⭐ If you find this useful, a star helps others discover it

RCF Protocol — Restricted Correlation Framework

Version: see package.json / sigma.json — single source of truth Status: Active Specification
Category: Author-Defined Licensing Protocol
Website: aliyev.site/rcf

---

🆕 What's New in Active?

• 🛡️ Active Defense: Introduced Designed Canaries and AST Adversarial Noise to protect against source code harvesting.
• 🌐 WAF Gateways: Native gateway subcommand to export Cloudflare Worker and Nginx WAF configurations.
• 📦 SDK Parity: A single version is synchronized across NPM (rcf-protocol) and PyPI (rcf-cli); the canonical number lives in package.json / pyproject.toml.
• 📝 Documentation Update: Detailed audit and active defense usage guides added to SDK READMEs and the specification.

---

🛡️ What is RCF?

RCF (Restricted Correlation Framework) is an author-defined licensing protocol designed to protect intellectual property in the age of automated extraction and AI/ML mass replication. RCF-protected works are subject to protection under the Berne Convention and national copyright laws. The RCF-PL license serves as a conditional grant of visibility rights. It creates a clear legal and technical boundary between Visibility and Usage Rights.

Core Principle: Visibility ≠ Rights

Action	Status	Description
👀 Visibility	✅ ALLOWED	Reading, studying, and auditing the code or methodology.
🚀 Usage	❌ RESTRICTED	Implementing, replicating, or automating extraction.

---

❓ Why RCF?

Traditional open-source licenses fail to protect against modern threats. RCF provides a modular "Defense in Depth" approach:

• 🤖 AI/ML Resistance: Explicitly blocks unauthorized training on proprietary methodologies.
• 🕷️ Anti-Extraction: Prevents automated harvesting of correlation logic.
• Visible Source: Allows manual audit and study (unlike closed source).
• ⚡ Self-Enforcing: Rights terminate automatically upon violation.

---

🏷️ Marker Quick Reference

RCF use semantic markers to define protection levels at the block or file level:

• [RCF:PUBLIC] — Architecture and public concepts. Safe to discuss.
• [RCF:PROTECTED] — Core methodology. Visible but not replicable.
• [RCF:RESTRICTED] — Highly sensitive implementation. Minimal rights.
• [RCF:NOTICE] — Triggers requirement for adjacent legal notice.

---

💎 RCF Business Models

RCF enables new paradigms for monetization and asset protection while maintaining ecosystem openness.

1. Protected Core — Open Edge

The "Protected Core — Open Edge" model allows you to distribute open, accessible tools while monetizing the execution engine:

• Open SDK ([RCF:PUBLIC]): Provide a free, open-source SDK for developers to build extensions, plugins, or integrations (e.g., smart home plugins).
• Protected Core ([RCF:RESTRICTED]): The core execution engine (e.g., A-VM) remains restricted. Access and usage rights are governed by the RCF-PL license terms.

2. RCF-Audit as a Service

Independent developers and small studios are vulnerable to IP theft and unauthorized AI extraction. RCF-Audit as a Service lets you act as a protection consultant:

• Offer: "AI is extracting your code. We will implement the RCF-protocol, mark your proprietary assets, and provide cryptographic audit capabilities."

Action: Use the rcf-cli audit tool to generate an immutable RCF-AUDIT-REPORT.json containing SHA-256 hashes of all protected methodologies, creating a verifiable snapshot of ownership.

Learn more at aliyev.site/rcf

---

🚀 Quick Start

For Project Authors (Adopting RCF)

1. Setup: Copy template files from IMPLEMENTATION/TEMPLATES/.
2. Define: Identify core methodologies in your code.
3. Mark: Annotate blocks with RCF markers. See CODE-MARKERS.md.
4. Deploy: include NOTICE.md in your repository root.

For Decentralized Systems (dOS)

RCF is specialized for dOS environments (like Aurora Access). See the dOS Adoption Guide for kernel-level implementation examples.

---

🛠️ RCF CLI Tools (NPM & PyPI)

We provide official Command Line Interfaces to verify compliance in your projects, available in both TypeScript/Node.js and Python ecosystems. All computations (including scans, audits, and similarity proofs) run 100% locally and privately on your machine—no source code or cryptographic hashes are ever sent to external servers.

🟨 Node.js (NPM)

Install the TypeScript/JavaScript package globally to use the CLI from anywhere:

npm install -g rcf-protocol

Or use it instantly via npx:

npx rcf-cli .

🐍 Python (PyPI)

Install the Python SDK globally or in your virtual environment:

pip install rcf-cli

🚀 Usage

Command	Description
rcf-cli init	Initialize RCF in your project — generates NOTICE.md and .rcfignore
rcf-cli audit [path]	Generate a cryptographic RCF-AUDIT-REPORT.json — fingerprint all protected assets
rcf-cli verify [path]	Verify file/directory integrity against the audit report
rcf-cli diff [path]	Compare current markers vs audit report — ideal for CI/CD pipelines
rcf-cli protect [path]	Auto-insert RCF markers into unprotected logic blocks
rcf-cli sentinel [path]	Rank protected functions by surprisal mass (forensic watch-list)
rcf-cli build-corpus [path]	Build a background language structure corpus (p_nat.json)
rcf-cli build-null [path]	Calibrate a Monte Carlo null distribution for statistical proofs
rcf-cli prove <fileA> <fileB>	Compute a court-grade similarity proof (Z-score, E-value) between two files
rcf-cli canary register	Register a designed canary fingerprint to your registry
rcf-cli canary scan [path]	Scan a codebase for canary matches (detects code theft via subgraph isomorphism)
rcf-cli noise [path]	Inject adversarial AST noise into protected files to confuse AI models
rcf-cli gateway cloudflare	Export a Cloudflare Workers WAF script (cloudflare_worker.ts)
rcf-cli gateway nginx	Export Nginx Lua WAF script (rcf_waf.lua) and nginx.conf snippet

# Examples:
rcf-cli init --project "MyApp" --author "Your Name"
rcf-cli audit .
rcf-cli verify .
rcf-cli prove src/algo.py src/algo_copy.py --corpus corpus.json --null null_model.json
rcf-cli canary scan . --registry rcf_canaries.json
rcf-cli noise src/
rcf-cli gateway cloudflare --out ./deploy
rcf-cli gateway nginx --out ./deploy

---

📂 Repository Structure

Directory	Description	Key Documents
SPECIFICATION/	Technical protocol definition	RCF-SPEC, RCF-CORE, RCF-CORRELATION, RCF-SIGMA, RCF-ACTIVE-DEFENSE
LEGAL/	Legal framework and basis	LEGAL, JURISDICTION
IMPLEMENTATION/	Practical adoption tools	MARKERS, MEASURES
ADOPTION/	Guides for project authors	ADOPTION-GUIDE, FAQ
GOVERNANCE/	Protocol evolution	GOVERNANCE, VERSIONING
EXAMPLES/	Reference implementations	Py-Example, C-Kernel-Example

---

🛠️ Specialized Solutions

Decentralized Operating Systems (dOS)

RCF provides specialized measures for dOS to ensure kernel transparency while protecting unique scheduling and data fusion algorithms. 👉 Read dOS Supplemental Guide

---

👥 Community & Support

• Website: aliyev.site/rcf
• Contact: aladdin@aliyev.site
• Projects: Aurora Access, Aliyev OSINT

---

© 2026 Aladdin Aliyev
All rights reserved under RCF Protocol License