Open Protocol · CPS v1.0 · Apache 2.0

Every AI Decision.
Cryptographically Sealed.

Capsules are immutable cryptographic records of every AI operation — what triggered it, what the AI knew, why it decided, who authorized it, what it did, and what happened. The trust foundation for autonomous AI.

6
Sections
8
Types
Signatures
3
Privacy Layers

Capsule Anatomy

Six Sections. Complete Traceability.

Trigger

What started this?

The event, command, or signal that initiated the AI action — user message, schedule, webhook, or agent decision.

Context

What did the AI know?

The knowledge window — vault fragments, conversation history, and system state available at decision time.

Reasoning

Why this decision?

The chain of thought — model selection, confidence scores, alternative paths considered, and the chosen strategy.

Authority

Who approved it?

Permission verification — user identity, role bindings, policy evaluation, and any escalation or override.

Execution

What happened?

The action taken — tool calls, API requests, model invocations, token usage, latency, and cost.

Outcome

What was the result?

The final state — success or failure, output artifacts, side effects, and any follow-up actions queued.

Tamper Detection

Hash-Chained. Tamper-Evident.

Every capsule includes a SHA3-256 hash of the previous capsule, creating an unbreakable chain. Modify any record and every subsequent hash breaks — detection is instant and automatic.

SHA3-256 hash of previous capsule in every record
Modification breaks all subsequent hashes instantly
8 capsule types: Agent, Tool, Workflow, Chat, Vault, Auth, Kill, System
Parallel hash lanes per agent for high throughput
capsule-chain
// capsule 1
{ id: "cps_a7f3"
type: "Agent"
hash: "0x8e2a...f41d"
prev: "0x0000...0000" }
// capsule 2
{ id: "cps_b1e9"
type: "Tool"
hash: "0x3c7b...a928"
prev: "0x8e2a...f41d" }
// capsule 3
{ id: "cps_c4d2"
type: "Chat"
hash: "0xf19e...6b03"
prev: "0x3c7b...a928" }

Cryptographic Integrity

Dual Signatures. Quantum-Ready.

Every capsule is signed with Ed25519 today and optionally co-signed with ML-DSA-65 for post-quantum resilience. When quantum computers arrive, your audit trail is already protected.

Ed25519

Classical · Required

Elliptic curve signature with 128-bit security. Sub-microsecond verification. The standard signature on every capsule.

ML-DSA-65

Post-Quantum · Optional

Lattice-based signature resistant to quantum attacks. NIST standardized. Enable today for forward security against future threats.

Data Lifecycle

Three Layers. Automatic Decay.

Capsule data is partitioned into three privacy layers with automatic retention policies. Sensitive details are encrypted and expire — summaries live forever.

L1 · Forever

Summary Layer

Capsule ID, type, timestamp, agent, outcome status, and hash chain pointer. Retained indefinitely for compliance audit trails.

L2 · 90 Days

Detail Layer

Reasoning traces, authority checks, tool parameters, model selection. Accessible for incident review and debugging.

L3 · 7 Days

Full Layer

Complete prompt/response pairs, raw embeddings, full context window. Encrypted with AES-256-GCM, auto-shredded after 7 days.

Compliance Export Ready

SOC2HIPAAGDPRISO 27001NISTPCI DSSFedRAMPFINRA

Trust by Design.
Every Operation. Every Time.

Capsules ship with every Quantum Pipes workspace. Zero configuration. Your AI audit trail starts from the first interaction.

Get Started