Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion SPEC.md
Original file line number Diff line number Diff line change
Expand Up @@ -844,6 +844,7 @@ IOTA Rebased (mainnet ~May 2025) is the reference example. Verified properties a
- **PQC status-gate binding (§6.5).** Move on IOTA Rebased has **no ML-DSA/SLH-DSA natives** (framework crypto natives: ed25519, ecdsa_k1/r1, bls12381, groth16, ecvrf, hmac_sha3_256; no PQC natives on any published IIP roadmap) — in-contract PQC verification is not practical today (Groth16-wrapped PQC verification via the zk natives is theoretically possible, not practical). The IOTA profile therefore **MUST** implement **optimistic status enforcement** (§6.5) for the escrow-relevant transitions (`disputed`, `enforced`).
- **Off-chain PQC is ready on this profile:** IOTA Identity (v1.7+) issues/verifies VCs with **ML-DSA-44/65/87, SLH-DSA, FALCON, and hybrid composites** (e.g. `id-MLDSA65-Ed25519`) — the binding-layer PQC suites of §6.5 are implementable with first-party tooling.
- **Status lists (§8.6 binding):** IOTA Identity implements **RevocationBitmap2022** and **StatusList2021**, not (yet) the W3C Bitstring Status List; the profile binds these as the equivalent bit-array mechanisms permitted by §8.6 (RevocationBitmap2022: revocation only; StatusList2021: revocation + suspension). Bitstring Status List SHOULD be adopted if/when supported upstream. Note: the library has had **no stable release** as of June 2026 (latest: v1.9.9-beta.1) — APIs may still break; treat it as a pre-GA dependency.
- **First-party Trust Framework — candidate bindings (§5.4/§8).** The IOTA Foundation ships components overlapping ANP's pillars under its **Trust Framework** umbrella: **IOTA Notarization** (Alpha — *Locked* and *Dynamic* notarization with exactly ANP's hash-on-chain/payload-off-chain prover/verifier model and refundable storage deposits) and **IOTA Hierarchies** (Alpha — on-chain trust/authority hierarchies), alongside Identity and Gas Station. The Phase-2 PoC **SHOULD** evaluate binding this profile's **anchor primitive to Notarization objects** (Locked for terminal Objects; Dynamic for status-bearing anchors) and **Trust-List resolution (§5.4) to Hierarchies**, rather than re-implementing anchor objects and trust registries from scratch. ANP's contribution remains the layer these components do not provide — multi-party contracting semantics, mandates, optimistic dispute resolution, settlement directives (§15). Both components are Alpha; treat as pre-GA.
- **Stablecoins — current reality (§10.2/§16.8):** bridged **USDC.e/USDT** only (LayerZero/Stargate, live Dec 2025); **no EUR stablecoin exists on IOTA L1**; a native stablecoin has been announced and is in formal-verification audit with **no confirmed launch** as of June 2026. EUR-denominated obligations therefore currently settle over a bridged USD asset with an FX reference (`constraints.fx_ref`, §5.3) — or on an EVM-profile chain where EURe/EURC actually live.
- **Accounts & auth:** chain-native signatures are **Ed25519 (not PQC)** — hence ANP's binding-layer PQC strategy and the settlement-layer open risk (§6.5, §16.1). zkLogin was **removed** on IOTA; **passkey** authentication is live; Move-level account abstraction (IIP-0009) is testnet-only.
- **Component statuses (June 2026):** IOTA Identity is **Beta** (v1.9.9-beta.1 — W3C VC-DM-2.0-aligned SD-JWT, BBS+ ZK selective disclosure, PQC suites as above; **no stable release yet**); Gas Station is v0.5.2 (pre-1.0). Treat both as pre-GA dependencies.
Expand Down Expand Up @@ -892,6 +893,7 @@ Conformance levels: **Minimal** = Core + exactly one of {Notarization, Contracti
| **Virtuals ACP / proposed ERC-8183** | Client/Provider/Evaluator + escrow + single-evaluator release (Base) | Closest *full-core* prior art. ANP differentiates: chain-neutral; neutral arbiters + M-of-N panels + appeals + slashing; general (any agreement/attestation, not just paid jobs). |
| **W3C DID / VC 2.0** | Identity & credentials | **Foundational dependencies** (the neutral core). |
| **UMA optimistic oracle** | Assert-challenge-resolve for subjective facts | Design template for ANP's optimistic dispute `process_profile`. |
| **IOTA Trust Framework** (Identity, Notarization, Hierarchies, Gas Station; Alpha) | First-party hash-anchoring (Locked/Dynamic notarization) and on-chain trust hierarchies on the reference chain | Candidate **profile bindings** for §13.2, not competitors at the protocol layer: they provide primitives, ANP provides the multi-party contracting, mandate, dispute, and settlement semantics above them. |
| **C2PA** | Signed content/sensor provenance | Optional evidence format for media/measurement notarization. |

**Positioning in one line:** ANP reuses identity (DID/VC), settlement (native chain), and attestation patterns (EAS-style), aligns with — but does not depend on — A2A/AP2/ERC-8004, and contributes the **chain-neutral, multi-party, general-purpose layer for binding agreements + third-party notarization + fair dispute resolution** that the rest of the stack leaves empty.
Expand Down Expand Up @@ -919,6 +921,7 @@ Conformance levels: **Minimal** = Core + exactly one of {Notarization, Contracti
- *Contracting:* two agents negotiate a structured service agreement; Objects anchored on IOTA testnet; mandate-gated approval; settlement via a completion `assert` backed by accepted criteria, then an uncontested `enforce`.
- *Notarization:* a notary/oracle issues and anchors an attestation (with a C2PA-backed measurement); a contract consumes it as an acceptance criterion.
- *Dispute:* an optimistic challenge → arbiter ruling → on-chain enforcement, with bonded parties.
- *Profile alignment:* evaluate binding the IOTA profile's anchors to **IOTA Notarization** and Trust-List resolution to **IOTA Hierarchies** (§13.2); engage the IOTA Foundation early — a PoC showcasing their Trust Framework stack is a natural collaboration.
- Open-source from day one; reproducible demo.

**Phase 3 — Specification v1.0.** Freeze envelope, schemas, state machines, suite registry, profile bindings, error/timeout semantics, and the security model; publish conformance tests.
Expand Down Expand Up @@ -983,6 +986,7 @@ Seller asserts "delivered, criteria met" → `ASSERTED`. Buyer files `dispute` w
- **Performance bond & penalty collateral (§7.3, §10.3, §11; review issue #19):** optional `performance_bond` posted by the performing party at `execute`, sized to maximum penalty exposure; Verifiers SHOULD flag terms whose penalties exceed the collateral reachable by `enforce`; the §10.3 fee-shortfall rule now covers the asymmetric no-escrow case.
- **IOTA profile: on-chain hash handling (§13.1, §13.2, Appendix A; review issue #25):** Move has no 384-bit hash natives — anchors carry tagged 384-bit digests as opaque bytes (store/compare works; recomputation does not). New §13.1 **hash-capability declaration**: profiles name a native recomputation hash or route verification into the dispute path; the suite registry records per-profile flags.
- **Realistic stablecoin denomination (§5.3, §7.3, §13.2, §16.8, B.1; review issue #28):** worked examples re-denominated from EURe (which does not exist on IOTA L1) to bridged USDC.e with `fx_ref`-based EUR caps; §13.2 documents the stablecoin reality (bridged USDC.e/USDT only, native coin unconfirmed); §16.8 notes Stellar as the only native-EURC chain in the landscape.
- **IOTA Trust Framework positioning (§13.2, §15, §17, Appendix D; review issue #30):** IOTA Notarization (Locked/Dynamic) and Hierarchies are documented as **candidate profile bindings** for the anchor primitive and Trust-List resolution — to be evaluated in the Phase-2 PoC with early IOTA Foundation engagement; §15 positions them as primitives below ANP's contracting/mandate/dispute/settlement semantics, not competitors.
- **IOTA reference profile refreshed to June 2026 (§13.2, §13.4, Appendix D; review issue #29):** Starfish consensus (p99 ≈ 312 ms), measured anchor costs (~0.001 IOTA burned + fully-refundable storage deposit), Gas Station v0.5.2 self-hosted, IOTA Identity Beta with PQC VC suites, native randomness beacon + ECVRF (making §8.3/§9.2 VRF selection directly implementable), zkLogin removed / passkeys live / account abstraction testnet-only.
- **GDPR posture corrected to pseudonymization (§6.2, §12, Appendix D; review issue #17):** dropped the contestable "the residual on-chain hash is not personal data" claim; anchors are treated as **pseudonymized personal data** per EDPB Guidelines 02/2025, with erasure decaying their identifying power; pairwise DIDs upgraded to **MUST** for Threads with identifiable natural persons.
- **Quantum hash-strength numbers corrected (§6.5; review issue #20):** the anchor-hash requirement now states classical and quantum levels separately (≥384-bit classical pre-image / ≥192-bit classical collision ⇒ ≥192-bit Grover pre-image) — the v0.2 wording made SHA-384/SHA3-384 fail its own stated requirement; the primitives were right, the numbers were not.
Expand Down Expand Up @@ -1013,7 +1017,7 @@ Seller asserts "delivered, criteria met" → `ASSERTED`. Buyer files `dispute` w
- **Ethereum Attestation Service (EAS)** (attest.org).
- **Virtuals Protocol Agent Commerce Protocol (ACP)** (Base).
- **UMA Optimistic Oracle**.
- **IOTA Rebased** (mainnet ~May 2025; **Starfish** consensus since Apr 2026, formerly Mysticeti; Move VM); **IOTA Identity** (Beta, v1.9.9-beta.1); **IOTA Gas Station** (v0.5.2); **IOTA EVM** (L2).
- **IOTA Rebased** (mainnet ~May 2025; **Starfish** consensus since Apr 2026, formerly Mysticeti; Move VM); **IOTA Identity** (Beta, v1.9.9-beta.1); **IOTA Gas Station** (v0.5.2); **IOTA Notarization** (Alpha); **IOTA Hierarchies** (Alpha); **IOTA EVM** (L2).
- **Sui**, **Hedera (HCS)**, **Aptos**, **Solana**, **Base/Ethereum L2s** (candidate-chain context).

*(Full URLs and access dates to be attached in the v1.0 bibliography; all technical claims above were source-verified during the v0.2 review.)*
Expand Down
Loading