Skip to main content
A trust decision reached over several pieces of evidence needs a record a verifier can pin: which references were assessed, in what order, and what the verdict was. Passed around as plain fields, the assessed set can be reordered or quietly trimmed, and a stale reference gives no signal. Composite Trust Query (lite) closes that gap. It content-addresses a categorical trust verdict over an ordered set of pinned references into a deterministic, recomputable trust_query_ref. Crucially, the subject_refs it assesses can be exactly the references the open decision chain produced (passport_ref, mandate_ref, policy_bound_ref, guardrail_ref), so the verdict caps the open lifecycle: one recomputable answer over the whole chain. It is strictly additive over the frozen Layer 1: no new cryptographic primitive, the same RFC 8785 JCS + SHA-256.
Apache-2.0 open source. Install via pip install algovoi-composite-trust-query-lite or npm install @algovoi/composite-trust-query-lite. Python and TypeScript are byte-for-byte identical on the same input. This is the lite tier: it content-addresses the binding only. The scoring and verification that produce the verdict stay commercial; the commercial Composite Trust Query walks the audit chain and issues a Falcon-1024 post-quantum signed verdict.

How it works

One reference, computed with RFC 8785 JCS canonicalisation and SHA-256: 
trust_query_ref = "sha256:" + SHA-256(JCS({ subject_refs, trust_outcome }))
  • subject_refs is the ordered list of references the verdict was reached over, each imported by hash.
  • trust_outcome is a closed enum: TRUSTED, PROVISIONAL, INSUFFICIENT_EVIDENCE, UNTRUSTED.
Both the order and the membership of subject_refs are byte-load-bearing, as is the outcome: reorder the set, drop a reference, or change the verdict and the trust_query_ref diverges. So a verdict cannot silently drop a reference it claimed to assess, and a decision over one set does not recompute over another. An outcome outside the enum, an empty list, or an empty member is rejected, not hashed.

Use

from algovoi_composite_trust_query_lite import trust_query_ref

ref = trust_query_ref(
    subject_refs=[
        "sha256:b3594e33998af01bd1ad208172c5c1ac586daa8c75781379f034d97e50b1a9be",  # passport_ref
        "sha256:a4f8cb5ee09b29478ac1cc2f468d66e16d3d25f7a229a31d22ad521e11d04d35",  # mandate_ref
        "sha256:aaee2091799f376ee8cac802ea4920feaa4eca52950488a3e047ff82e6959a21",  # policy_bound_ref
        "sha256:2a444c629892f44fde1bd004aba9be01dd6cc7fe251eecdd545b82dca9f0bf97",  # guardrail_ref (ALLOW)
    ],
    trust_outcome="TRUSTED",
)

import { trustQueryRef } from '@algovoi/composite-trust-query-lite';

const ref = trustQueryRef(
  [
    'sha256:b3594e33998af01bd1ad208172c5c1ac586daa8c75781379f034d97e50b1a9be',
    'sha256:a4f8cb5ee09b29478ac1cc2f468d66e16d3d25f7a229a31d22ad521e11d04d35',
    'sha256:aaee2091799f376ee8cac802ea4920feaa4eca52950488a3e047ff82e6959a21',
    'sha256:2a444c629892f44fde1bd004aba9be01dd6cc7fe251eecdd545b82dca9f0bf97',
  ],
  'TRUSTED',
);

The lifecycle

Composite Trust Query (lite) caps the open decision chain. The chain is: agent identity (Agent Passport passport_ref) + spend authority (Payment Mandate mandate_ref) + policy in force (Policy Binding policy_bound_ref) recompute into one pre-payment decision (Spend Guardrail guardrail_ref), with Cancellation Receipt (lite) and Refund Receipt (lite) closing the lifecycle. A trust_query_ref whose subject_refs are those exact composed references binds a single verdict to the whole chain, proven end to end in the decision-chain keystone. With it, the open lifecycle runs identity, authority, policy, decision, cancellation, refund, and composite verdict, every reference recomputable byte-for-byte.

Lite vs commercial

Lite (this package)Composite Trust Query (commercial)
LicenceApache-2.0, openCommercial OEM
Referencecontent-addressed trust_query_refthe same, Falcon-1024 signed verdict
Scopethe binding only+ scoring, audit-chain walk, verification
Carriesordered subject set + outcome (by hash)+ evidence detail and provenance
Verifierrecompute offlinemaintained verifier

Adopters

If you build on algovoi-composite-trust-query-lite, pin ==0.1.0, anchor a canonical trust_query_ref vector hash from composite_trust_query_lite_v1, and keep the NOTICE, you qualify for a free v0 licence key for algovoi-mandate-auditor. The gate is scripts/check_v0_adoption.py (dependency + canonical hash anchor + NOTICE + version pin, returning ISSUE_V0_KEY). Apply: email chopmob@gmail.com with your import-by-hash evidence and a copy of the NOTICE.

Conformance

The composite_trust_query_lite_v1 vector set (12 vectors) is published in the public corpus, chopmob-cloud/algovoi-jcs-conformance-vectors, with Python and Node runners. It covers the positive references, verdict / order / membership divergence, invalid-enum and empty-field rejection, and the order and membership distinctness invariants. tq-001, tq-002 and tq-003 assess the full chain [passport_ref, mandate_ref, policy_bound_ref, guardrail_ref(ALLOW)], folded into the spend_decision_chain_v1 keystone (now 8/8). Python and TypeScript reproduce every value byte-for-byte.

Relationship to the open substrate

Composite Trust Query (lite) sits directly on top of the open JCS Canonicalisation Substrate and composes with the whole open chain: Agent Passport, Payment Mandate, Policy Binding, Spend Guardrail, Cancellation Receipt, Refund Receipt, and the decision-chain keystone. It uses the same RFC 8785 JCS and SHA-256 primitives, with no additional cryptographic dependencies. Additive over the frozen canonicalisation substrate, sole AlgoVoi authorship.