Veritas Protocol — A trust layer for the open web.

A hybrid chain-plus-federation substrate for plural, verifiable factual claims — where mutually-hostile frames can all participate, users compose their own verdicts via a portable consensus profile, and AI systems ground their outputs against a signed, open corpus.

1 · Why this mattersThe web has a trust gap — and it's getting worse fast.

The web has layers for addressing (DNS), for transport (TCP/IP), for security (TLS), and for content structure (HTML, schema.org). It was never built with a standard layer for trust.

When a website says "Bolivia has 10 million hectares of degraded land," there is no structured way for a reader to ask the follow-up questions that matter. Says who? Based on what source? Checked by whom? Last verified when? If the source is retracted next year, how would the reader find out? These questions are currently answered only by hand, page by page, by each reader individually — or not at all.

That was manageable when making a credible-looking website took months of editorial work. It is no longer manageable. Generative AI systems now produce polished text roughly six orders of magnitude faster than any human review process can verify it. Fabricated citations look real. Confident claims travel faster than their corrections. Retraction Watch tracks thousands of retracted papers each year, and the signal almost never reaches the reader of the newspaper article that cited them. Meanwhile, AI systems spend enormous compute filtering their own unreliable outputs because they have no trusted corpus to check against.

v0.2 (April 2026) combines six properties that together are not currently provided by any existing system: cryptographic per-claim provenance; permissionless posting by mutually-hostile validators; user-owned Consensus Profile Markup Language files that compose per-user verdicts; cascading falsification propagating retractions through dependency graphs; an open AI-grounding API; and a pay-for-investigation market that routes resources to contested claims.

The protocol does not decide what is true. It provides the infrastructure within which readers, institutions, aggregators and AI systems decide transparently, with evidence, under their chosen frames. v0.2 supersedes v0.1 because v0.1's federation-only architecture could not credentialise mutually-hostile validator cohorts — the design requirement for genuine plurality.

2 · How it worksHybrid chain-plus-federation; user-owned consensus profile; permissionless write.

Architecture — chain for settlement, federation for reads

A public Ethereum L2 (Base as primary with Optimism mirror in Phase II) serves as the settlement + incentive + permissionless-write layer, built on Ethereum Attestation Service primitives. A federation of independent aggregators indexes the chain and serves fast, edge-cached, per-CPML composed reads. The chain is never in the hot path for AI grounding calls (tens-of-milliseconds latency budget); it sits in the cold path for settlement, permanent record and economic flow.

Permissionless write — the distinctive choice

Anyone with a cryptographic identity can post a signed attestation. Validator credentialing is post-hoc at the aggregator and CPML layers, not pre-hoc at the write layer. This is the structural response to a central design requirement: the protocol must admit mutually-hostile validator cohorts — state-aligned narratives, ideologically-opposed religious traditions, dissident communities, sub-cultural epistemic groups — which no single foundation can credentialise neutrally. See §01 ideas.

CPML — the consumer layer

Each user, AI agent or institution holds a portable Consensus Profile Markup Language file describing which consensus domains they trust for which topics, with what weights and conflict-resolution rules. The protocol does not pick a verdict; it composes under the user's CPML. The reader's signing key is the sole authority on which profile applies — a deliberate contrast with the 1996 W3C PICS labelling architecture, which let third-party bureaux classify the content a reader could see; under CPML the user publishes the profile and aggregators respect it. A VAF-consistent formal specification (per Bench-Capon 2003 + Amgoud-Vesic 2011) is v0.3 work; the current JSON is an informal sketch. CPMLs are local-first, shareable, forkable, optionally signed.

Cascading falsification — retractions reach the reader

When a source is retracted, every claim that depended on it is marked for re-evaluation, and the event propagates via libp2p gossip within seconds plus on-chain confirmation minutes later. The algorithm borrows classical AI work on truth maintenance — Doyle's 1979 JTMS applied at web scale.

Investigation market — real money for contested claims

Parties to contested claims commission formal investigations: escrow funds on-chain; qualified validators bid or are auto-assigned; validators execute and sign a verdict; escrow releases on completion and quorum. Starting tiers: $300 quick, $1K standard, $3K deep, $10K+ extended. Structural safeguards — flat-fee tiers, mandatory 3+ investigator quorum, loser-pays-all, public-interest fund for under-resourced claims — prevent pay-for-muddying. The investigation market routes real money to where disputes are hottest and revives investigative-journalism revenue. See §06 ideas.

AI-read surface — grounding at inference

A cacheable REST API with MCP-native integration lets generative models check outputs against the signed, domain-scoped corpus before emitting text. Cryptographic proofs (Merkle inclusion + validator signatures) travel with responses for client-side verification. Per-domain daily snapshots served from edge CDNs for sub-50ms grounding-call latency.

Who runs it

Institutions at the validator layer, users at the consumer layer, a foundation at the specification layer — and no single entity has editorial authority. Validators are universities, libraries, newsrooms, research organisations — and, by design, groups outside formal institutional structures who self-declare credentials and build reputation through their work. Users hold their own CPML, pick their aggregators, compose their verdicts. The foundation stewards the specification, operates reference chain contracts, convenes country chapters, maintains a narrow operational-refusal list (page 3), funds the dispute panel — and does not arbitrate which consensus frames are correct.

3 · Why now, how to helpThe window is open, but not indefinitely.

Why this works in 2026 but didn't in 2022

The necessary standards have only recently become mature enough to compose. W3C Verifiable Credentials 2.0 reached Recommendation. W3C Decentralized Identifiers 1.1 followed. The IETF working group for Supply-Chain Integrity, Transparency and Trust (SCITT) is producing drafts that are a near-perfect fit for the signed-attestation log layer of this protocol. Sigstore has proven that federated signing with short-lived certificates works at scale. The Content Authenticity Initiative has enrolled thousands of organisations in provenance standards for media. None of these were usable building blocks three years ago.

Regulation has also moved. The EU Digital Services Act introduces the Trusted Flagger pathway. The EU AI Act Article 50 creates transparency obligations for AI-generated content. The window for a voluntary, open, self-declaration standard to front-run heavier regulation is open now. It will not stay open long.

Not naïvely a blockchain

An earlier generation of fact-checking projects — Civil Media, Po.et, Factmata, Bitpress, Fact Protocol, Swarm Network — coupled tokens to validator credentialing, excluded institutional participants and failed economically. Veritas v0.2 decouples. Validators post permissionlessly; anyone credentialed or not can participate; tokens drive service-flow economics only. The chain is in the cold path (settlement, log, cascade confirmation); federation is in the hot path (reads, grounding, editorial policy). Token pattern follows the Chainlink survivor archetype — service-payment utility, no mandatory burn at launch. Swiss Stiftung plus EU operating entity is the current leading legal structure; MiCA utility-token classification is the primary regulatory posture. See §11 ideas for why v0.2 adopted a hybrid architecture after v0.1 had explicitly rejected blockchain.

What is hard — honestly

• Governance. Deciding the admissibility of consensus frames, the narrow list of protocol-refused operation shapes (CSAM-verification, non-consensual intimate imagery, imminent-harm threats, mass-casualty-weapon synthesis, active illegal markets), and chapter-affiliation rules is the central substantive question. A 9-seat multi-stakeholder dispute panel handles it; decisions are published with rationale. See §09 ideas.
• Mutual-hostility stress-tests the neutrality claim. State-aligned validators post state narratives publicly on chain; aggregators and user CPMLs determine whether those validators' outputs surface to any given reader. The architecture makes their attribution legible, not hidden.
• Adoption. AI laboratories may integrate slowly. Phase II's pilot with one lab under research grant publishes a measured hallucination-reduction benchmark; if the delta is not real, the protocol's claims shrink accordingly.
• Investigation-market imbalance. Well-resourced parties can out-commission under-resourced ones. A public-interest investigation fund, flat-fee tiers, and mandatory 3+ investigator quorum mitigate asymmetry. See §06 ideas.
• Sustainability. Six revenue streams feed a treasury; no single stream exceeds ~40% at steady state. Validators earn ~60–70% of inbound revenue. No advertising. No equity.

Consumer MVP ships first

A standalone 10-question consensus quiz — working names Frame, Compass, Plural — launches in Phase I (months 0–6) before the validator network is fully built. Users discover their CPML, refine with one question per day, find communities with similar profiles, receive daily opposite-view surfacing, and seed the CPML corpus the protocol will use. Protocol integration is invisible until Phase II. This is customer acquisition and design research rolled into one. See §07 ideas.

Four ways to help

• Co-author the formal specification in the relevant standards bodies — W3C Credentials Community Group, IETF SCITT, schema.org.
• Operate a validator in the Phase II pilot network — universities, libraries, fact-check organisations, open-science consortia.
• Audit the protocol in the open — cryptographic, economic, governance, and legal contributions.
• Charter a consensus domain by publishing its editorial standard.

Partners are also sought from the AI-laboratory community, from foundations with programmes in open infrastructure and journalism (Mozilla, Knight, MacArthur, Ford, Protocol Labs / FFDW), from the International Fact-Checking Network, the Content Authenticity Initiative, and open-science infrastructure including Crossref, OpenAlex, and Retraction Watch.

Further reading

• Full working paper v0.2 — 16 sections, three appendices, build-elements list.
• 11 today's-ideas artefacts — mutual-hostility, hybrid architecture, tokenomics, CPML, revenue model, investigation market, quiz MVP, country chapters, refusals + panel, chain selection, blockchain debate.
• Seven supporting research reports: academic CPML literature, consumer-tool landscape, deeper tokenomics, hybrid-architecture patterns, regulatory analysis, GitHub prior art, consumer-product strategy.
• v0.1 archive — federation-only architecture, superseded but preserved as documented fallback.

4 · Register interestIf any of this resonates with your agenda, we would very much like to talk.

This is a v0.2 working paper. We are looking for co-authors of the formal specification, pilot validators, open auditors, consensus-domain rapporteurs, funders, and AI-laboratory research partners. Tell us how you think you could contribute — we reply by email.