Value · people · value chain · lifecycle · safety

What KYE actually adds.

KYE Protocol turns “an AI agent acted” into a signed, replayable, end-to-end record that the right people see in time — end user before approval, auditor on demand, court when needed — and that the wrong actions don’t get to take: scope-out → deny before bytes move; compromise → cascade in milliseconds.

groups People hub Value chain timeline Lifecycle shield Safety timeline Continuity + Discoverability
1 · To people

Pick who you are. See what KYE delivers.

You see

Every AI agent that acts for you, with the exact scope — amount caps, merchants, time windows, payment instruments, expiry.

You control

Revoke any agent in milliseconds. Cascade fires: capability disabled, downstream grants invalidated, signal emitted, evidence pack generated.

You approve

Above-threshold actions hit your phone, not a vendor dashboard. The KYE Authority Wallet is the consumer-facing surface.

You can prove

If a transaction is disputed, the Evidence Pack is signed and replayable end-to-end with public keys alone.

Agentic procurement, scoped

Your AI shopping / sourcing agent acts under a signed authority grant: amount cap, merchant allowlist, category blocklist, time window, expiry. Above-threshold purchases require approval; below-threshold actions ship a signed Decision Map per transaction.

Treasurer / CFO control

Treasury authority is delegated, not blanket. Payment-authority chains map cleanly to KYE Treasury Profile and KYE Payments Profile. Reconciliation has the chain as evidence, not a vendor log dump.

Vendor risk — verifiable

Every conformant gateway exports the same Evidence Pack format. Run the 41-fixture conformance pack against any vendor stack — pass / fail in minutes, byte-for-byte the same as the reference Gateway.

Dispute at the line item

When a counterparty disputes an agent purchase, hand them the Evidence Pack for that transaction. Verifiable offline with public keys. SME founders — not just enterprises — get this surface.

Agency-as-actor, not just regulator

A ministry authorises a programme. The programme delegates to caseworkers. Caseworkers delegate to AI assistants. Every step is a signed delegation in the chain — not a role in an LDAP group.

Maps to sovereign profiles

KYE Sovereign AI Profile, KYE Public Sector Profile, KYE Cross-Agency Delegation Profile, KYE Government API Authority Profile — the four profiles that turn agency decision flow into replayable evidence.

Cross-agency without LDAP merging

Inter-agency delegations work via the Federation Profile. Trust domains stay sovereign; chains attenuate across them. No central directory required.

Citizen-impacting decisions, replayable

For benefits / housing / healthcare / justice, the decision and the chain that authorised it are signed and replayable end-to-end. Public-sector accountability stops depending on operator cooperation.

Replayable decision

When an AI-assisted public-sector decision affects you — benefits, housing, healthcare, justice — you (or your advocate) get a signed Decision Map that anyone can replay.

Right to appeal

Appeals stop being a paper-chase through Freedom-of-Information requests. The chain itself is the record: actor · principal · capability · authority · scope · state · policy · decision · audit · evidence.

Provenance of consent

The delegation chain back to a named human or business is the basis of the action. No “the algorithm decided” ambiguity.

Equal standing

Same evidence-pack format whether the system serves a citizen of one country or another. One protocol, every public service.

Bound, not blanket

Your actions inside the workplace are bound to a named delegation, not to a broad RBAC role. You can’t accidentally over-step.

Defensibly scoped

If something goes wrong, the chain shows exactly what was authorised — and what wasn’t. You aren’t silently blamed for an action you didn’t take.

Step-up when it matters

High-risk actions hit a step-up gate: a signed approval object that becomes part of the audit chain.

Recovery without a black box

Break-glass grants are time-boxed and signed. A reset isn’t an admin clicking a button; it’s a signed contract with an expiry.

A clear surface

You know the boundary you act within: capability, scope, state, time. Outside scope = a deny before bytes move.

Defence in depth

Inside scope, the signed Decision Map is your defence: it shows you were authorised when you acted.

Composability with MCP / SDKs

KYE composes with MCP, OpenAI Agents SDK, Vercel AI SDK, LangChain, Pydantic AI — doesn’t replace them.

Quarantine, not erase

If your behaviour is flagged you can be paused (quarantine state) without losing audit history — investigation possible without prejudice.

One contract

POST /v1/runtime/authorize instead of bespoke gates per vendor. Three SDKs (TypeScript / Python / Go).

Schema-first everything

158 JSON Schemas, 193 OpenAPI ops, 126 conformance fixtures. Every entity, decision, audit event, evidence pack — canonical.

Policy questions answered

You don’t need to invent a decision shape, a reason-code dictionary, or an audit format. KYE has them.

Verifiable with public keys

Webhook verifier, evidence-pack viewer, Decision Map renderer — all ship.

Transparency by construction

Public-key-verifiable evidence packs are the record — not vendor whitepapers. A journalist, NGO, or ombudsman verifies offline; no operator cooperation required.

Corruption resistance

Every authority delegation is signed and time-boxed; revocation cascades. A “quiet” back-channel grant is detectable on the chain. Break-glass is itself a contract with an expiry.

Public-service accountability

For citizen-impacting AI decisions (benefits, housing, healthcare, justice), the Evidence Pack is the artefact a parliamentary committee or court can replay end-to-end.

Equality of access to evidence

Same evidence-pack format whether the system serves one country or another. Civil society in lower-resourced jurisdictions gets the same forensic surface as in higher-resourced ones.

2 · To the value chain

From N×M integrations to N+M.

KYE Protocol Buyer Vendor Auditor Regulator Court Civil society Merchant SI / consultancy Developer

Click a role for the before / after.

Toggle the view above. Tap any role node in the diagram to see what changes.

3 · Across the lifecycle

Eight stages. Same six primitives at every one.

KYE attaches at every stage, not just at the gate. Click a stage to see what runs.

Identity primitive

Provision

Every entity (human, business, AI agent, service, model, tool, workflow) gets a stable URN from day 0. Same identity surface across humans and machines.

4 · To safety

Eight properties that move the needle. Tap to expand.

block Pre-action enforcement Before, not after expand_more
Without
Token has scope; runtime hopes the token-bearer is who they say. Verification is post-hoc.
With KYE
Decision is checked against scope and state and policy before the action. The outcome is signed.
bolt Cascade revocation Milliseconds, not days expand_more
Without
Compromise of one credential leaks for hours or days while downstream systems re-fetch tokens or reconverge.
With KYE
One signal propagates through the trust graph; downstream grants invalidated before the next call.
pause_circle Quarantine without erase Investigate first expand_more
Without
Often binary — revoke means lose history, don’t revoke means leave the door open.
With KYE
Quarantine is a state. The entity is paused for investigation while the audit chain stays intact.
how_to_reg Step-up & human-in-loop First-class decision expand_more
Without
Each app reinvents step-up flows; approval requests are app-private state.
With KYE
First-class decision codes (require_approval, require_step_up, require_human_review). The approval request itself is a signed object in the chain.
replay Replayable accountability Public-key verifiable expand_more
Without
Vendor-side log dump; narrative reconstruction; trust the vendor’s account of what happened.
With KYE
Public-key-verifiable replay from the principal down to the action. Audit, Decision Map, Evidence Pack are all signed.
gavel Dispute resolution Burden flips expand_more
Without
The disputing party has to extract evidence from the operator. Vendor cooperation determines speed.
With KYE
Evidence Pack is the artefact, in a stable schema, signed. The chain can be verified offline by either side.
key Break-glass & recovery Contract, not button expand_more
Without
Black box: an admin clicks a button, you trust the audit log was right.
With KYE
Recovery is itself a contract: signed request → signed decision → signed proof artefact → time-boxed grant → expiry signal. Every step is on the chain.
explosion Blast radius See, then revoke expand_more
Without
“What does that compromised credential touch?” becomes an engineering investigation. Pull DAGs out of vendor docs.
With KYE
Blast Radius Map: graph of every capability, agent, payment, and decision affected — before you revoke. Pre-emit, helps operators choose the right action.
5 · Beyond record, into alignment + operational

Continuity. Discoverability.

Identity, authority, scope, state, decision, audit, evidence are what KYE records. The two newest profiles add the next layer: did the action remain aligned from intent to execution (Continuity), and can authorised teams find the chains, decisions, evidence and risk that matter (Discoverability).

KYE Continuity Profile

Authority Continuity — from intent to action, across every dimension.

  • Intent drift — agent reinterpreted the goal materially (subscription when the constraint said no subscription) → require_human_review
  • Incentive conflict — commercial / affiliate / commission optimisation conflicts with principal interest → deny
  • Pressure signal — principal under urgency / coercion / social engineering → require_reconfirmation
  • Oversight chain integrity — required human-in-the-loop missed → quarantine + signal on KYE Signal Bus
  • Replayable proof — signed Continuity Evidence Pack binds intent + interpretation + authority + state + decision + execution into one bundle

Continuity Profile

KYE Discoverability Profile

Make delegated agency findable — without exposing sensitive data.

  • Find every agent that can move money — one query, masked + audited, purpose-bound
  • Find authority grants expiring this week — before they go stale in production
  • Find evidence for this disputed transaction — auditor / regulator / court reach for the pack directly
  • Find blast radius for a compromised credential — before you revoke
  • Find conformant vendors / connectors / certified implementations — procurement queries the public registry

Discoverability Profile

Per-persona

Risk officer: find every agent that can move money. Spot incentive drift before it hits production. Replayable continuity proof per decision.
Auditor: discovery query → evidence pack offline-verifiable with public keys; every decision carries a continuity status + score.
CISO / security admin: stale-authority + over-permissioning detection; blast-radius discovery; oversight-chain integrity alerts.
Procurement: certification registry + connector hub queries; KYE Conformant / KYE Certified filters.
Builder: find profiles, connectors, apps, plugins matching your sector. Run continuity-check fixtures locally.

In one line.

KYE turns “an AI agent acted” into a signed, replayable, end-to-end record — one the right people see in time, and one the wrong actions don’t get to take.

groups By role → apartment By sector → science Try in your browser →

Ready to see your AI agents flagged?

Start in shadow mode. We’ll deliver your first Evidence Pack in 4–8 weeks.

rocket_launch Apply for pilot → science Try the sandbox →