OPEN STANDARD

V1.0.0

BASIS

Baseline Authority for Safe & Interoperable Systems

The open standard for AI agent governance. Defining what must happen before an AI agent acts.

Read the Specification View on GitHub

The Four-Layer Architecture

LAYER 1INTENTParse & classify action requests

LAYER 2ENFORCEEvaluate against trust score & policies

LAYER 3PROOFLog with cryptographic integrity

LAYER 4CHAINAnchor to external verifier (optional)

INTENT

Parse & Plan

Parse natural language, extract capabilities, classify risk level.

ENFORCE

Trust & Gate

Evaluate against trust score and policy rules. ALLOW, DENY, ESCALATE, or DEGRADE.

PROOF

Log & Audit

Create immutable, SHA-256 chained audit records with 7-year retention.

CHAIN

Anchor & Verify

Optional blockchain anchoring for independent verification.

Trust Model

Full documentation

Six Trust Tiers (0-1000)

Tier	Score	Default Capabilities
Sandbox	0-99	Isolated testing only
Provisional	100-299	Read public data, internal messaging
Standard	300-499	Limited external communication
Trusted	500-699	External API calls
Certified	700-899	Financial transactions
Autonomous	900-1000	Full autonomy within policy

Trust Dynamics

Decay

182-day half-life. Inactive agents reach 50% trust score at 182 days idle — stepped milestones at 7, 14, 28, 56, 112, and 182 days.

Failure Amplification

Tier-scaled 2–10× penalty on failures — lowest at T0 (2×, aids ascension) rising to 10× at T5–T7. New agents can recover; high-trust agents pay steeply for any lapse.

Tier Boundaries

Hard floors and ceilings at tier boundaries. Can't skip tiers.

Specification Documents

Core Specification

28K

Architecture, trust model, wire protocol, conformance levels

Capability Taxonomy

18K

100+ capabilities across 7 namespaces

JSON Schemas

28K

Complete wire protocol schemas (Draft 2020-12)

Error Codes

16K

60+ error codes in 12 categories

Threat Model

20K

STRIDE analysis, 20+ threats with mitigations

Failure Modes

16K

Layer-by-layer failure handling

Compliance Mapping

17K

SOC 2, ISO 27001, GDPR, HIPAA, EU AI Act

Migration Guide

21K

5-phase adoption roadmap

Conformance Levels

BASIS Core

Minimum viable governance

INTENT layer
ENFORCE layer
PROOF layer

BASIS Complete

Production-ready implementation

All Core requirements
CHAIN layer
Full capability taxonomy

BASIS Extended

Enterprise-scale deployment

All Complete requirements
Multi-tenant isolation
Federated trust

Quick Start

Example Policy Snippet

basis_version: "1.0"
policy_id: "corp-finance-limited"
constraints:
  - type: "capability_gate"
    capabilities: ["financial:transaction/medium"]
    minimum_tier: "certified"
  - type: "escalation_required"
    capabilities: ["admin:policy/modify"]
obligations:
  - trigger: "transaction_value > 10000"
    action: "require_human_approval"

Ready to Implement?

Use Cognigate, the reference implementation of BASIS, or build your own compliant implementation using the specification.

Cognigate (Reference) View Schemas on GitHub