SCL Security and Threat Model

Deterministic identity for AI does not refer to deterministic behavior or predictable outputs. See the full definition.

Security Model

SCL defines a deterministic identity layer for AI run declarations.

Security is derived from:

• Canonical JSON as the sole deterministic representation
• SHA-256 identity derived exclusively from canonical JSON bytes
• Implementation-independent canonicalization

The protocol ensures that identity is stable, verifiable, and resistant to representation-level variation. See how SCL ensures deterministic identity for the complete mechanism.

Threat Surface

SCL addresses threats related to ambiguity, inconsistency, and representation drift in AI run declarations.

These include:

• Divergent representations of equivalent declarations
• Undetectable modifications to declaration structure or content
• Inconsistent serialization across systems
• Non-deterministic identity generation

Tampering and Integrity

SCL enables detection of any modification to declared execution.

Any change to input bytes results in:

• Different canonical JSON bytes
• Different SHA-256 identity

This ensures that tampering at the declaration level is observable.

Representation Attacks

Without canonicalization, equivalent data can produce different hashes due to:

• Key ordering differences
• Whitespace variation
• Encoding differences

SCL eliminates these vectors by enforcing a canonical JSON representation with strict serialization rules.

Implementation Drift

SCL prevents divergence across implementations.

All compliant implementations MUST:

• Produce identical canonical JSON bytes
• Produce identical SHA-256 identity for identical input bytes

Any mismatch indicates non-conformance.

Auditability

SCL provides a stable identity for AI run declarations.

This enables:

• Verification that two systems reference the same declared execution
• Traceability of declarations across systems
• Consistent identity binding in logs and records

Audit systems reference identity but do not define it.

Compliance Alignment

SCL supports compliance requirements that require:

• Verifiable identity of declared execution
• Deterministic reproduction of declaration representation
• Implementation-independent validation

The protocol provides a cryptographic identity that can be recorded, compared, and verified across systems.

Deterministic Guarantees

For identical input bytes, all compliant implementations MUST produce:

• Identical canonical JSON bytes
• Identical SHA-256 identity

No normalization, interpretation, or transformation beyond the specification is permitted.

Any deviation constitutes protocol failure.

Processing Pipeline

bytes → AST → canonical JSON → SHA-256

Identity = SHA-256(canonical JSON bytes)

Identity Scope

SCL defines identity for declared execution only.

It does not define execution behavior, enforcement, or runtime outcomes.

For organizational compliance and governance use of SCL identity, see the governance and compliance page.