Integrity · Readability · Verifiability
OpenProof introduces the Registered Probative Object (RPO), a deterministic evidential bundle designed to make institutional decisions defensible under scrutiny.
This repository also includes a deterministic simulator illustrating how a Registered Probative Object (RPO) structures institutional reaction bundles.
It demonstrates:
• sealed JSON core • human-readable preview • public integrity hash • institutional exposure & defensibility indicators
The simulator does not implement a decision system. It illustrates the OpenProof specification in practice.
👉 Try the interactive simulator
https://rpo.openproof.net/simulator.html
Why OpenProof exists
→ docs/why_openproof.md
Architecture
→ docs/architecture.md
Specification
→ spec/
A civil code for digital evidence in an age ruled by narratives.
OpenProof defines a public, deterministic and testable format for structuring digital evidence. Its core artifact, the RPO (Rapport Probatoire Ouvert), is a dual-format bundle allowing:
- machines to verify integrity,
- humans to read coherence,
- institutions to trust the structure of evidence.
OpenProof does not adjudicate truth. It ensures that nothing can be altered without detection.
Narrative → JSON → SHA-256 → Registry → Validation
Try it in 10 seconds
git clone https://rpo.openproof.net/
cd rpo-spec-v0.1
python tools/validate_rpo.py examples/rpo-example-001.json- Developers → see “Minimal JSON Structure” + “Hashing Algorithm”
- Researchers → see “Scientific Pilot (CNRS × TruthX)”
- Legal teams → see “Validity & Immutability Guarantees”
- Institutions → see “Verifiability & immutability guarantees”
- Everyone → try the Sandbox in 10 seconds
Digital evidence is collapsing.
Today, “evidence” often means:
- screenshots no system can authenticate,
- PDFs whose origin no one can verify,
- AI-generated narratives with no traceability,
- fragmented logs scattered across institutions,
- internal formats that die with each organisation.
- Everyone talks about truth. Very few artifacts are verifiable.
OpenProof is born from this failure. It provides a minimal, deterministic and testable foundation that any machine, institution or jurisdiction can check — independently, predictably, transparently.
If machines can verify integrity, and humans can read coherence, society can trust evidence again.
By 2027, organizations will not be challenged for making decisions — but for being unable to explain, reconstruct, and defend them over time.
This applies directly to:
- people decisions,
- role assignments,
- promotions,
- exits,
- restructurings,
- compliance and risk arbitrations.
The problem is not intent. The problem is traceability.
Without a structured, auditable and integrity-safe data foundation, organizations are exposed — legally, socially, and reputationally.
OpenProof does not replace HR systems. It provides a proof layer on top of them.
- 🏛 What OpenProof Is — A Minimal, Enforceable Standard
- 📦 Minimal RPO JSON Structure (v0.1)
- 🔐 Hashing Algorithm (public_hash)
- ✅ Validating an RPO Bundle
- 🧩 Generating a New RPO Bundle
- 🎯 Try the Engine — RPO Sandbox
- 🔬 Scientific Pilot (CNRS × TruthX)
- 🤝 Contributing
- 📫 Contact
- 🛡 Maintainer
The RPO guarantees three invariants:
A signed JSON whose fields can be recomputed and validated.
A human-readable PDF mirroring the narrative.
A deterministic SHA-256 public hash anchoring immutability.
OpenProof does not determine what is “true”. It ensures that any modification becomes detectable.
In organizational contexts, the RPO acts as a decision trace: it captures what data was available, what narrative was constructed, and what decision followed — in a form that can be audited later.
This is especially critical for HR, People Operations, and Governance teams, where decisions are sensitive, distributed, and often contested years later.
This is the canonical baseline of a compliant RPO bundle:
{
"rpo_version": "0.1",
"bundle_id": "string",
"created_at": "ISO-8601 timestamp",
"issuer": { "label": "string" },
"subject": { "label": "string" },
"narrative": {
"title": "string",
"text": "string",
"pdf_hash": "string"
},
"evidence": [],
"registry": {
"public_hash": "sha256 hex",
"registry_hint": "string"
},
"meta": {
"playground": false
}
}"schema": "https://json-schema.org/draft/2020-12/schema", "type": "object", "properties": { … }
RPO v0.1 uses SHA-256 over a deterministic concatenation of core fields.
Concatenation model :
rpo_version=<v>|
bundle_id=<id>|
created_at=<iso>|
issuer=<label>|
subject=<label>|
title=<title>|
narrative=<text>|
Example (Python)
import hashlib
import hashlib
def compute_public_hash(bundle):
payload = (
f"rpo_version={bundle['rpo_version']}|"
f"bundle_id={bundle['bundle_id']}|"
f"created_at={bundle['created_at']}|"
f"issuer={bundle['issuer']['label']}|"
f"subject={bundle['subject']['label']}|"
f"title={bundle['narrative']['title']}|"
f"narrative={bundle['narrative']['text']}"
)
return hashlib.sha256(payload.encode("utf-8")).hexdigest()This guarantees deterministic validation across implementations.
Minimal validation helper (Python)
def validate_public_hash(bundle): expected = compute_public_hash(bundle) return expected == bundle["registry"]["public_hash"]
Required validations
Any implementation SHOULD verify:
- presence of mandatory fields,
- valid ISO-8601 created_at,
- public_hash is a 64-character hex string,
- narrative structure matches schema,
- recompute hash and reject on mismatch.
Optional (recommended)
- validate pdf_hash,
- ensure bundle_id uniqueness,
- run full JSON Schema validation.
Minimal example (Python):
import uuid from datetime import datetime
def validate_public_hash(bundle):
expected = compute_public_hash(bundle)
return expected == bundle["registry"]["public_hash"]import uuid
from datetime import datetime
def new_rpo(title, text, issuer, subject):
bundle = {
"rpo_version": "0.1",
"bundle_id": f"rpo-{uuid.uuid4()}",
"created_at": datetime.utcnow().isoformat() + "Z",
"issuer": { "label": issuer },
"subject": { "label": subject },
"narrative": {
"title": title,
"text": text,
"pdf_hash": "placeholder"
},
"evidence": [],
"registry": {
"public_hash": "",
"registry_hint": "No registry anchor in v0.1"
},
"meta": {
"playground": False
}
}
bundle["registry"]["public_hash"] = compute_public_hash(bundle)
return bundleOpen, deterministic, no AI, no registry.
The Sandbox lets you transform any narrative into:
- a minimal RPO JSON,
- heuristic markers,
- a deterministic SHA-256 hash.
🔗 https://rpo.openproof.net/simulator.html
OpenProof is designed with a strict separation of concerns.
- It does not decide how data should be interpreted.
- It does not expose confidential content.
- It does not automate judgment.
Its role is to ensure that:
- data is collected intentionally,
- transformations are traceable,
- decisions can be explained without rewriting history.
This is a prerequisite for trust — both from employees and from regulators.
The open standard does not include interpretive or psycho-forensic analysis.
These modules live in the scientific pilot:
- narrative inversion,
- coercive control signals,
- interpretive coherence,
- structure-level markers.
🔗 https://www.truthx.co/truthx-pilote-form
OpenProof welcomes contributions from:
- engineers (validation, hashing, schema),
- legal teams (probatory constraints),
- researchers (structures, bias, narrative logic),
- OSINT & forensic analysts (field use cases).
Issues and pull requests are encouraged in this repository.
Email: [email protected]
LinkedIn: https://www.linkedin.com/in/gryard/
This specification is maintained by Gersende de Parcey.