| Internet-Draft | SCITT-VCP | December 2025 |
| Kamimura | Expires 20 June 2026 | [Page] |
This document defines a SCITT (Supply Chain Integrity, Transparency, and Trust) profile for creating tamper-evident audit trails of AI-driven algorithmic trading decisions and executions. The VeritasChain Protocol (VCP) extends the SCITT architecture to address the specific requirements of financial markets, including nanosecond-precision timestamps, regulatory compliance with EU AI Act and MiFID II, and privacy-preserving mechanisms (crypto-shredding) for GDPR compliance. This profile defines how VCP events are encoded as SCITT Signed Statements, registered with Transparency Services, and verified using COSE Receipts.¶
This note is to be removed before publishing as an RFC.¶
The latest version of this document, along with implementation resources and test vectors, can be found at https://github.com/veritaschain/vcp-spec.¶
Discussion of this document takes place on the SCITT Working Group mailing list (scitt@ietf.org).¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 20 June 2026.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The SCITT (Supply Chain Integrity, Transparency, and Trust) architecture [I-D.ietf-scitt-architecture] provides a framework for creating tamper-evident logs of digital artifacts through Transparency Services. While SCITT was initially designed for software supply chain use cases, its core primitives—Signed Statements, Receipts, and Transparency Services—are applicable to any domain requiring verifiable audit trails.¶
This document specifies how SCITT can be applied to the domain of AI-driven algorithmic trading systems in financial markets. The VeritasChain Protocol (VCP) defines:¶
VCP serves as an "AI Flight Recorder" for algorithmic trading, enabling post-incident reconstruction of system behavior with cryptographic proof of integrity.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This document is a profile of the SCITT architecture. It:¶
This document specifies:¶
This document does not specify:¶
This document uses terminology from [I-D.ietf-scitt-architecture]. The following terms are specific to this profile:¶
The following table maps VCP concepts to SCITT terminology:¶
| VCP Concept | SCITT Equivalent | Notes |
|---|---|---|
| VCP Event | Signed Statement | VCP Event is the payload of a Signed Statement |
| VCP Issuer | Issuer | Trading system or AI model |
| VCP Transparency Service | Transparency Service | With VCP Registration Policy |
| VCP Receipt | Receipt | COSE Receipt with Merkle inclusion proof |
| Hash Chain | Append-only Log | VCP adds per-Actor chaining |
| Merkle Anchor | Merkle Tree Root | Periodic commitment |
VCP builds upon the SCITT architecture with domain-specific extensions for financial trading:¶
+------------------+ +-------------------------+
| VCP Issuer | | VCP Transparency |
| (Trading System) | | Service |
+--------+---------+ +------------+------------+
| |
| 1. Create VCP Event |
| 2. Sign as COSE_Sign1 |
| |
+------ Signed Statement ----->|
| (via SCRAPI) |
| | 3. Validate against
| | Registration Policy
| |
| | 4. Append to Log
| |
|<-------- VCP Receipt --------+
| (COSE Receipt) |
| |
+--------+---------+ +------------+------------+
| Verifier | | External Anchor |
| (Auditor/Regul.) | | (Timestamp/Blockchain) |
+------------------+ +-------------------------+
¶
In addition to SCITT's global append-only log, VCP maintains per-Actor hash chains. Each VCP Event includes a PrevHash field containing the hash of the previous event from the same Actor. This enables efficient verification of a single Actor's event sequence without downloading the entire log.¶
Actor A: Event_A1 --hash--> Event_A2 --hash--> Event_A3 Actor B: Event_B1 --hash--> Event_B2 Global Log: [Event_A1, Event_B1, Event_A2, Event_B2, Event_A3, ...]¶
A VCP Event is encoded as the payload of a SCITT Signed Statement. The payload MUST be a JSON object conforming to the following schema:¶
The Header contains metadata common to all VCP Events:¶
{
"Header": {
"EventID": "01961e5f-5c0d-7000-8000-123456789abc",
"TimestampISO": "2026-03-15T09:30:00.123456789Z",
"TimestampInt": 1742034600123456789,
"EventType": "ORD",
"ActorID": "algo-momentum-001",
"ChainID": "chain-actor-001",
"SequenceNum": 42
}
}
¶
The Payload contains domain-specific data organized into modules:¶
{
"Payload": {
"VCP-TRADE": {
"OrderID": "ord-2026-001",
"Symbol": "AAPL",
"Side": "BUY",
"Quantity": "100",
"Price": "185.50",
"OrderType": "LIMIT"
},
"VCP-GOV": {
"AlgoID": "momentum-v2.3",
"DecisionFactors": ["RSI_oversold", "volume_spike"],
"ConfidenceScore": 0.87
}
}
}
¶
The Security object contains integrity and chaining information:¶
{
"Security": {
"EventHash": "sha256:a1b2c3d4...",
"PrevHash": "sha256:f6e5d4c3...",
"MerkleRoot": "sha256:1234abcd...",
"SignAlgo": "ED25519"
}
}
¶
| Code | Name | Description |
|---|---|---|
| INIT | Initialization | Chain initialization, no PrevHash |
| SIG | Signal | Trading signal generated |
| ORD | Order | Order submitted |
| ACK | Acknowledgment | Order acknowledged by venue |
| EXE | Execution | Order executed (fill) |
| CXL | Cancellation | Order cancelled |
| MOD | Modification | Order modified |
| RSK | Risk | Risk event or limit breach |
| ERR | Error | System error |
| HBT | Heartbeat | Periodic liveness signal |
| CLS | Close | Position closed |
| ANC | Anchor | Merkle anchor event |
A VCP Transparency Service MUST enforce a Registration Policy that validates incoming Signed Statements. The policy MUST verify:¶
This specification distinguishes timestamp resolution from clock accuracy. Nanosecond-resolution timestamps represent the storage format capability, while actual clock accuracy is explicitly recorded and enforced per tier.¶
| Requirement | Silver | Gold | Platinum |
|---|---|---|---|
| Timestamp Resolution | Millisecond | Microsecond | Nanosecond |
| Clock Accuracy | NTP (~10ms) | NTP + drift (~1ms) | PTPv2 (<1μs) |
| Merkle Anchoring | Daily | Hourly | Per-minute |
| Signature Algorithm | Ed25519 | Ed25519 | Ed25519 + Dilithium (OPTIONAL) |
| Key Storage | Software | Software/HSM | HSM Required |
| External Anchor | Optional | Recommended | Required |
Note: Silver tier is NOT intended for regulatory-grade algorithmic trading systems subject to MiFID II RTS 25, SEC Rule 17a-4, or equivalent clock synchronization requirements. Silver tier is appropriate for development, testing, backtesting analysis, and non-regulated trading scenarios.¶
VCP supports crypto-shredding to enable GDPR-compliant data erasure while preserving audit trail integrity. This mechanism allows deletion of personal data without invalidating cryptographic proofs.¶
{
"VCP-PRIVACY": {
"EncryptedFields": ["VCP-TRADE.ClientID", "VCP-TRADE.AccountID"],
"KeyID": "dek-2026-001-subject-12345",
"Algorithm": "AES-256-GCM",
"RetentionPolicy": "GDPR-5Y"
}
}
¶
VCP Transparency Services MUST implement SCRAPI [I-D.ietf-scitt-scrapi] with the following VCP-specific considerations:¶
VCP Events are submitted as COSE_Sign1 Signed Statements:¶
POST /entries HTTP/1.1 Host: vcp-ts.example.com Content-Type: application/cose <COSE_Sign1 containing VCP Event payload>¶
The Transparency Service validates the VCP Registration Policy and returns a COSE Receipt on success.¶
Retrieve a specific VCP Event by its entry ID (derived from EventID).¶
Retrieve the COSE Receipt for a registered VCP Event, containing the Merkle inclusion proof.¶
The per-Actor hash chain construction provides tamper evidence: modification of any event invalidates all subsequent hashes in that Actor's chain. Combined with SCITT's global append-only log and Merkle tree, this provides defense in depth.¶
Mitigations against key compromise:¶
Ed25519 signatures are vulnerable to attacks by cryptographically relevant quantum computers. VCP provides crypto-agility to address future threats:¶
Implementers requiring post-quantum guarantees SHOULD monitor CFRG and PQUIP working group outputs for updated guidance on algorithm selection and migration timelines.¶
Clock manipulation can enable backdating of events. Mitigations:¶
This document has no IANA actions at this time.¶
Future versions of this specification may request:¶
The following is a complete VCP Event encoded as JSON, ready to be wrapped in a COSE_Sign1 Signed Statement:¶
{
"Header": {
"EventID": "01961e5f-5c0d-7000-8000-123456789abc",
"TimestampISO": "2026-03-15T09:30:00.123456789Z",
"TimestampInt": 1742034600123456789,
"EventType": "ORD",
"ActorID": "algo-momentum-001",
"ChainID": "chain-actor-001",
"SequenceNum": 42
},
"Payload": {
"VCP-TRADE": {
"OrderID": "ord-2026-001",
"Symbol": "AAPL",
"Side": "BUY",
"Quantity": "100",
"Price": "185.50",
"OrderType": "LIMIT",
"TimeInForce": "DAY"
},
"VCP-GOV": {
"AlgoID": "momentum-v2.3",
"DecisionFactors": ["RSI_oversold", "volume_spike"],
"ConfidenceScore": 0.87,
"RiskCheckPassed": true
}
},
"Security": {
"EventHash": "sha256:a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2",
"PrevHash": "sha256:f6e5d4c3b2a1f6e5d4c3b2a1f6e5d4c3b2a1f6e5d4c3b2a1f6e5d4c3b2a1f6e5",
"SignAlgo": "ED25519"
}
}
¶
The complete JSON Schema for VCP Events is available at:¶
The authors thank the members of the VeritasChain Standards Organization Technical Committee for their contributions to this specification. This work builds upon the SCITT architecture developed by the IETF SCITT Working Group, and the Certificate Transparency work in [RFC6962].¶