Everything is open. You can build a production system without paying us.
Schemas, SDKs, conformance tests, reference Gateway, OpenAPI, vocabulary, ID format, examples, policy bundles — Apache License 2.0. Two things are not open: a small set of patent-track mechanism algorithms, and the KYE Protocol™ trademarks.
Can I…? — yes / no table.
| Can I… | Answer | Why |
|---|---|---|
| …use the schemas, SDKs, OpenAPI specs, conformance fixtures, ID format, vocabulary in a commercial product? | Yes. | Apache License 2.0 across the public surface. |
| …run the reference Gateway in production? | Yes. | Apache 2.0. Pilot-grade today; production-hardening env vars documented. |
| …build my own conformant gateway and call it “KYE-compliant”? | Yes, after passing the conformance suite. Trademark requires the certification ladder for the KYE Conformant™ / KYE Certified™ marks. | Apache 2.0 + KYE Protocol™ trademark policy. |
| …reverse-engineer the cascade revocation algorithm or other mechanism content? | No. | Mechanism designs are patent-track and not publicly disclosed. See patents. |
| …use the name “KYE Protocol™” or “Authority Finality™” to market my product? | Only with permission. | KYE™, KYE Protocol™, Authority Finality™ etc. are trademarks. Fair use OK; product naming requires written consent. |
| …contribute to the public repos? | Yes. | See CONTRIBUTING.md + SECURITY.md. Patent-safety scan runs on every PR. |
| …sell a commercial KYE-based product? | Yes. | Apache 2.0 explicitly permits commercial use, redistribution, and modification. |
| …remove the trademark notice when I redistribute? | No. | Apache 2.0 §4 + KYE™ trademark policy. The notice file MUST stay. |
What Apache 2.0 actually grants.
- Use. Run the protocol surface in production, in your own product, in a competitor’s product, in a regulated bank, in a sovereign deployment — no royalty, no per-seat fee, no usage telemetry sent back to KYE Protocol™ Ltd.
- Modify. Fork, patch, extend, sector-overlay. The only constraints: keep the licence header, preserve the NOTICE file, and don’t use the trademarks to market a non-conformant fork.
- Redistribute. Bundle the SDKs, the reference Gateway, the schemas, the policy packs into your own commercial product. No notification to us required.
- Patent grant. Apache 2.0 §3 includes an explicit, irrevocable patent grant from contributors for the contributed code. Mechanism content held in
private/mechanisms/is not contributed code — it is held confidentially pre-filing and is not in scope of the §3 grant.
Source of record: the KYE-Protocol GitHub organisation hosts the public mirrors under Apache 2.0. The full text of the licence is reproduced at /legal/license.html.
Frequently asked — licence
What licence is the protocol published under?
Apache License, Version 2.0. That covers the vocabulary, ID format, JSON Schemas, OpenAPI specifications, examples, reference Gateway source, SDKs, conformance fixtures, this site, and the whitepaper — unless an individual file specifies otherwise.
Can I fork it?
Yes. Forks and derivative works are permitted under the Apache 2.0 terms. You must not, however, use the protected marks to identify a forked or derivative project that is not the published protocol.
Is there a CLA?
No. Contributions follow the inbound-equals-outbound principle: by submitting a pull request you agree to license your contribution under Apache 2.0.
What is free?
Vocabulary, schemas, dictionaries, OpenAPI, profile bindings, the three reference SDKs (TypeScript / Python / Go), the local validator, the conformance test pack, local decision helpers, and the reference Gateway. You can build a real KYE-conformant integration end-to-end with no payment and no signature beyond the licence. To scope a structured pilot or partner integration, use the Talk to the team modal.
What is patent-track and why it exists.
A small set of mechanism algorithms — how the cascade propagates, how the audit chain composes, how the federation transfer binds — are held in private/mechanisms/ and are not publicly disclosed. They are subject to a patent track (UK / EU / US, with priority anchored on the public-surface release date).
Why the split? The contracts have to be open or KYE Protocol™ isn’t a protocol. Partners, banks, regulators, auditors must be able to implement and verify without depending on us. The mechanism layer is the operational moat — not the standard.
What you can do today: implement everything you see in the public repo. Pass the conformance pack. Ship a competing implementation. What you cannot do: reverse-engineer or re-publish the mechanism algorithms (they aren’t in the public repo to reverse-engineer) and represent your implementation as the canonical KYE™ one without going through the KYE™ Conformant™ / KYE™ Certified™ ladder.
Counsel-cleared disclosure register lives at private/patent/disclosure-register.md; six entries logged 2026-04-29.
Frequently asked — patent track
Are the algorithms patent-encumbered?
Specific mechanism designs — decision evaluation, hash-chain construction, cascade ordering, attenuation propagation, signal-driven invalidation — sit in a separate patent track and are intentional placeholders pre-filing in the development repo. Once filed they will be made available royalty-free for any conformant implementation.
Why placeholders?
EU and UK patent law requires absolute novelty. Disclosing the mechanism designs publicly before filing destroys novelty in those jurisdictions. The placeholder convention preserves novelty without holding back the public protocol surface.
I’m integrating today — do I need a patent licence?
The publicly published vocabulary, URN format, schemas and OpenAPI are released under the Apache 2.0 patent grant; that covers conformant implementation of the public surface. If you need written assurance about the patent track, open a discussion at KYE-Protocol/Discussions or email hello@kye-protocol.org.
Use them, don’t reuse them.
Protected wordmarks and concept marks of the KYE Protocol™ project:
- KYE™
- KYE Protocol™
- Know Your Entity™
- Authority Finality™
- KYE Chain of Authority™
- Authority Graph™
- Decision Map™
- Evidence Pack™
- Evidence Graph™
- Blast Radius Map™
- Compliance Map™
- KYE Compliance Mapping Rail™
- KYE Cloud Gateway™
- KYE Reference Gateway™ · KYE Runtime Gateway™
- KYE Conformant™ · KYE Certified™
- KYE Self-Tested™ · KYE Self-Attested™
- KYE Sovereign AI Profile™
- KYE Public Sector Profile™
- KYE Cross-Agency Delegation Profile™
- KYE Government API Authority Profile™
- KYE Authority Wallet™ · KYE Authority Wallet Pro™
- KYE Connector Hub™ · KYE Connector Profiles™
- KYE App Store™ · KYE Plugin Marketplace™
- KYE MCP Server™ · KYE Signal Bus™
- KYE Continuity Profile™ · Authority Continuity™ · Agency Continuity™
- Continuity Decision Map™ · Continuity Evidence Pack™ · Delegated Agency Graph™
- KYE Continuity Gateway™ · KYE Intent Trace App™ · KYE Agency Drift Monitor™
- KYE Discoverability Profile™ · KYE Authority Directory™
- KYE Discovery Console™ · KYE Authority Path Finder™
- KYE Evidence Finder™ · KYE Connector Discovery Hub™
Plus capability-scoped Conformance marks (Core / Authority / Capability / Evidence) and the Sovereign AI family (9 profiles + 5 apps). Full register: vocabulary/trademarks.json.
Permitted: referring to KYE Protocol™ in your documentation; saying “built on KYE Protocol™” once your implementation has passed the conformance pack; using the marks editorially in articles, talks, papers.
Not permitted: using a KYE™ mark in your own product name without written consent; representing yourself as “KYE Conformant™” without a current verification record; using a confusingly similar mark.
Full register (machine-readable, JSON-Schema-validated): public/vocabulary/trademarks.json.
Frequently asked — trademarks
Can I name my product “KYE™ X” or “X-KYE™”?
No. You may not use “KYE™” or any of the protected marks in your product’s name, domain, organisation name or logo. You may describe your product as “KYE Protocol™-compatible” or “conformant with KYE Protocol™ v1.0” once you pass the public conformance fixture pack.
Do I need to put “™” every time?
Use the ™ symbol on the first prominent use in any public document or page. Subsequent uses on the same page may drop it. In code comments, READMEs and developer chat the symbol is optional but encouraged.
Can I use the marks in a comparison or review?
Yes — nominative fair use is fine. You can write factual comparisons (“Vendor X vs. KYE Protocol™”) provided you don’t imply endorsement, sponsorship or affiliation, and you don’t use the logo as if it were yours.
Can I issue “KYE Certified™” certifications?
No. KYE Certified™ is reserved for the formal certification programme published by the project. Vendors may self-declare conformance levels (KYE Self-Tested™ / KYE Self-Attested™) per the conformance & certification spec, but the L4 Certified™ badge is issued only by the project.
Five tiers; conformance is the only commercial layer.
The conformance ladder runs L0 Declared → L1 KYE Self-Tested™ → L2 KYE Self-Attested™ → L3 KYE Conformant™ → L4 KYE Certified™. Full programme detail on the certification page.
Frequently asked
What are the badge tiers?
Five tiers in the KYE™ Conformance & Certification Programme™: L0 Declared, L1 KYE Self-Tested™, L2 KYE Self-Attested™, L3 KYE Conformant™ (with optional Profile / Compliance variants), and L4 KYE Certified™.
How do I run the fixture pack?
Clone the public examples repository and run node scripts/validate-schemas.js + npm test. The current pack ships 126 conformance fixtures (41/41 pass) plus the SDK + Gateway unit / integration tests. Submit your run output to the public registry to claim KYE Self-Tested™.
Is certification annual?
Yes. Both KYE Self-Attested™ and KYE Certified™ badges are renewed annually against the then-current spec version. The signed certification record records the spec version, the run hash and the renewal cadence.
Site & protocol terms.
- Lawful use only. Of this site and the protocol. No impersonation, no false-conformance claims, no use of the marks contrary to the trademark policy above.
- “As is”. The protocol, the reference Gateway, the SDKs, the conformance pack, and this site are provided without warranty. Apache 2.0 §7–9 govern.
- Governing law. English & Welsh law applies; courts of England & Wales have exclusive jurisdiction over disputes arising from this site.
- Changes. Terms may be updated; the canonical version is the latest commit of this page on the public mirror.
Frequently asked — terms
What am I agreeing to when I use this site?
The terms above. In short: lawful use of the site and the protocol; no impersonation or false-conformance claims; the protocol is provided “as is” with no warranty (Apache 2.0 §7–9 govern); English & Welsh law applies.
What am I agreeing to when I submit a contact form?
The contact modal requires you to accept these terms and the privacy policy below before sending. The form opens your local mail client with a pre-filled message to hello@kye-protocol.org — nothing leaves your device until you press Send.
No analytics. No trackers. Three localStorage keys.
- No third-party analytics, advertising trackers, behavioural cookies, or fingerprinting. Verify with browser dev-tools.
- Local storage only. Three keys:
kye-theme(light/dark),kye-audience(audience filter),kye-sec-*(which sections you’ve opened). All client-side; never sent to a server. - Contact form. Composes a
mailto:link with what you typed; your mail client sends. The maintainers process incoming email under legitimate interest; messages retained only as long as needed; never shared with third parties except where required by law. - Your rights. UK GDPR / EU GDPR / CCPA-equivalent rights apply where you live: access, rectification, erasure, portability, objection. Email hello@kye-protocol.org with subject “Data request”; we respond within 30 days.
Frequently asked — privacy
Does this site track me?
No. There are no third-party analytics, no advertising trackers, no behavioural cookies, no fingerprinting scripts.
What does the site store?
Three keys in your browser’s localStorage: kye-theme, kye-audience, kye-sec-*. All client-side; never sent to a server.
What happens to my contact-form submission?
Your browser composes a mailto: link with the fields you typed. Your mail client sends the email when you press Send. Once it arrives at hello@kye-protocol.org, the maintainers process it under legitimate interest to handle your enquiry.
Can I request deletion of my data?
Yes. Email hello@kye-protocol.org with the subject “Data request”. We respond within 30 days.
Where to send what.
- Public discussion / RFCs / questions. KYE-Protocol/Discussions.
- Security advisories. Private channel per SECURITY.md.
- Trademark, patent, press, partnership. Email hello@kye-protocol.org, or use the Talk to us button in the footer of any page.
Frequently asked — contact
How do I get in touch?
For trademark questions, security advisories, patent-licensing requests, or anything that doesn’t belong in a public discussion, email hello@kye-protocol.org, or use the Talk to us button in the footer of any page.
Where do I report a bug or propose an RFC?
Bug reports and RFC discussion happen in the public forum: KYE-Protocol/Discussions. Security vulnerabilities should be reported privately per SECURITY.md.
What this means for you.
Ready to see your AI agents flagged?
Start in shadow mode. We’ll deliver your first Evidence Pack™ in 4–8 weeks.