KYE Protocol™ — Protocol overview | Authority Graph™, Decision Map™, state model, profiles, architecture

Graph-first · explainable by default

Every decision comes with a Decision Map™.

KYE™ is graph-first because authority is relational. Every entity, delegation, capability, credential, policy, state, decision, and evidence object is a node; every authority relationship is a typed edge. The runtime traverses, projects, and explains — so an auditor, regulator, dispute panel, or developer can answer why without rebuilding the chain by hand.

Authority Graph™

Who or what can act — for whom, using which capability, under which scope, in which state.

Trace delegation paths, identify risky authority chains, detect stale grants, and prove accountability. GET /v1/graph/authority-path.

Decision Map™

Replayable graph of one decision.

Actor → principal → delegation → capability → authority → scope → state → policy → decision → audit → evidence. GET /v1/decisions/{id}/map.

Evidence Graph™

Decision ↔ evidence linkage.

Every decision references the authority grants, capability manifests, payloads, audit events, and evidence packs that prove it. GET /v1/evidence-packs/{id}/graph.

Blast Radius Map™

What breaks if this is compromised.

Show every capability, agent, payload, and decision affected by a compromised credential, capability, or entity — before you revoke. GET /v1/graph/blast-radius.

Compliance Map™

Projection to framework controls.

Map every entity, authority, capability, decision, and evidence pack to EU AI Act, ISO 42001, SOC 2, DORA, NIS2 controls via KYE Compliance Mapping Rail™. GET /v1/graph/compliance-map.

Knowledge graph projection

Storage substrate is your choice.

KYE™ objects project into Postgres, Neo4j, Neptune, Memgraph, TigerGraph, ArangoDB, or an RDF store — the protocol defines node + edge contracts, never the database.

Entities vs. evidence

KYE™ governs entities and the evidence they produce — never confuses one for the other.

KYE™ governs acting entities, principal entities, capability entities, and evidence artefacts. Payloads are evidence artefacts that bind signed requests to authority decisions and audit trails — they carry state but never authority.

Concept	Role	Examples
Acting entity	Who or what is acting	AI agent, service, user, autonomous workflow
Principal entity	On whose behalf	Organisation, business, natural person, deployer
Capability entity	Using which capability	Skill, tool, MCP tool, function, connector, playbook, model_profile, payment_action
Resource entity	Acting on which resource	Wallet, dataset, document, vehicle, vessel, shipment
Credential entity	Carrying which proof	Verifiable credential, attestation, key
Evidence artefact	Recording the act	Payload artefact, audit event, transparency receipt, evidence pack
Decision	Authority result	`policy_decision_id` · allow / allow_with_constraints / require_approval / deny / quarantine

KYE™ Payload Trust Profile™ — payloads are signed, hashed, replay-resistant artefacts. The runtime verifies them, binds the resulting decision back to the artefact, and emits replayable audit evidence. See profile inventory →

KYE™ binds signed payloads to entity authority, capability state, policy decisions, and replayable audit evidence.

How it works

Three steps, every time. Identify. Authorize. Prove.

A KYE™-governed action is the same shape whether the actor is a human pressing a button, a service account hitting an API, or an AI agent running a tool. That uniformity is the whole point.

1

Identify

Resolve who’s acting, on whose behalf, and what they’re acting against — using one URN format across every entity class.

actor principal subject resource delegation_id credential_id

2

Authorize

Run the request through the PDP (or a low-latency embedded ePDP). Return a standard decision with reasons, obligations and stop conditions.

allow_with_constraints — your app proceeds. It MUST honour the obligations attached (e.g. audit.emit, redaction.required) and abort if a stop_condition fires before completion.
require_approval — your app pauses, queues a human or system approver, and re-asks the PDP after the approval is recorded. The original request keeps the same policy_decision_id.
deny — your app stops, surfaces the reason code (e.g. scope_attenuation_violation, credential_revoked) to the user, and emits an audit event. No retry without a new authority.

3

Prove

Append the action to the audit chain, emit signed signals to subscribers, and on demand export a signed proof bundle a regulator can verify with public keys alone.

audit append signal.publish webhook (signed) proof bundle transparency receipt

State model · six dimensions

An entity isn’t one state. It’s six independent states, all auditable.

Most systems collapse identity, authority and risk into one boolean. KYE Protocol™ keeps them separate so a single failure mode — expired credential, suspicious behaviour, lost key — changes the right dimension without nuking the rest.

entity_state

Lifecycle of the actor itself.

provisional
active
suspended
quarantined
stopped
tombstoned

emits: entity.activated · entity.suspended · entity.stopped

authority_state

Whether this actor has any active authority right now.

none
scoped
elevated
break_glass
frozen

emits: authority.elevated · authority.frozen

delegation_state

Whether the chain of delegations behind this actor is intact.

active
parent_revoked
self_revoked
expired
scope_violated

emits: delegation.revoked (recursive)

credential_state

Verifiable credentials held by this actor.

none
valid
expired
revoked
signature_invalid

emits: credential.revoked · credential.expired

recovery_state

Whether this actor is mid-recovery, post-compromise, or healthy.

healthy
recovery_requested
recovery_decided
compromised
rotated

emits: recovery.decided · break_glass.granted

risk_state

Telemetry-derived risk posture — informs sPDP without changing identity.

nominal
elevated
watch
denylisted

emits: risk.elevated · risk.cleared

Each dimension cascades independently. Stop the entity? Authority freezes, delegations & capabilities revoke, credentials stay valid (so post-mortem keeps working), risk locks at last-known. The vocabulary is open and pinned in the conformance pack.

Lifecycle simulator

Every entity has 15 well-defined states — and only legal transitions.

Click through them. Try an illegal move (the protocol blocks it). Stop, quarantine or revoke an entity and watch the cascade roll down to its delegations, payment authorities and resource grants.

Current state

—

status: —

Cascaded effects

Signal log

Profiles for every sector

Banking, healthcare, custody — no rewrites required.

Core handles 90% of the contract. The other 10% — payment caps, healthcare consent, custody attestation — is in profiles. Adopt only what you need. Each profile adds vocabulary and conformance fixtures; the Core surface never shifts under your feet.

Profile inventory: Core, Gateway, Payments, Federation, Credentials, Attestation, Signals, Transparency, Conformance, Treasury, Custody, Healthcare, Telemetry, Capability, Recovery — plus 26 sector overlays. The interactive tabbed inventory requires JavaScript; the canonical inventory is in github.com/KYE-Protocol/examples.

Run the 37-fixture conformance pack: github.com/KYE-Protocol/examples — clone & run npm test →

Coverage

One protocol. Every actor, every action, every state.

KYE Protocol™ is deliberately scoped to the identity, authority, scope, state, and audit layer — not custody, not settlement, not a policy engine. That makes it horizontal across vendors and vertical across regulators.

Horizontal — the whole ecosystem

A single URN spans every entity class your stack already has.

human business person team workload service_account api_client connector ai_agent model model_version tool mcp_tool workflow prompt capability wallet payment_authority credential attestation resource document dataset policy

Vertical — the whole lifecycle

Every governed phase of every entity, with controlled state transitions and replayable proof.

          discover
          register
          verify
          attest
          delegate
          scope
          authorize
          act
          audit
          replay
          approve
          attenuate
          suspend
          stop
          quarantine
          revoke
          break-glass
          recover
          rotate
          transfer
          archive
          tombstone
        

SOC 2 ISO 27001 PCI DSS PSD2/PSD3 DORA HIPAA EU AI Act NIS2 NIST 800-207

Verticalised — sectoral profiles surface the controls auditors already ask for.

Implementable protocol · not a whitepaper

From authority to audit — backed by schemas, taxonomies, metadata, and a traversable graph.

KYE Protocol™ is built on 16 protocol-core disciplines grouped in three tiers. Runtime governance (6) — authority, state, decisions, policy bindings, evidence, audit trails. Protocol design (8) — canonical schemas, shared dictionaries, versioned taxonomies, structured metadata, a graph-native authority model, sector profiles, resolvable registries, and conformance. Developer adoption (2) — runtime APIs and three first-party SDKs. A separate commercial layer (KYE Cloud™) packages it as SKUs — without bleeding into the open protocol. No authority without context. Authority is relational.

Tier A · Runtime governance — what KYE™ decides

1

Authority-first

KYE™’s centre is not identity, it is authority. Every action answers who or what is acting, on behalf of whom, using which capability, under what authority, in what state, with what audit trail. KYEAuthorityGrant, KYEAuthorityScope, KYEDelegation, KYEActingOnBehalfOf, KYEAuthorityState, KYEAuthorityDecision, KYEAuthorityRevocation, KYEAuthorityEvidence.

authority-grant.json · delegation.json · scope.json

2

State-first

Authority is meaningless without state. Every authorize call composes entity_state, authority_state, delegation_state, credential_state, capability_state, payload_state, recovery_state, risk_state. KYE™ is state-aware authority infrastructure.

state-composition.json · 6+ dimensions · 10 illegal compositions

3

Decision-first

Runtime systems need an answer. POST /v1/runtime/authorize returns one of allow / allow_with_constraints / require_approval / require_step_up / require_human_review / require_recovery / quarantine / deny — with reason code, matched policies, obligations, evidence refs — in milliseconds.

policy-decision.json · signed decision_id

4

Policy-bound

Policy-bound, not policy-bloated. KYE™ defines binding schema, decision result, obligations, reason codes, the PEP/PDP flow — not a new policy language. Integrate with the engines you already run: Cerbos, OPA, AWS Cedar, custom enterprise PDPs, IAM, API gateways, agent runtimes.

private/specs/policies/{rego,cerbos,cedar} · policy-decision.json

5

Evidence-first

KYE™ turns authority into evidence. Every decision produces validation results, audit events, transparency receipts, signals — all bound by a policy_decision_id and aggregable into a signed evidence_pack a regulator can verify with public keys alone.

evidence-pack.json · KYE Compliance Mapping Rail™

6

Audit-trail-first

No authority without audit. No audit without evidence. Every material change produces an append-only, hash-linked, timestamped, reason-coded, actor-bound, policy-bound, decision-bound audit event — exportable, replayable, externally verifiable.

audit-event.json · signal.json · transparency-receipt.json

Tier B · Protocol design — how KYE™ classifies and ships

7

Schema-first

Every entity, authority grant, delegation, scope, capability manifest, validation result, audit event, evidence pack, payload artefact, taxonomy term, metadata binding, and compliance mapping is a canonical JSON Schema 2020-12 with an absolute $id at schemas.kye.dev. OpenAPI, SDKs, validators, docs, and conformance tests are derived from schemas — not hand-written.

private/specs/schemas/*.json · 55 schemas · 58 validated examples

8

Dictionary-first

Authority decisions need shared vocabulary, or every implementation invents different words for the same thing. KYE™ ships canonical dictionaries for entity types, all state dimensions, decisions, reason codes, capability kinds, side-effect levels, data classes, signal types, redaction fields, taxonomies.

public/vocabulary/*.md · 17 dictionary files

9

Taxonomy-first

Authority decisions depend on classification. KYE™ ships 16 canonical V1 taxonomies — entity_type, capability_type, action_type, resource_type, data_class, side_effect_level, risk_state, environment, decision, reason_code, evidence_type, compliance_framework, sector, jurisdiction, and the two state taxonomies. Versioned, status-bound, mappable to framework controls.

taxonomy-term.json · taxonomies-v1.md · 16 taxonomies

10

Metadata-first

Metadata is not decorative — it influences decisions. Every KYE™ object carries a normative metadata block: labels, classifications, ownership, lineage, compliance. Field values draw from registered taxonomies. The runtime exposes metadata to the policy layer as request.{actor,capability,resource,authority}.metadata.

metadata-binding.json · KYEMetadataSchema · KYEMetadataPolicyRule

11

Graph-first

Authority is relational. KYE™ maps every entity, delegation, capability, credential, policy, state, decision, and evidence object into a traversable Authority Graph™. Every decision returns a Decision Map™; compromise produces a Blast Radius Map™; compliance projects to a Compliance Map™. Storage substrate is implementation choice (Postgres, Neo4j, Neptune, Memgraph, TigerGraph, ArangoDB, RDF).

graph-node.json · graph-edge.json · decision-map.json

12

Profile-first

Core stays small. Domain extensions live in profiles — Capability, Recovery, Healthcare, Payments, Payload Trust, Taxonomy & Metadata, Graph, EU AI Act, ISO 42001, Defence, Energy, Manufacturing, and more. Profiles never modify Core; they add vocabulary, schemas, endpoints, and conformance fixtures. Adopt only what you need.

private/specs/kye-*-v1.md · 41 profile docs

13

Registry-first

Every object — entity, authority grant, delegation, capability, profile, dictionary, taxonomy, metadata schema, graph node / edge, policy, issuer, trust anchor, evidence pack, compliance mapping, webhook — is resolvable. The protocol defines registry semantics; deployments choose where to host.

/.well-known/kye · /v1/{entities,delegations,capabilities,taxonomies,metadata-schemas,graph,…}

14

Conformance-first

A protocol without conformance is marketing language. KYE™ publishes a black-box fixture pack that any conformant Gateway must pass — the same pack tests vendor stacks, internal stacks, and the reference Gateway, byte-for-byte the same.

37 conformance fixtures · 37/37 pass · conformance-report.json normative

Tier C · Developer adoption — how KYE™ reaches developers

15

API-first

Validation happens at runtime. The headline endpoint POST /v1/runtime/authorize answers can this entity perform this action, on behalf of this principal, using this capability, under this scope, in this state? — in milliseconds, with a signed decision. Graph queries (authority path, delegation path, capability dependencies, blast radius) are first-class. 186 OpenAPI operations across 87+ runtime endpoints.

186 OpenAPI operations across 87+ runtime endpoints · redocly-lint clean

16

SDK-first

Developers should not implement protocol validation by hand. KYE™ ships TypeScript, Python, and Go SDKs with schema types, local validators, decision clients, signing/verification helpers, policy adapters, audit emitters, capability-manifest builders, evidence-pack helpers, taxonomy resolvers, metadata classifiers, graph traversal clients, decision-map renderers.

private/sdks/{typescript,python,go} · 41+28+pass tests

Commercial layer · KYE Cloud™

SKU-first, metering-first — never in the open protocol.

The open protocol stays vendor-neutral. The hosted product packages it commercially: SKU-first, metering-first, dashboard-first, evidence-pack-first, enterprise-pack-first, compliance-pack-first, BYOC / on-prem-first. KYE Cloud™ SKUs include Hosted Registry, Validator API, Recovery Console, Evidence Packs, Compliance Profiles, Regulated-Sector Packs, and Enterprise Deployment. SKU logic never enters Core objects (KYEEntity, KYEAuthorityGrant, KYEAuditEvent, KYEStateTransition, KYETaxonomyTerm, KYEMetadataBinding).

Where it sits in your stack

MCP and OAuth solve parts. KYE™ solves the whole identity-authority-audit problem.

MCP and A2A handle agent communication. OAuth and GNAP do human authorization. SPIFFE does workload identity. SCITT does transparency. KYE Protocol™ is the contract layer that composes them — one URN, one delegation chain, one decision vocabulary, one cascade, one audit chain.

↔ scroll horizontally to see all columns

The technical layer behind Authority Finality™.