Skip to main content
IETF Internet-Draft · draft-condrey-rats-pop

The Open Standard for Authorship Verification

Record the act of writing. Capture the effort, the revisions, the paste attestations. That behavioral record is the proof.

CPoE is a cryptographic protocol that records how text was written — not just what was written. An IETF Internet-Draft hosted by Linux Foundation Decentralized Trust Labs and protected by a pending patent application.

The Problem

Why a Protocol?

AI-generated text is now indistinguishable from human writing. Existing approaches to this problem are fundamentally flawed.

AI detection is a dead end

  • AI detectors produce false positives that harm real writers
  • Detection accuracy degrades with each new model generation
  • Paraphrasing tools trivially evade statistical classifiers
  • No detector can prove authorship — only guess at it
  • Watermarking requires cooperation from AI providers

CPoE records the effort

  • Records HOW text was written — keystroke timing, revision depth, cognitive pauses
  • Eight-signal cognitive classifier distinguishes original thought from transcription
  • Spoofing detection via cross-signal consistency (faking one signal exposes the others)
  • VDF proofs + HMAC chain + hardware co-signatures guarantee temporal integrity
  • ENFSI-compliant forensic reports with exhibit labeling for legal proceedings
  • Works offline — all analysis runs locally, no third-party dependency required

AI detection asks: “Does this text look AI-generated?”CPoE answers: “Here is cryptographic evidence that a human wrote it.”

Protocol Flow

How It Works

From the first keystroke to a verifiable evidence packet. Each stage is independently auditable.

STAGE 1
Capture
Keystroke Events
STAGE 2
Analyze
Cognitive Classification
STAGE 3
Checkpoint
VDF + HMAC Chain
STAGE 4
Chain
Merkle Root
STAGE 5
Sign & Seal
CBOR + COSE
Output: WritersProof Evidence Packet
Self-contained, verifiable, portable · CBOR-encoded · COSE-signed
View Full Specification

Verifiable Delay Functions

Each checkpoint includes a Sequential Work Function proof — a computation that provably took real wall-clock time. This prevents batch-fabrication of evidence: you cannot produce a 2-hour writing session in 2 seconds.

Merkle Tree Chaining

Checkpoints are chained using an append-only Merkle tree (Merkle Mountain Range). Each node commits to all previous nodes, so removing or modifying any checkpoint invalidates the entire chain.

Ed25519 Signatures

All evidence packets are signed using Ed25519 (RFC 8032) via the COSE signing envelope. Keys can be software-generated (T1) or hardware-backed by Secure Enclave / TPM (T2+).

Behavioral Biometrics

Inter-key timing, pause patterns, revision behavior, and editing cadence form a behavioral fingerprint. This data is hashed into checkpoints — the raw biometrics never leave the device.

WPM Miscalibration

AI simulations notoriously fail at pacing. They are Velocity-Aggressive, typing at superhuman speeds (d=-10 to -38), establishing hyper-velocity as a distinct, mathematical AI 'tell'.

Cognitive Layer

Eight-Signal Cognitive Classification

Beyond timestamping and hashing, WritersProof analyzes the cognitive signature of writing. Eight independent classifiers operate across three layers — temporal, content, and structural — to distinguish original thought from transcription. Faking all signals consistently is exponentially harder than faking any one.

Sentence Initiation Delay

SID Ratio

Cognitive writers pause 8-30x longer before new sentences (thinking). Transcribers pause 2-4x (reading next line).

IKI Distribution Modality

Peak Count + CV

Original composition produces multi-modal timing (fast motor bursts + medium flow + long thinking). Transcription is unimodal.

Bigram Fluency Differential

Speed Ratio

Cognitive writers type common letter pairs (th, he, in) much faster than rare ones. Transcribers show uniform speed.

Lexical Retrieval Delay

Pearson r

Pre-word pause correlates with word frequency for cognitive writers (rare words = longer pauses). No correlation for transcribers.

Revision Topology

Non-Append Ratio

Cognitive writers produce non-linear edit streams with multi-character deletions. Transcribers produce near-pure append streams.

Error Fingerprinting

Semantic Ratio

Cognitive corrections are semantic (wrong word, restructuring). Transcription corrections are visual (similar characters, skipped words).

Spoofing Detection

Disagreement Score

Cross-signal consistency check. Faking one signal (e.g., artificial pauses) without matching others exposes the deception.

Personal Baseline

Z-Score Deviation

Deviation from the writer's own historical cognitive profile. Detects imposters even when population norms are matched.

Combined verdict: Signals are weighted by confidence and combined into a single cognitive score (0-100) with an ENFSI-compliant likelihood ratio. The resulting forensic report includes exhibit-labeled evidence sections suitable for legal proceedings.

Wire Format

Evidence Architecture

Evidence packets use CBOR (RFC 8949) for compact binary serialization and COSE (RFC 9052) for standardized signing.

WritersProof Evidence Packet Structure

// COSE_Sign1 envelope (RFC 9052)
COSE_Sign1 {
protected: {
alg: EdDSA,
content_type: "application/writersproof+cbor"
},
payload: // CBOR Tag WritersProof
WritersProof_Evidence {
version: 1,
session_id: h'...',
device_id: h'...',
tier: 3,
checkpoints: [
Checkpoint {
index: 0,
timestamp: 1(1709510400),
content_hash: h'...',
swf_proof: h'...',
merkle_root: h'...',
keystroke_digest: h'...'
},
...
],
attestation: // hardware attestation (T2+)
Attestation {
platform: "apple-secure-enclave",
key_fingerprint: h'...',
attestation_cert: h'...'
}
}
signature: h'...'
}
WritersProof
IANA CBOR Tag

Evidence Packet

The primary evidence container. Holds the checkpoint chain, behavioral digests, SWF proofs, and optional hardware attestation. Self-contained and independently verifiable.

CWAR
IANA CBOR Tag

Attestation Result

The verification output. Produced by a verifier after validating a WritersProof packet. Contains the verified tier level, trust chain status, and any policy evaluation results.

Graduated Trust

Evidence Tiers

Four levels of evidence strength. Each tier builds on the previous, adding stronger cryptographic guarantees and higher forgery costs.

T1: Software

Timestamps + Hashes

Proves

A writing process occurred on a specific device at a claimed time.

Use When

Personal records, informal proof of authorship.

  • SHA-256 content hashing
  • Software-generated timestamps
  • Checkpoint chain with Merkle roots
  • Self-signed evidence packets

T2: Attested Software

Hardware Key Exists

Proves

A hardware-backed signing key exists on the device, binding evidence to physical hardware.

Use When

Academic submissions, professional writing, content marketplaces.

  • All T1 guarantees
  • Hardware-backed key generation
  • Key existence attestation
  • Device-bound identity
Recommended

T3: Hardware-Bound

Secure Enclave / TPM

Proves

The signing key is protected by verified hardware (Secure Enclave, TPM). Attestation chain verified by third party.

Use When

Legal proceedings, insurance claims, regulatory compliance.

  • All T2 guarantees
  • Platform attestation verification
  • Secure Enclave / TPM binding
  • Third-party attestation validation

T4: Hardware-Hardened

Platform Integrity

Proves

Full platform integrity verified — secure boot chain, no tampering with OS or capture software.

Use When

High-stakes litigation, government contracts, forensic evidence.

  • All T3 guarantees
  • Secure boot chain verification
  • Runtime integrity measurement
  • Full platform attestation
Content Provenance

C2PA Integration

WritersLogic is an active contributor to the C2PA core specification, working on external assertions, hashed URI support for process evidence, HTML manifest embedding, and structured text embedding for C2PA manifests. CPoE evidence packets integrate natively with C2PA content credentials.

External Reference Pattern

C2PA Manifest
Content provenance
JUMBF container
CPoE Evidence
Authorship proof
CBOR/COSE packet
CWAR Result
Verification output
Attestation result

Extends C2PA to Text

C2PA covers images, video, and audio provenance. CPoE fills the gap for text content, using the same external reference mechanism already defined in the C2PA specification.

JUMBF Embedding

CPoE evidence packets can be embedded within JUMBF boxes alongside C2PA manifests, or referenced externally via URI. Both patterns are supported by the specification.

Unified Provenance

A document with a C2PA manifest and CPoE evidence provides end-to-end provenance: who created it (C2PA identity), how it was created (CPoE effort evidence), and when (timestamp anchors).

Open Governance

Standards & Governance

CPoE is developed through established open standards processes and governed by recognized institutions.

IETF RATS Working Group

The Internet-Draft draft-condrey-rats-pop is submitted to the WritersProof Protocol Remote ATtestation procedureS (RATS) Working Group for standardization.

WritersProof Protocol Datatracker

Linux Foundation Decentralized Trust

The CPoE Lab is hosted under LF Decentralized Trust Labs, providing neutral governance, community infrastructure, and long-term stewardship.

LF Lab Page

IANA Registrations

CBOR tag values for WritersProof (evidence packet) and CWAR (attestation result) are registered with IANA, ensuring global uniqueness and interoperability.

IANA CBOR Tags

Patent Notice

The CPoE protocol is protected by a pending patent application. Consistent with WritersProof Protocol policy (RFC 8179), the patent holder has committed to reasonable and non-discriminatory (RAND) licensing terms for implementations of the standard.