RSS

Signed OKF – Provenance for Google's Open Knowledge Format

dynamicfeedai2 pts0 comments

GitHub - dynamicfeed/signed-okf: Signed OKF: a verifiable trust layer for the Open Knowledge Format (OKF) - signed, tamper-evident provenance for agent knowledge. · GitHub

/" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

/;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

dynamicfeed

signed-okf

Public

Notifications<br>You must be signed in to change notification settings

Fork

Star

main

BranchesTags

Go to file

CodeOpen more actions menu

Folders and files<br>NameNameLast commit message<br>Last commit date<br>Latest commit

History<br>1 Commit<br>1 Commit

examples/okf-bundle

examples/okf-bundle

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

SPEC.md

SPEC.md

sign_okf.py

sign_okf.py

verify_okf.py

verify_okf.py

View all files

Repository files navigation

Signed OKF

A verifiable trust layer for Google's Open Knowledge Format (OKF).

OKF makes the knowledge an AI agent needs portable - an open, vendor-neutral markdown format. But its metadata stops at a timestamp. It has no provenance, no signatures, no verification. So a consumer of an OKF bundle cannot answer two questions before an agent acts on it:

Did this come from who it claims to?

Has any of it been altered since?

Signed OKF adds exactly that, and nothing else. It hashes every file in a bundle, wraps the hashes plus a provenance envelope in a manifest, and Ed25519-signs it. Anyone can re-check it with the verifier and the issuer's public key - trust the math, not the issuer.

Format makes knowledge portable. Provenance makes it trustworthy.

It is additive and spec-compliant . OKF v0.1 explicitly says producers "MAY include any additional keys" and consumers "SHOULD NOT reject documents with unrecognized fields." Signed OKF only adds optional frontmatter keys and one file (okf.manifest.json, which is not one of OKF's reserved names). Drop the manifest and you have a plain OKF bundle again. No fork, no proprietary account, no SDK.

Quickstart

Requires Python 3.8+ and cryptography (pip install cryptography).

INVALID"># 1. create a keypair (issuer.key is secret; issuer.pub.json is publishable)<br>python sign_okf.py keygen

# 2. sign an OKF bundle<br>python sign_okf.py sign examples/okf-bundle --issuer acme.example --source "ACME Data Warehouse"

# 3. verify it (re-hashes files + checks the signature against the public key)<br>python verify_okf.py examples/okf-bundle --jwks issuer.pub.json<br># VALID: 2 files intact, signature verified

# tamper with any file or the manifest, then re-run step 3 -> INVALID

The verifier (verify_okf.py) depends only on cryptography and can point --jwks at a local key file or a public URL (e.g. an issuer that publishes a JWKS at /.well-known/keys).

What it proves, and what it does not

Proves: every file existed in this exact form when signed, and the bundle was signed by the holder of the named key. Tamper-evident: any change breaks verification.

Does not: assert the content is true, or that acting on it is correct. This is provenance, not omniscience. It is tamper-evident, not tamper-proof, and it is advisory evidence, not a certification.

Spec

See SPEC.md for the manifest format and the provenance frontmatter convention.

Why this exists

As agents increasingly act on shared, machine-curated knowledge, "where did this come from and has it changed" stops being optional. OKF got the format right and left that layer open. This fills it, in the open, so the format and the trust layer can travel together.

Built by Dynamic Feed, the verifiable evidence layer. Contributions and issues welcome.

Licence

Apache-2.0. See LICENSE.

About

Signed OKF: a verifiable trust layer for the Open Knowledge Format (OKF) - signed, tamper-evident provenance for agent knowledge.

dynamicfeed.ai

Topics

provenance

ed25519

ai-agents

data-provenance

verifiable-data

llm

context-engineering

okf

open-knowledge-format

agent-knowledge

Resources

Readme

License

Apache-2.0 license

Uh oh!

There was an error while loading. Please reload this page.

Activity

Custom properties

Stars

stars

Watchers

watching

Forks

forks

Report repository

Releases

No releases published

Packages

Uh oh!

There was an error while loading. Please reload this page.

Contributors

Uh...

signed knowledge provenance format bundle open

Related Articles

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.