OPEN STANDARD

V1.0.0

BASIS

Baseline Authority for Safe & Interoperable Systems

The open standard for AI agent governance. Defining what must happen before an AI agent acts.

The Four-Layer Architecture

┌─────────────────────────────────────────────────────────────┐
│  LAYER 1: INTENT    → Parse & classify action requests      │
├─────────────────────────────────────────────────────────────┤
│  LAYER 2: ENFORCE   → Evaluate against trust & policies     │
├─────────────────────────────────────────────────────────────┤
│  LAYER 3: PROOF     → Log with cryptographic integrity      │
├─────────────────────────────────────────────────────────────┤
│  LAYER 4: CHAIN     → Anchor to blockchain (optional)       │
└─────────────────────────────────────────────────────────────┘

INTENT

Parse & Plan

Parse natural language, extract capabilities, classify risk level.

ENFORCE

Trust & Gate

Evaluate against trust score and policy rules. ALLOW, DENY, ESCALATE, or DEGRADE.

PROOF

Log & Audit

Create immutable, SHA-256 chained audit records with 7-year retention.

CHAIN

Anchor & Verify

Optional blockchain anchoring for independent verification.

Trust Model

Full documentation

Six Trust Tiers (0-1000)

Tier	Score	Default Capabilities
Sandbox	0-99	Isolated testing only
Provisional	100-299	Read public data, internal messaging
Standard	300-499	Limited external communication
Trusted	500-699	External API calls
Certified	700-899	Financial transactions
Autonomous	900-1000	Full autonomy within policy

Trust Dynamics

Decay

7-day half-life. Inactive agents lose trust over time to prevent stale high-trust entities.

Failure Amplification

3x multiplier on negative deltas. Failures hurt more than successes help.

Tier Boundaries

Hard floors and ceilings at tier boundaries. Can't skip tiers.

Specification Documents

Core Specification

28K

Architecture, trust model, wire protocol, conformance levels

Capability Taxonomy

18K

100+ capabilities across 7 namespaces

JSON Schemas

28K

Complete wire protocol schemas (Draft 2020-12)

Error Codes

16K

60+ error codes in 12 categories

Threat Model

20K

STRIDE analysis, 20+ threats with mitigations

Failure Modes

16K

Layer-by-layer failure handling

Compliance Mapping

17K

SOC 2, ISO 27001, GDPR, HIPAA, EU AI Act

Migration Guide

21K

5-phase adoption roadmap

Conformance Levels

BASIS Core

Minimum viable governance

INTENT layer
ENFORCE layer
PROOF layer

BASIS Complete

Production-ready implementation

All Core requirements
CHAIN layer
Full capability taxonomy

BASIS Extended

Enterprise-scale deployment

All Complete requirements
Multi-tenant isolation
Federated trust

Quick Start

Example Policy Snippet

basis_version: "1.0"
policy_id: "corp-finance-limited"
constraints:
  - type: "capability_gate"
    capabilities: ["financial:transaction/medium"]
    minimum_tier: "certified"
  - type: "escalation_required"
    capabilities: ["admin:policy/modify"]
obligations:
  - trigger: "transaction_value > 10000"
    action: "require_human_approval"

Ready to Implement?

Use Cognigate, the reference implementation of BASIS, or build your own compliant implementation using the specification.

Cognigate (Reference) View Schemas on GitHub