Standalone standards workspace for AIR v1: an open, implementation-independent receipt profile for attestation-linked AI inference evidence.
AIR is the standards/moat layer behind EphemeralML. This repository exists so external reviewers can evaluate the receipt format, verifier behavior, and conformance corpus without first navigating the full product repo.
| Question | Short answer |
|---|---|
| What is AIR? | An application-layer COSE/CWT + EAT-profile receipt for one AI inference in an attested confidential workload. |
| Why does this repo exist separately? | To keep the spec, vectors, and interop materials legible as a standalone asset rather than a product subfolder. |
| What is in scope here? | Normative spec docs, CDDL, golden vectors, IETF draft sources/renders, and interop tooling. |
| What is not in scope here? | The production inference runtime, gateway, cloud deployment scripts, or commercial product UX. Those remain in EphemeralML-cyntrisec. |
| What should a reviewer read first? | spec/README.md, then vectors/, then the draft in draft/. |
Most confidential-compute products prove that a workload booted in an attested environment. AIR adds a portable, signed artifact for a single inference event: which model ran, what request/response hashes were involved, and what attestation-linked metadata is available for verification.
That is the category boundary for this repository:
- infrastructure proves the room is locked
- AIR proves what happened inside for one inference
- AIR v1 normative spec and release docs
- IETF Internet-Draft source and rendered artifacts
- CDDL schema and golden vectors
- Interop verifier script
- Submission support docs used for standards and review workflows
spec/README.md— frozen v1 scope and normative documentsspec/interop-kit.md— fastest external verifier pathvectors/— golden corpus (2 valid + 8 invalid)draft/— IETF Internet-Draft source and rendered artifactsspec/implementation-status.md— current reference implementation coverage and gaps
draft/- IETF draft sources and rendered artifacts (.md,.xml,.txt,.html)spec/- AIR v1 normative specification docs + CDDLvectors/- Golden vectors (2 valid + 8 invalid)scripts/- Interop toolingdocs/- Verification reports, submission checklists, and claim/evidence support docs
- Canonical implementation repository:
cyntrisec/EphemeralML - This standalone repository is synchronized through selected AIR draft
-02semantic changes as of2026-04-24(genericproduction/evaluationtrust-state values, model artifact-set wording, and expanded PCR/RTMR mapping). - For implementation behavior newer than this repository, use
EphemeralMLas the source of truth.
This split is non-destructive: EphemeralML-cyntrisec remains the current production implementation, while this repository keeps the AIR v1 standards surface stable and independently reviewable.
Rendered Internet-Draft snapshots currently checked into this repository are -00 and -01. The live -02 implementation and draft work land first in EphemeralML-cyntrisec (spec/v1/ietf/, common/src/air_receipt.rs, common/src/air_verify.rs). This repository remains the standalone AIR standards workspace and may lag slightly while those changes are being copied back. If a reviewer needs the current -02 behavior, use EphemeralML-cyntrisec as the implementation reference.
- Primary author/submission email:
borys@cyntrisec.com - Organization: Cyntrisec