The cryptographic infrastructure, AI systems, provisional patents, and API architecture that make GAMP the SSL for AI.
GAMP is not a single system — it is six mechanisms that together constitute a trust protocol for AI. Each layer addresses a different failure mode in AI deployment trust.
Every registered AI agent receives a unique Ed25519 keypair generated fresh at registration. GAMP signs the passport payload using RFC 8785 canonical JSON serialisation — deterministic byte representation regardless of key ordering. The signature covers all passport fields. Each update stores the previous passport hash, creating a tamper-evident chain. Any field change post-signing invalidates verification.
A VEP is a structured, signed, tamper-evident object that allows third parties to independently verify a claim about a model. The evaluator signs all fields except id, verification_status, and verification_notes using their own Ed25519 private key. GAMP re-runs a five-check verification suite on submission. Verified VEPs carry 1.5× the trust score penalty of unverified assertions — proven evidence is not equal to bare claims.
The composite drift score is the primary technical differentiator. A semantic layer (Claude AI, 60% weight) analyses behavioural dimensions — tone, reasoning style, safety profile, refusal patterns, domain focus. A statistical layer (deterministic, 40% weight) computes cosine n-gram similarity, refusal rate shift, Shannon entropy change, and structural profiling. The final score is fully reproducible — a SHA-256 reproducibility hash covers all inputs and outputs.
Uploaded audit documents are analysed by AI before any human reviewer sees them. Each document receives a quality score (0–100), completeness rating, key claims extraction, red flag identification, and placeholder detection. Cross-document analysis checks consistency across training data descriptions, architecture specs, safety evaluations, and compliance documentation. Results are stored on the AuditRecord and inform the tier recommendation.
An independent AI assessment analyses all registration fields — model name, description, intended use, architecture, training data, limitations — and produces a probability-weighted industry assessment. This detects mismatches between declared and actual use case: a financial advice model declaring "general productivity" to avoid the higher audit requirements of financial services. Triggered regulatory frameworks are identified automatically.
One script tag embedded on any site makes a live call to GAMP on every page load. When a model is suspended, drift-flagged, or tier-changed, every embedded badge reflects the change within one page load — everywhere simultaneously. Outbound webhooks deliver HMAC-SHA256 signed event payloads to registered endpoints. Auto-disable after 5 consecutive failures prevents dead endpoint flooding.
Four provisional patent applications have been filed establishing priority date on the core innovations of the GAMP system. These represent the novel technical contributions that distinguish GAMP from all existing AI governance systems.
A method for computing a dynamic trust score for AI models wherein claims backed by cryptographic evidence carry a higher penalty multiplier than unverified assertions. The 1.5× verified / 0.5× unverified differential weighting tied to Ed25519 signature verification status is novel and not present in any existing AI governance or registry system.
A method for simultaneously propagating AI model trust status changes to all distributed embedded instances within one page load cycle — without requiring the embedding site to update their code. SSL certificate revocation does not propagate to all websites simultaneously. GAMP's live badge mechanism does. This distinction is novel.
The VEP architecture as a structured, signed, tamper-evident evidence object for AI model claims. The combination of RFC 8785 canonical JSON serialisation, independent evaluator Ed25519 signatures, prev_vep_hash chaining for evidence versioning, and integration with differential trust scoring is novel as a combined system applied to AI model certification.
A composite AI and statistical drift detection system where detected behavioural deviation automatically updates a trust score and propagates to embedded status indicators. The 60/40 composite of semantic AI analysis and deterministic statistical fingerprinting producing a reproducible, auditable, reason-coded drift score tied to automatic enforcement is novel.
Every agent gets a unique keypair at registration. The private key is returned once and never stored by GAMP. Outputs signed with the key can be verified against the registered public key — proving they came from the genuine registered agent.
Dynamic score computed from tier base, co-signature bonuses, recent verification bonus, VEP claim penalties (weighted by verification status), drift reports, and status penalties. Suspended models score 0 regardless of tier.
Independent certifiers register their own Ed25519 keypairs. Two co-signatures auto-upgrade a model to Audited tier. The chain of trust — who certified this model, who verified the certifier — is publicly readable and cryptographically re-verified on every call.
All registrations and tier changes are publicly readable in append-only form. Modelled on certificate transparency logs in TLS. Anyone can audit the full history of any model without an account. Machine-readable revocation feed for security scanners.
15 industry codes with enforced minimum tier requirements. Healthcare requires Audited. Defence requires Accredited. Finance requires Verified. Non-compliance shown immediately on declaration. The AI classification layer detects undeclared regulated use.
Versioned key registry with configurable grace period (default 90 days). Rotate generates a new keypair, archives the old one. Existing passports remain verifiable against the old key during the grace window. Bulk re-signing via resign-all endpoint.
Multi-member organisations with four roles: owner, admin, member, auditor. Invite system with email confirmation. Organisation-level agent registration. Agents can be associated with an organisation rather than an individual account.
Standard: v=1; model=id; ts=unix; sig=base64; hash=sha256. Covers body hash integrity, timestamp freshness (5-minute window), and Ed25519 signature. API consumers can verify agent outputs inline without a separate verification call.
Full Helm chart with HSM/KMS provider selector: local PEM, AWS KMS (IRSA), HashiCorp Vault, GCP Cloud KMS. Pod anti-affinity, HPA autoscaling, cert-manager TLS, rate limiting annotations. Enterprise-ready for on-premise deployment.
Full interactive API documentation available at /docs (requires backend running). All endpoints are documented with request/response schemas, authentication requirements, and example payloads.
| Module | Method | Endpoint | Description |
|---|---|---|---|
| Auth | POST | /auth/register | Register account — sends welcome email |
| Auth | POST | /auth/login | Login — returns JWT token |
| Auth | POST | /auth/forgot-password | Send password reset email |
| Models | POST | /models/register | Register AI agent — issues Ed25519 keypair and passport |
| Models | GET | /models/{id}/verify | Verify passport signature — public, no auth |
| Models | GET | /models/{id}/badge.svg | Live SVG badge — reflects real-time trust status |
| VEP | POST | /vep/submit | Submit Verifiable Evidence Packet with evaluator signature |
| VEP | POST | /vep/{id}/verify | Admin re-verification or manual override |
| Semantic | POST | /semantic/models/{id}/set-baseline | Build semantic behavioural fingerprint |
| Semantic | POST | /semantic/models/{id}/check | Run composite drift detection — semantic + statistical |
| Semantic | POST | /semantic/models/{id}/verify-public | Public trustless verification — no account required |
| AI Audit | POST | /ai-audit/models/{id}/run-full-analysis | Full AI analysis of all uploaded documents |
| AI Audit | POST | /ai-audit/models/{id}/classify-industry | AI industry classification and mismatch detection |
| Transparency | GET | /transparency/feed | Append-only public audit feed — no auth |
| Transparency | GET | /transparency/revoked | Machine-readable revocation feed for scanners |
| Webhooks | POST | /webhooks | Register HMAC-signed webhook endpoint |
| Webhooks | POST | /webhooks/{id}/test | Send test ping to verify endpoint reachability |
| Registry | GET | /registry/search | Search registered agents — public, filterable |
| Keys | POST | /keys/rotate | Rotate master keypair with configurable grace period |
| Certifiers | POST | /certifiers/cosign | Co-sign passport — triggers tier upgrade at 2 signatures |
Showing 20 of 107 endpoints. Full documentation at /docs while backend is running, or at gampid.co.za/docs on production.