diff --git a/ifttt/index.html b/ifttt/index.html new file mode 100644 index 0000000..33fa847 --- /dev/null +++ b/ifttt/index.html @@ -0,0 +1,451 @@ + + + + + + IF.TTT — Open Verification for AI Governance + + + + + +
+
+ + + + IF.TTT + Traceable • Transparent • Trustworthy + + + + +
+
+ +
+
+
+
+

Open governance, readable by outsiders

+

Receipts, not vibes.

+

+ IF.TTT is a receipt‑first governance layer. It binds a source artifact to an output with a + trace page, stable no‑login links, and optional offline bundles anyone can verify. +

+ +
+
+ No‑login + Public proof surface +
+
+ Offline + Triage bundles +
+
+ Black/white + What’s verified vs what isn’t +
+
+ +
+ Try a live trace + See vertical fit +
+ +

+ We don’t claim “compliance”. We support audits by producing verifiable receipts that third parties can check without your + credentials. +

+
+ + +
+
+ +
+
+

How It Works (receipt‑first)

+

+ This is the sequence third‑party reviewers actually care about. Every step either produces a receipt, or it doesn’t ship. +

+ +
    +
  1. +
    1
    +
    +
    Capture the source bytes
    +
    We hash the exact artifact (PDF/MD/etc) to produce source_sha256.
    +
    +
    2. +
  2. +
    2
    +
    +
    Produce the output bytes
    +
    We hash the final output to produce output_sha256 (what the reader sees).
    +
    +
    3. +
  3. +
    3
    +
    +
    Bind source ↔ output in a trace
    +
    We create trace_id and publish a trace receipt that links hashes, time, and versioning.
    +
    +
    4. +
  4. +
    4
    +
    +
    Publish a no‑login proof surface
    +
    Stable URLs keyed by an unguessable shareId (trace, dossier, pack, source).
    +
    +
    5. +
  5. +
    5
    +
    +
    Optional: publish offline bundles
    +
    + For constrained environments, export triage bundles (lightweight/standard/full) verifiable without network access. +
    +
    +
    6. +
+
+
+ +
+
+

Third‑Party Trust Requirements (what outsiders demand)

+

This is the “procurement/audit” checklist, stated plainly.

+ +
+
+

Typical third‑party questions

+
    +
  • “Can I verify the output came from this source?”
    • +
  • “Can I verify without your login, VPN, or internal tools?”
    • +
  • “Can I verify later, offline, after a dispute?”
    • +
  • “What does the receipt prove, and what does it not prove?”
    • +
  • “If the evidence is missing, is that visible?”
    • +
+
+ +
+

IF.TTT answers (black/white)

+
+
+
Proves
+
Integrity binding (hashes), publication receipts, optional signatures, offline verification artifacts.
+
+
+
Does not prove
+
+ Intent, interpretation, or “compliance”. It gives evidence; your process decides what that evidence means. +
+
+
+
Default stance
+
If it’s not verifiable, label it as a gap (do not endorse it).
+
+
+
+
+
+
+ +
+
+

Open Verification (try it yourself)

+

Use the same path your auditors and external reviewers will use.

+ +
+
+

Live example (trace + bundles)

+
+ + Example trace page + https://infrafabric.io/static/trace/6qRgcR01kw_qNo63Dbs_ob9n + + + Triage bundle selector (lightweight/standard/full) + https://infrafabric.io/static/hosted/review/trace-bundles/d70ed99a/index.html + + + Offline verifier (HTML view) + https://infrafabric.io/static/hosted/iftrace.html + + + Offline verifier (download) + https://infrafabric.io/static/hosted/iftrace.py + +
+ +
+ Public receipt URLs (no-login) +

+ Every published output gets a stable share surface keyed by a single shareId. +

+ 
https://infrafabric.io/static/trace/<shareId>
+https://infrafabric.io/static/dossier/<shareId>
+https://infrafabric.io/static/dossier/<shareId>/download
+https://infrafabric.io/static/pack/<shareId>.md
+https://infrafabric.io/static/review/<shareId>.md
+https://infrafabric.io/static/marketing/<shareId>.md
+https://infrafabric.io/static/source/<source_sha256>.pdf
+

+ HTML views exist for sandboxes that load text/html but reject downloads: + /static/pack/<shareId>, /static/review/<shareId>, /static/marketing/<shareId>. +

+
+ +

+ Note: some constrained “web fetchers” reject downloadable binaries (e.g., .tar.gz) while still loading HTML. That’s why + HTML views exist for packs and indexes. +

+
+ +
+

CLI verification (2 minutes)

+

Download a bundle from the selector, then:

+ 
curl -fsSL -o iftrace.py 'https://infrafabric.io/static/hosted/iftrace.py'
+python3 iftrace.py verify trace_bundle_<id>_standard.tar.gz --expected-sha256 <sha256>
+

+ VERIFIED means the hashes match what the receipt declares. QUANTUM READY may be shown when a + post‑quantum signature receipt exists (PQ verification is additive; hash verification still stands). +

+
+
+
+
+ +
+
+

Vertical Fit (what each buyer is actually looking for)

+

Same mechanism, different third‑party pressure.

+ +
+
+ +

B2B SaaS (SOC 2 / ISO)

+

Third party

+

Auditors + enterprise procurement

+

They want

+

Evidence that controls existed at the right time, in the right scope, with receipts.

+

IF.TTT helps by

+

Publishing no‑login receipts and offline bundles for disputes and audits.

+
+ +
+ +

Fintech / Regulated Finance

+

Third party

+

Regulators + model risk + internal audit

+

They want

+

Non‑repudiation, dispute workflows, and “show your work” provenance.

+

IF.TTT helps by

+

Binding outputs to sources and creating a defensible, replayable receipt trail.

+
+ +
+ +

Healthcare

+

Third party

+

Compliance + vendors + incident reviewers

+

They want

+

Clear boundaries: what’s verified, what’s inferred, and what must be reviewed by humans.

+

IF.TTT helps by

+

Making evidence legible to outsiders while preserving strict, machine‑verifiable receipts.

+
+ +
+ +

Gov / Defense Contractors

+

Third party

+

Assessors + customers + supply‑chain review

+

They want

+

Offline‑verifiable bundles and unambiguous chain‑of‑custody.

+

IF.TTT helps by

+

Providing triage bundles that can be verified without trusted network access.

+
+ +
+ +

AI Product Companies

+

Third party

+

Enterprise buyers + incident responders

+

They want

+

Provable provenance for outputs (“why did it say that?”) without internal access.

+

IF.TTT helps by

+

Making trace receipts shareable, replayable, and dispute‑friendly.

+
+ +
+ +

SecOps / SOC

+

Third party

+

Executives + auditors after an incident

+

They want

+

To verify AI summaries against raw evidence and keep chain‑of‑custody intact.

+

IF.TTT helps by

+

Binding “what the system said” to “what the system saw” via receipts and bundles.

+
+ +
+ +

Industrial / Supply Chain

+

Third party

+

Customers + auditors + insurers

+

They want

+

Proof of change control and traceability that survives contractor handoffs.

+

IF.TTT helps by

+

Standardizing receipts so handoffs remain verifiable across organizational boundaries.

+
+
+
+
+ +
+
+

FAQ

+ +
+
+ What is “VERIFIED”? +

+ “VERIFIED” means the hashes on the trace page match the output/source that can be downloaded and hashed independently. It is an + integrity receipt: the bytes match what the trace declares. +

+
+ +
+ What is “QUANTUM READY”? +

+ “QUANTUM READY” is shown when a post‑quantum signature receipt exists for the trace. It means PQ receipts are present now (for future + audit requirements). PQ verification is additive; the hash receipt remains valid either way. +

+
+ +
+ Do you guarantee compliance? +

+ No. IF.TTT produces verifiable artifacts that can support audits and disputes. Compliance is a broader program: scope, policy, human + review, and governance decisions are still required. +

+
+ +
+ What’s the difference between shareId and trace_id? +

+ shareId is the public handle used in URLs. trace_id is the chain‑of‑custody UUID recorded in receipts and + bundles. +

+
+
+ +
+
+
Docs
+
+ IF.TTT paper update (review pack) +
+
+
+
Contact
+
trace@infrafabric.io
+
+
+
+
+
+ + + + diff --git a/ifttt/style.css b/ifttt/style.css new file mode 100644 index 0000000..de7b165 --- /dev/null +++ b/ifttt/style.css @@ -0,0 +1,627 @@ +:root { + --bg: #fffdf7; + --bg-alt: #fff9e6; + --panel: #ffffff; + --text: #111827; + --muted: #6b7280; + --border: #e5e7eb; + --link: #1d4ed8; + --accent: #8b0000; + --ok: #0f5132; + --ok-bg: #e7f6ee; + --shadow: 0 1px 0 rgba(0, 0, 0, 0.03); + --radius: 14px; +} + +* { + box-sizing: border-box; +} + +html { + scroll-behavior: smooth; +} + +body { + margin: 0; + font-family: ui-sans-serif, system-ui, -apple-system, Segoe UI, Roboto, Helvetica, Arial, "Apple Color Emoji", "Segoe UI Emoji"; + background: var(--bg); + color: var(--text); + line-height: 1.5; +} + +a { + color: var(--link); + text-decoration: none; +} + +a:hover { + text-decoration: underline; +} + +code { + font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace; + font-size: 0.92em; + background: #f3f4f6; + padding: 2px 6px; + border-radius: 8px; +} + +pre.code { + background: #0b1020; + color: #e5e7eb; + border-radius: 12px; + padding: 12px; + overflow: auto; + box-shadow: var(--shadow); + border: 1px solid rgba(255, 255, 255, 0.06); +} + +pre.code code { + background: transparent; + padding: 0; + border-radius: 0; + font-size: 12px; + line-height: 1.45; +} + +.wrap { + max-width: 1120px; + margin: 0 auto; + padding: 0 18px; +} + +.top { + position: sticky; + top: 0; + z-index: 20; + background: rgba(255, 253, 247, 0.92); + backdrop-filter: blur(10px); + border-bottom: 1px solid var(--border); +} + +.top__inner { + display: flex; + align-items: center; + justify-content: space-between; + padding: 14px 0; + gap: 14px; +} + +.brand { + display: inline-flex; + align-items: center; + gap: 12px; + min-width: 220px; +} + +.brand__mark { + width: 38px; + height: 38px; + border-radius: 12px; + border: 1px solid rgba(139, 0, 0, 0.25); + background: + radial-gradient(18px 18px at 30% 30%, rgba(139, 0, 0, 0.18), transparent 60%), + radial-gradient(18px 18px at 70% 70%, rgba(29, 78, 216, 0.10), transparent 60%), + #fff; + box-shadow: var(--shadow); +} + +.brand__text { + display: flex; + flex-direction: column; + gap: 2px; +} + +.brand__title { + font-weight: 800; + letter-spacing: 0.2px; +} + +.brand__sub { + font-size: 12px; + color: var(--muted); +} + +.nav { + display: flex; + gap: 14px; + flex-wrap: wrap; + justify-content: flex-end; + font-size: 13px; +} + +.nav a { + color: var(--muted); + padding: 6px 8px; + border-radius: 10px; +} + +.nav a:hover { + color: var(--text); + background: #ffffff; + border: 1px solid var(--border); + text-decoration: none; +} + +.hero { + padding: 34px 0 22px; + background: + radial-gradient(650px 260px at 20% 0%, rgba(139, 0, 0, 0.08), transparent 60%), + radial-gradient(700px 300px at 100% 40%, rgba(29, 78, 216, 0.06), transparent 60%), + linear-gradient(#fffdf7, #fff); +} + +.hero__grid { + display: grid; + grid-template-columns: 1.2fr 0.8fr; + gap: 22px; + align-items: start; +} + +.kicker { + font-size: 13px; + color: var(--muted); + margin: 0 0 10px; +} + +h1 { + font-size: 40px; + line-height: 1.1; + margin: 0 0 10px; + letter-spacing: -0.4px; +} + +.lede { + margin: 0 0 14px; + color: #374151; + max-width: 62ch; +} + +.pillrow { + display: grid; + grid-template-columns: repeat(3, minmax(0, 1fr)); + gap: 10px; + margin: 18px 0 16px; +} + +.pill { + border: 1px solid var(--border); + background: #ffffff; + border-radius: var(--radius); + padding: 10px 10px; + box-shadow: var(--shadow); +} + +.pill__k { + font-size: 12px; + color: var(--muted); + display: block; +} + +.pill__v { + font-size: 13px; + font-weight: 600; + margin-top: 2px; + display: block; +} + +.cta { + display: flex; + gap: 10px; + flex-wrap: wrap; + margin: 14px 0 10px; +} + +.btn { + display: inline-flex; + align-items: center; + justify-content: center; + padding: 10px 12px; + border-radius: 12px; + border: 1px solid var(--border); + background: #ffffff; + color: var(--text); + font-weight: 650; + font-size: 13px; + box-shadow: var(--shadow); + text-decoration: none; +} + +.btn:hover { + text-decoration: none; + border-color: rgba(17, 24, 39, 0.22); +} + +.btn--primary { + background: #111827; + color: #ffffff; + border-color: rgba(0, 0, 0, 0.25); +} + +.btn--primary:hover { + border-color: rgba(0, 0, 0, 0.45); +} + +.note { + font-size: 12px; + color: var(--muted); + margin: 10px 0 0; +} + +.card { + border: 1px solid var(--border); + background: #ffffff; + border-radius: 18px; + box-shadow: var(--shadow); + overflow: hidden; +} + +.card__hdr { + padding: 12px 12px; + border-bottom: 1px solid var(--border); + display: flex; + gap: 8px; + flex-wrap: wrap; + background: #f8fafc; +} + +.badge { + display: inline-flex; + align-items: center; + padding: 4px 10px; + border-radius: 999px; + border: 1px solid var(--border); + font-size: 12px; + color: var(--muted); + background: #ffffff; + white-space: nowrap; +} + +.badge--ok { + border-color: rgba(15, 81, 50, 0.25); + background: var(--ok-bg); + color: var(--ok); + font-weight: 700; +} + +.card__body { + padding: 14px 12px 12px; +} + +.kv { + display: grid; + grid-template-columns: 90px 1fr; + gap: 6px 10px; + font-size: 13px; +} + +.kv__k { + color: var(--muted); +} + +.kv__v code { + background: #f3f4f6; +} + +.mini { + margin-top: 12px; + border-top: 1px dashed var(--border); + padding-top: 10px; + font-size: 13px; +} + +.mini__k { + color: var(--muted); + font-weight: 600; + font-size: 12px; +} + +.mini__v { + margin-top: 4px; + color: #374151; +} + +.section { + padding: 34px 0; +} + +.section--alt { + background: var(--bg-alt); + border-top: 1px solid rgba(0, 0, 0, 0.03); + border-bottom: 1px solid rgba(0, 0, 0, 0.03); +} + +h2 { + margin: 0 0 8px; + font-size: 22px; + letter-spacing: -0.2px; +} + +.sub { + margin: 0 0 18px; + color: var(--muted); + font-size: 14px; + max-width: 80ch; +} + +.sub2 { + margin: 0 0 10px; + color: var(--muted); + font-size: 13px; +} + +.steps { + display: grid; + gap: 10px; + padding: 0; + margin: 0; + list-style: none; +} + +.step { + display: grid; + grid-template-columns: 44px 1fr; + gap: 12px; + padding: 14px 12px; + border: 1px solid var(--border); + border-radius: var(--radius); + background: #ffffff; + box-shadow: var(--shadow); +} + +.step__n { + width: 36px; + height: 36px; + border-radius: 12px; + background: rgba(139, 0, 0, 0.06); + border: 1px solid rgba(139, 0, 0, 0.18); + display: grid; + place-items: center; + font-weight: 800; + color: var(--accent); +} + +.step__t { + font-weight: 750; +} + +.step__d { + color: #374151; + margin-top: 3px; + font-size: 13px; +} + +.grid2 { + display: grid; + grid-template-columns: 1fr 1fr; + gap: 14px; +} + +.panel { + background: #ffffff; + border: 1px solid var(--border); + border-radius: var(--radius); + padding: 14px 14px; + box-shadow: var(--shadow); +} + +.panel h3 { + margin: 0 0 8px; + font-size: 15px; +} + +.list { + margin: 10px 0 0; + padding-left: 18px; + color: #374151; + font-size: 13px; +} + +.bw { + display: grid; + gap: 8px; + font-size: 13px; +} + +.bw__row { + display: grid; + grid-template-columns: 130px 1fr; + gap: 10px; + padding: 10px 10px; + border: 1px solid var(--border); + border-radius: 12px; + background: #ffffff; +} + +.bw__k { + color: var(--muted); + font-weight: 700; +} + +.bw__v { + color: #374151; +} + +.verify { + display: grid; + grid-template-columns: 1fr 1fr; + gap: 14px; + align-items: start; +} + +.links { + display: grid; + gap: 8px; + margin-top: 10px; +} + +.linkrow { + display: grid; + gap: 4px; + border: 1px solid var(--border); + border-radius: 12px; + padding: 10px 10px; + background: #ffffff; + box-shadow: var(--shadow); +} + +.linkrow:hover { + border-color: rgba(29, 78, 216, 0.35); + text-decoration: none; +} + +.linkrow__t { + font-weight: 700; + font-size: 13px; + color: var(--text); +} + +.linkrow__u { + font-size: 12px; + color: var(--muted); + overflow-wrap: anywhere; +} + +.fine { + margin: 12px 0 0; + color: var(--muted); + font-size: 12px; +} + +.cards { + display: grid; + grid-template-columns: repeat(3, minmax(0, 1fr)); + gap: 12px; +} + +.vcard { + background: #ffffff; + border: 1px solid var(--border); + border-radius: var(--radius); + padding: 14px 14px; + box-shadow: var(--shadow); +} + +.vcard__icon { + width: 44px; + height: 44px; + border: 1px solid var(--border); + border-radius: 14px; + background: #f8fafc; + display: grid; + place-items: center; + margin-bottom: 10px; + color: var(--accent); +} + +.vcard__icon svg { + width: 22px; + height: 22px; +} + +.vcard h3 { + margin: 0 0 10px; + font-size: 15px; +} + +.vcard__k { + margin: 0; + font-size: 12px; + color: var(--muted); + font-weight: 700; +} + +.vcard__v { + margin: 4px 0 10px; + font-size: 13px; + color: #374151; +} + +.faq { + display: grid; + gap: 10px; +} + +details { + background: #ffffff; + border: 1px solid var(--border); + border-radius: var(--radius); + padding: 12px 12px; + box-shadow: var(--shadow); +} + +summary { + cursor: pointer; + font-weight: 750; + list-style: none; +} + +summary::-webkit-details-marker { + display: none; +} + +details p { + margin: 10px 0 0; + color: #374151; + font-size: 13px; +} + +.foot { + margin-top: 18px; + border-top: 1px solid var(--border); + padding-top: 14px; + display: grid; + gap: 8px; +} + +.foot__row { + display: grid; + grid-template-columns: 90px 1fr; + gap: 12px; + font-size: 13px; +} + +.foot__k { + color: var(--muted); + font-weight: 700; +} + +.footer { + border-top: 1px solid var(--border); + padding: 18px 0; + background: #ffffff; +} + +.footer__inner { + display: flex; + justify-content: space-between; + gap: 12px; + flex-wrap: wrap; +} + +.muted { + color: var(--muted); + font-size: 12px; +} + +@media (max-width: 980px) { + .hero__grid { + grid-template-columns: 1fr; + } + .pillrow { + grid-template-columns: 1fr; + } + .grid2 { + grid-template-columns: 1fr; + } + .verify { + grid-template-columns: 1fr; + } + .cards { + grid-template-columns: 1fr; + } + h1 { + font-size: 34px; + } +} +