From f6c36eb846721eee30afdf943eb9443bba933652 Mon Sep 17 00:00:00 2001 From: madeinplutofabio Date: Sat, 16 May 2026 00:17:09 +0200 Subject: [PATCH] Proposal: PIC Standard for Sandbox stage Signed-off-by: madeinplutofabio --- proposals/pic-standard.adoc | 43 +++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 proposals/pic-standard.adoc diff --git a/proposals/pic-standard.adoc b/proposals/pic-standard.adoc new file mode 100644 index 0000000..5317c34 --- /dev/null +++ b/proposals/pic-standard.adoc @@ -0,0 +1,43 @@ +== PIC Standard + +* Name of project: PIC Standard (Provenance & Intent Contracts) +* Requested project maturity level: Sandbox +* Project description: + +PIC Standard is an open-source pre-execution action-boundary verification primitive for AI agents. Before a high-impact tool call executes, the agent emits a structured Action Proposal (intent, impact, provenance, claims, evidence, action), and the verifier resolves it against a verifiable causal chain — claim → evidence → trusted provenance — failing closed if the chain is invalid or insufficient for the declared impact class. + +Unlike runtime policy enforcement (capability/rule-based allow-deny) and unlike post-execution receipt or audit primitives (which document what already happened), PIC operates at the *pre-execution action boundary*: it verifies that this specific tool call is causally justified, by verifiable evidence, under the operator's trust roots, before the side effect occurs. + +Origin: Created by Fabio Marcello Salvadori (MadeInPluto, https://madeinpluto.com) as an open-source project (Apache 2.0) on 2026-01-08. First public release on PyPI (v0.1.0) on 2026-01-09. Currently at *v0.8.1.1* (May 2026) with frozen PIC Canonical JSON v1 canonicalization spec, published conformance suite with CI runner, and integrations across LangGraph, MCP, OpenClaw, Cordum, and an HTTP bridge. Recent supply-chain hardening: v0.8.1.1 is the project's first cryptographically-signed release, with PEP 740 attestations on PyPI artifacts and Ed25519-signed git tags (see `RELEASING.md`). 80% Python statement-coverage gate and code-style enforcement (Ruff + ESLint/Prettier) are CI-enforced. The OpenSSF Best Practices ladder has been climbed visibly (Passing → Silver). Public roadmap targets a TypeScript reference verifier (v0.9.0 cross-implementation milestone) and an IETF Internet-Draft submission (v1.0 protocol freeze). Defensive publication: RFC-0001 (Apache 2.0, Zenodo DOI 10.5281/zenodo.18725562). + +Prior foundation-track feedback: PIC was previously submitted to the Agentic AI Foundation (AAIF) Growth process (https://github.com/aaif/project-proposals/issues/16). The review outcome did not approve hosting at that stage, but the feedback clarified PIC's positioning as a pre-execution action-verification contract distinct from runtime policy enforcement and post-execution receipt/audit primitives, while identifying org-readiness items such as multi-organization maintainership and named production adopters. PIC is filing at LF AI Sandbox because Sandbox is the better maturity stage for developing those governance and adoption foundations under neutral stewardship. + +* Statement on alignment with LF AI mission: + +PIC fits the *Trusted & Responsible AI* category as a runtime safety primitive that makes AI agent actions causally accountable before execution. It is Apache-2.0 licensed, framework-neutral (integrates with any agent runtime), and locally deterministic — verification runs in-process under the operator's control with no mandatory cloud dependency. The project advances LF AI's mission of supporting open-source AI infrastructure by providing the missing pre-execution verification primitive in the agent-AI stack. + +* Collaboration opportunities with current LF AI hosted projects: + +- *Trusted-AI / responsible-AI projects:* PIC's verification gate could explore consuming fairness, explainability, or risk signals as evidence types in the Action Proposal's claims-and-evidence chain. +- *DeepCausality:* Natural alignment — DeepCausality provides causal reasoning primitives; PIC enforces causal-chain integrity at the action boundary. Composition could surface formal causal-reasoning evidence into PIC verification. +- *Monocle (LLM agent observability):* PIC's verification verdicts and Action Proposal records are structured observability artifacts that Monocle could ingest for end-to-end agent monitoring. +- *Aita / Ryoma (AI agent for data analysis):* Agent platforms benefit from PIC as the pre-execution verification gate for tool calls that touch sensitive data. + +* License: Apache 2.0 (https://github.com/madeinplutofabio/pic-standard/blob/main/LICENSE) +* Source control: GitHub (https://github.com/madeinplutofabio/pic-standard) +* Does the project sit in its own GH organization? No, currently in the maintainer's individual account (`madeinplutofabio`). The project is prepared to migrate to a dedicated GitHub organization during LF AI onboarding if accepted, consistent with LF AI Sandbox requirements. +* Do you have the GH DCO app active in the repos? Yes — DCO sign-off is required on all commits per CONTRIBUTING.md, enforced by the GitHub DCO App on incoming pull requests. +* Issue tracker: GitHub Issues (https://github.com/madeinplutofabio/pic-standard/issues) +* Collaboration tools: GitHub Discussions, GitHub Issues, GitHub Pull Requests. +* External dependencies including licenses: Core and optional dependencies are documented in `pyproject.toml`, `integrations/openclaw/package.json`, and `THIRD_PARTY_NOTICES.md`. Primary Python dependencies include pydantic (MIT), cryptography (Apache 2.0/BSD), pynacl (Apache 2.0), pyyaml (MIT), click (BSD), and rich (MIT). Optional extras include langgraph (MIT) and mcp (MIT). The OpenClaw integration uses npm dependencies listed in `integrations/openclaw/package.json`. All known direct dependencies are permissively licensed; dependency review will be refreshed during foundation onboarding. +* Initial committers: Fabio Marcello Salvadori (fabio@madeinpluto.com, MadeInPluto) — Project Lead, since 2026-01-08. +* Have the project defined roles of contributor, committer, maintainer? Yes, documented in MAINTAINERS.md (https://github.com/madeinplutofabio/pic-standard/blob/main/MAINTAINERS.md). The project is actively recruiting co-maintainers; cross-implementation work (TypeScript verifier, normative semantics, integration stewardship) are open contribution areas. +* Total number of contributors: Small but growing; actively recruiting under the LF AI Sandbox visibility this proposal would provide. +* Does the project have a release methodology? Yes — semantic versioning and release verification are documented in `RELEASES.md` / `RELEASING.md`, including the cryptographically-signed release pipeline (PEP 740 attestations on PyPI + Ed25519-signed git tags) introduced in v0.8.1.1. 22 releases since January 2026. +* Does the project have a code of conduct? Yes. CODE_OF_CONDUCT.md (https://github.com/madeinplutofabio/pic-standard/blob/main/CODE_OF_CONDUCT.md) — Contributor Covenant. +* Did the project achieve any of the CII best practices badges? Yes — *OpenSSF Best Practices Silver badge* (project #12790, https://www.bestpractices.dev/projects/12790). +* Specific infrastructure requests: Guidance on Sandbox onboarding steps, including project sponsor/member pathway, migration to a dedicated GitHub organization if accepted, and LF AI-standard project infrastructure such as mailing list/security reporting channels. +* Project website: GitHub repository (https://github.com/madeinplutofabio/pic-standard) with documentation at /docs. A dedicated project website will be requested as part of LF AI Sandbox onboarding if accepted. +* Project governance: GOVERNANCE.md (https://github.com/madeinplutofabio/pic-standard/blob/main/GOVERNANCE.md). Maintainer-led, with documented MAINTAINERS.md and CONTRIBUTING.md. +* Social media accounts: None dedicated to the project at this time. Updates currently shared via the maintainer's personal LinkedIn. +* Existing sponsorship: The project is sponsored by MadeInPluto (https://madeinpluto.com), the project lead's agentic AI practice. MadeInPluto provides engineering time, infrastructure, and the maintainer's sustained attention to the project. No external corporate sponsorship.