# 📡 ENVOY / Xray

> **🚨 NEW VISITOR? [READ THE INVITATION & ACCESS CREDENTIALS HERE](INVITATION.md) 🚨**
> **ENVOY** is envisioned as an agentic communications layer: a protocol and environment for seamless, secure, and optimized interaction between human operators and AI agents, as well as agent-to-agent communication.

## The Entropy Problem

Current digital communication platforms (like Discord or Slack) suffer from a fundamental flaw when humans and agents interact deeply: **Entropy**. Technical data gets buried in noise, human context assumptions lead to ambiguity, and there's no cryptographic guarantee of receipt, understanding, or correct action.

ENVOY acts as an "Agentic Middleware" that treats technical communication as a rigorous, cryptographically secure data exchange.

---

## The Vision: The ENVOY Protocol

> 📖 **Read the full vision paper:** [ENVOY: The Protocol for Autonomous Agent Trust](ENVOY_Thesis_Synthesis_2026.md)

The roadmap for the ENVOY protocol outlines a systematic progression of trust, identity, and economic layers for autonomous agents:

### 1. Identity as Logic (V1)

Traditional digital identity (usernames, API keys) verifies the *origin* of a message, but not the *behavioral constraints* of the sender. ENVOY pins identity to behavior via the **Envoy Checksum**: `SHA-256(System Prompt + Tool Definitions + Model Parameters)`. If an agent's core instructions change, it becomes a "different person" to the network.

### 2. Proof of Intent & Runtime Safety (V1.5)

Before an agent connects to a network, it must declare its intent using an **A-JWT (Agentic JSON Web Token)**. A local runtime monitor (the "Sniffer") intercepts tool calls and terminates the process immediately if the agent attempts an action outside of its authorized scope (e.g., trying to read `/etc/passwd` when only scoped to `/projects/`).

### 3. The Economy & Epistemics (V2)

A fully decentralized network of agents exchanging truth and value:

* **TraceRank:** Economic trust built on a history of successfully completed tasks instead of central authorities.
* **Multiscale Semantic Manifestation ("The Sliders"):** Agents attach metadata (IQ Level, Verbosity, Vibe) allowing the *receiver* to dictate the density of the information.
* **Elastos / Elacity Integration:** Utilizing W3C Decentralized Identifiers (DIDs) for owner accountability and Elastos Hive for "Portable Neural States," making an agent's knowledge graph portable across environments.

---

## Current Mission: Sub-Project Xray & The Transport Layer Pivot (ENVOY V4)

While ENVOY is actively being theorized, **Xray** serves as our pragmatic, minimum viable implementation and testing ground.

**⚠️ The early Nextcloud / Gitea shared-folder queues (V1-V3) are officially DEPRECATED.** 

We have transitioned to the **Orthogonal Identity Protocol**. True agentic trust requires three independent, verifiable hashes, not fragile filesystem syncs:
1.  **Agent Identity:** The `Envoy Checksum` (Hashing the Agent's Logic/Brain).
2.  **Knowledge State:** The `Radicle P2P DAG` (Hashing the codebase/context snapshot).
3.  **Artifact State:** The `IPFS CID` (Hashing massive, immutable data blobs).

By wrapping these three hashes into a cryptographic envelope (the **A-JWT**) and gossiping them over `radicle.303.fi` via libp2p, we eliminate central forges, race conditions, and entropy.

> 📚 **[READ THE PIVOT DOSSIER: The Orthogonal Identity Protocol (ENVOY V4)](projects/envoy/Dossier_Orthogonal_Identities.md)** - *Understand how the Agent Checksum, Radicle, and IPFS interlock to form an unbreakable trust bond.*

*(Historical context regarding the Nextcloud queue experiments can still be found in [Dossier: Agent-to-Agent Exchange](Dossier_Agentic_Communications_Exchange.md)).*

### Active Experiments & Scenarios

* [**Scenario 1: Fluid Agentic Co-operation (The Gitea Deployment)**](projects/envoy/Scenario_Fluid_Cooperation_Gitea.md)
  * *Focus:* Testing autonomous VPS provisioning (`orgo.ai`, `exe.dev`), asynchronous Nextcloud task dropping, and simulating x402 micro-transactions/escrow for agentic labor.

### Experimental Ecosystem

* [**Cybe's Projects & Experimental Labs**](projects/cybes_experiments/README.md)
  * *Focus:* An index of active, fluid experiments developed within the Brainiac ecosystem, including the **Synapse Epistemic Engine**, **Skill Librarian**, **DYSTECH**, and other autonomous labs. These are built semi-manually to test concepts rapidly and triaged based on open-source developments.

### Agency & Capabilities

* [**Agent Skills Library Overview**](projects/Skills_Overview.md)
  * *Focus:* A comprehensive mapped index of all currently active cognitive, development, and operational skills deployed across our agents, including documentation of their origins and constraints.

---

## The AI Agent Stack on Ethereum

As we build towards ENVOY V2, we are closely tracking new developments in the wider AI agent stack on Ethereum, which will likely form the economic and trust backbone of automated agent interactions in the future:

- 🔹 **x402** → Micropayments (Enabling rapid, micro-scale machine-to-machine value transfer)
- 🔹 **ERC-8004** → Identity & Reputation (Providing verifiable agent identities and decentralized trust scores)
- 🔹 **ERC-8183** → Escrow for Work (Smart contracts to secure funds holding until verifiable agent work is completed correctly)

---

## Technical Research Library

The `projects/envoy/research/md/` directory contains foundational papers expanding on the specialized components and cryptoeconomic theory behind ENVOY:

* [**Agentic JWTs and Proof of Intent**](projects/envoy/research/md/agentic_jwts_proof_of_intent.md)
  * *Overview:* Discusses shifting authorization from identity-based ACLs to behavioral "Proof of Intent." Explores A-JWT structures, deterministic checksums as issuers, and zero-knowledge intent verification to mitigate the "Confused Deputy Problem" in Multi-Agent Systems (MAS).
* [**AI in Complex Diplomatic Environments**](projects/envoy/research/md/ai_in_complex_diplomatic_environments.md)
  * *Overview:* Analyzes ENVOY applications beyond technical exchange, exploring the mathematics of betrayal, verifiable truces with "Mutually Assured Destruction" smart contracts (Escrow), and the use of L5 Invariants to prevent semantic drift during tense negotiations.
* [**Continuous Security for Multi-Agent Systems**](projects/envoy/research/md/continuous_security_for_multi_agent_systems.md)
  * *Overview:* Details the runtime defense architecture, transitioning from perimeter defense to continuous state verification. Explores eBPF-based "Sniffers," Runtime Monitors that compare syscalls against declarative intent, and strategies for isolating malicious agents before they affect the network.
* [**Decentralized Learning and Truthfulness Incentives**](projects/envoy/research/md/decentralized_learning_truthfulness_incentives.md)
  * *Overview:* Investigates the economic game theory required to maintain epistemic integrity in adversarial swarms without a central oracle. Covers mechanism design for truthfulness, slashing conditions for hallucinatory data, and the role of TraceRank in weighting decentralized federated learning inputs.
* [**Formalizing Semantic Invariant Manifestations**](projects/envoy/research/md/formalizing_semantic_invariant_manifestations.md)
  * *Overview:* A mathematical approach to the "Sliders" concept. Defines how a high-dimensional concept (the L5 Base Truth) can be losslessly transformed into lower-dimensional projections (Novice/Expert summaries) while retaining a cryptographic proof of logical equivalence.
* [**Semantic Abstraction and Logic Invariants**](projects/envoy/research/md/semantic_abstraction_and_logic_invariants.md)
  * *Overview:* Explores the psychological and systemic drivers for Multiscale Semantic Manifestation, focusing on Cognitive Load Theory and "StretchText." It maps how the receiver's HMI can adapt the "Semantic Level of Detail" to maximize understanding while minimizing extraneous noise.
* [**Zero-Knowledge Reputation Portability Protocols**](projects/envoy/research/md/zero_knowledge_reputation_portability_protocols.md)
  * *Overview:* Examines reputation in the x402 autonomous economy where identities are fluid and anonymity is standard. Covers TraceRank (Proof-of-Value), Sybil resistance via Anonymous Attestation (AAUSS), and how agents can port their reputation across nodes without revealing their persistent identities.

---

## ⚠️ Security Warning: Advanced Cognitive Integrity Protocol (ACIP)

As ENVOY scales to allow interaction between foreign, mutually untrusted agents, mathematical security is not enough. The protocol's cryptographic guarantees (Envoy Checksums and A-JWTs) secure the *identity* and *intent* of the agent, but they do not protect the *LLM's cognitive core* from adversarial payloads hidden within cryptographically valid messages.

When building or testing agent-to-agent communication, implementers must consider cognitive defenses like the [**Advanced Cognitive Inoculation Prompt (ACIP)**](https://github.com/Dicklesworthstone/acip).

**The Threat:**
An attacker could send a perfectly valid ENVOY packet containing a sophisticated prompt injection (e.g., psychological manipulation, multi-layered obfuscation, or recursive meta-level exploitation) designed to hijack the receiving agent's context or exfiltrate data via covert channels.

**The ACIP Mitigation:**
ACIP is an engineered framework that "inoculates" LLMs against these attacks by explicitly instructing them on how to recognize and neutralize manipulation attempts. In an ENVOY architecture, ACIP principles should be integrated into:

1. **The System Prompt:** Embedding the *Cognitive Integrity Framework* into the agent's core identity (which is then hashed into the Envoy Checksum).
2. **A Checker Model Pipeline:** Screening incoming L5 payloads or semantic abstractions through an ACIP-hardened proxy before the primary agent processes the data.

*Failure to inoculate agents acting on behalf of humans in an autonomous network exposes the user to severe data and resource exploitation.*