has an Ed25519 key pair. When an action is taken, the actor signs the SIGIL receipt with their private key. The signature proves who performed the action and that the receipt has not been modified since signing.

Layer 2 โ€” RFC3161 Trusted Timestamp (When)

Every receipt is timestamped by an RFC3161 Trusted Timestamp Authority (TSA). The TSA signs a hash of the receipt + the current time, proving when the receipt was created (to TSA-attested precision).

Layer 3 โ€” Bitcoin OTS Anchor (Existed)

Every receipt is anchored to the Bitcoin blockchain via OpenTimestamps (OTS). This proves the receipt existed at a specific point in time and cannot be backdated or modified.

4. Action Types Recorded

ActionDescriptionBFT Witness Required
tool_invokeA tool was called on an MCP serverYes (standard)
bft_voteA BFT agent cast a voteSelf (the vote IS the witness)
bft_sessionA BFT session (standard or emergency) completedAll participating agents
data_storeData was stored in the escrowYes
data_accessEscrow data was accessedYes
data_releaseEscrow data was released (RC-1 to RC-6)Yes + 4-eyes + BFT quorum
data_destroyEscrow data was cryptographically destroyedYes + 23/33 BFT + human-owner
key_rotationAn Ed25519 key was rotatedYes
mcp_admissionAn MCP was admitted to the federation23/33 BFT quorum
mcp_quarantineAn MCP was quarantined17/33 BFT emergency quorum
redline_proximityAn output approached a red-line boundaryImmediate emergency session
deployA new deployment was pushed to productionBFT pre-flight vote

5. Ledger Properties

PropertyValueHow Enforced
Append-onlyReceipts can never be modified or deletedSQLite journal_mode=WAL + hash chaining + Bitcoin OTS
Tamper-evidentAny modification is immediately detectableEd25519 signature + RFC3161 timestamp + OTS anchor
PermanentReceipts retained indefinitelyUK-sovereign storage + Bitcoin blockchain (OTS)
VerifiableAnyone can independently verify receiptsPublic Ed25519 keys + RFC3161 TSA public key + Bitcoin chain
OrderedReceipts have a global tick orderingMonotonic tick counter + RFC3161 timestamps
CompleteEvery action generates a receiptArchitecture-level enforcement (no action path bypasses SIGIL)

6. Hash Chaining

SIGIL receipts are hash-chained: each receipt includes the hash of the previous receipt. This creates a tamper-evident chain where modifying any receipt breaks the chain for all subsequent receipts.

Receipt N-1 Receipt N Receipt N+1
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ” โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚ prev_hash: โˆ… โ”‚ โ”€โ”€โ”€โ”€โ†’ โ”‚ prev_hash: H(N-1)โ”‚ โ”€โ”€โ”€โ”€โ†’ โ”‚ prev_hash: H(N) โ”‚
โ”‚ data: {...} โ”‚ โ”‚ data: {...} โ”‚ โ”‚ data: {...} โ”‚
โ”‚ hash: H(N-1) โ”‚ โ”‚ hash: H(N) โ”‚ โ”‚ hash: H(N+1) โ”‚
โ”‚ sig: ed25519 โ”‚ โ”‚ sig: ed25519 โ”‚ โ”‚ sig: ed25519 โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜ โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜

Modifying Receipt N changes H(N), which breaks Receipt N+1's prev_hash check โ†’ DETECTABLE

7. Verification API

The SIGIL ledger exposes a verification endpoint:

GET https://deploy.escrow.mcp/sigil/verify?sigil_id=sig_0123_abc...

Returns:

{ "sigil_id": "sig_0123_abc...", "ed25519_valid": true, "rfc3161_valid": true, "ots_valid": true, "hash_chain_valid": true, "overall": "VERIFIED" }

Bulk verification: GET /sigil/verify-all โ€” verifies every receipt in the ledger. Used for periodic integrity audits.

8. Retention Policy

Data TypeRetentionLocation
SIGIL receipts (all types)PermanentUK-sovereign SQLite + Bitcoin blockchain (OTS)
SIGIL receipts (BFT session transcripts)7 years (full) / Permanent (minutes)UK-sovereign storage + SIGIL ledger
SIGIL receipts (public-facing minutes)Permanentcsoai.org/bft-minutes (OSA s7 redacted)
SIGIL verification proofsPermanentBitcoin blockchain (immutable by design)
Even if all UK storage is destroyed, the Bitcoin OTS anchors remain, proving that the receipts existed at specific times. The receipts themselves can be reconstructed from the hash chain + backup copies.