| Internet-Draft | SOVP | May 2026 |
| Litzki | Expires 13 November 2026 | [Page] |
This document specifies a protocol for the decentralized validation of entity integrity within the agentic web. The objective is to establish a machine-readable trust anchor (Layer 0) that enables Large Language Models (LLMs) and autonomous agents to deterministically verify the authenticity and structural consistency of a data source prior to ingestion. By shifting validation to the infrastructure ingress, the protocol minimizes resource waste and prevents the propagation of unverified signal noise. This document reflects the current state of the protocol specification, including formal header structures, clarified pre-hash procedures, and explicitly defined protocol non-goals.¶
This document describes work by Litzki Systems LLC.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 13 November 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.¶
The proliferation of autonomous agents and Large Language Models (LLMs) operating across the web has created a critical need for deterministic, infrastructure-level trust verification. Existing approaches to data integrity - including transport-layer encryption and application-level validation - operate downstream of the ingress point, allowing unverified signals to consume computational resources before rejection.¶
The Sovereign Validation Protocol (SOVP) addresses this gap by establishing a cryptographic trust anchor at Layer 0, prior to any data ingestion. An entity declares its sovereign identity via a signed JSON object and a DNS-anchored public key. Any Validating Agent or Sovereign Gateway can verify this identity deterministically, without prior relationship or shared secret, and reject non-conformant requests at the network boundary.¶
This document specifies the protocol data structures, cryptographic procedures, and operational modes constituting SOVP. It is published as an Informational document describing an existing protocol deployment.¶
The Sovereign Validation Protocol (SOVP) is designed to prove the cryptographic authenticity and the non-repudiation of the source. It is critical to note that SOVP does not validate the semantic accuracy or the truthfulness of the content provided by the entity. The protocol guarantees that the signal originates from the declared sovereign identity and has not been tampered with since signing. It does not replace downstream fact-checking or qualitative analysis.¶
The core of the validation is the determination of the system resonance, denoted as Psi_core. It describes a binary state of cryptographic alignment between the declared entity identity and its digital output. To ensure global interoperability, the identity metadata (M) must be processed using the JSON Canonicalization Scheme (JCS) as defined in RFC 8785 before hashing.¶
The validation follows the formal function of the Edwards-curve Digital Signature Algorithm (Ed25519). For the purpose of this protocol, the cryptographic hash function (H) is SHA-512 per RFC 6234, serving as the required pre-hash for the Ed25519 verification process.¶
Psi_core = Verify(K_pub, sigma, H(JCS(M)))¶
Where:¶
The implementation relies on a signed JSON-LD object located in the root directory of the host. This object serves as the primary data carrier for the sovereign identity.¶
Proposed Schema for sovp-identity.json:¶
{
"@context": "https://litzki.systems/protocol/v1.4",
"@type": "SovereignIdentity",
"entity": {
"uid": "urn:sovp:litzki-systems-llc",
"canonical_url": "https://litzki.systems",
"verification_method": "Ed25519"
},
"integrity_proof": {
"signature": "z58D...v9A",
"created": "2026-03-14T17:00:00Z",
"public_key_ref": "dns:txt:_sovp.litzki.systems",
"nonce": "optional-unique-string-123"
},
"parameters": {
"entropy_threshold": 0.12,
"determinism_score": 0.98
}
}
¶
The attributes entropy_threshold and determinism_score are defined as Sovereign Commitments. They represent the signer's self-reported integrity parameters. While not cryptographically verified by the signature itself, they allow the Validating Agent to perform heuristic sanity checks against the actual data stream.¶
Atomic State Drift refers to the divergence between the physical reality of a data source and its digital representation during the ingestion process. SOVP suppresses this entropy by enforcing a deterministic handshake. The ingestion is blocked at the ingress layer if the resonance threshold is not met, ensuring that no inconsistent state changes occur within the processing pipeline.¶
The protocol execution follows a non-interactive, zero-trust sequence to establish the Resonance Proof. SOVP 1.5 defines two primary operational modes:¶
| Mode | Actor | Description |
|---|---|---|
| Mode A | Validating Agent (Client) | The agent performs verification locally before committing data to memory. |
| Mode B | Sovereign Gateway (Server) | An infrastructure-level gateway validates requests on behalf of a protected cluster. |
Execution Sequence:¶
If a requesting entity does not support SOVP or provides an invalid signature, the Sovereign Gateway must act according to the Zero Waste Policy:¶
To minimize the window of vulnerability during a key compromise, SOVP records in DNS SHOULD use a low Time-To-Live (TTL), with a recommended value of 300 seconds. Revocation is achieved by updating or removing the _sovp TXT record.¶
All integrity_proof objects must contain a created timestamp. Validating Agents MUST reject signatures with a timestamp older than 600 seconds. For high-frequency pipelines, agents SHOULD implement nonce-based deduplication within the validity window to prevent replayed requests.¶
SOVP provides non-repudiation by binding metadata to an Ed25519 signature. Malicious actors are forced to sign their own identities, making them identifiable and blockable by global reputation systems.¶
Since the trust anchor relies on DNS TXT records, protection against DNS spoofing is critical. The use of DNSSEC is RECOMMENDED for the zone hosting the _sovp record to ensure the authenticity of the public key.¶
SOVP functions at Layer 0 (Infrastructure Ingress). The Sovereign Gateway acts as a physical barrier at the network interface. Computational costs are shifted to the requester, preventing cluster resource exhaustion by unvalidated signals.¶
Per RFC 8552, the following entry is to be added to the IANA registry:¶