Skip to content
Documentation

Protocol documentation

KIFP v1.0 specification, token schemas, edge attestation model, federation registry, and integration reference.

KIFP v1.0 Specification

The complete KeyIdentity Federation Protocol specification. Covers architecture, message structure, signature model, token formats, federation registry, revocation propagation, and governance framework.

  • Executive summary and threat model
  • Terminology and architectural overview
  • FIK, RSAT, and FIA specifications
  • Edge device attestation model
  • Federation registry and tiering
  • Governance framework and implementer checklist

Token Schemas

JSON Schema definitions for all KIFP token types. Machine-readable, validator-compatible schemas for protocol conformance testing.

  • kifp-metadata.schema.json — Protocol metadata block
  • fik.schema.json — Federated Identity Key record
  • rsat.schema.json — Retailer-Scoped Authorization Token
  • fia.schema.json — Federated Identity Assertion
  • edge-attestation.schema.json — Edge device attestation payload

Edge Attestation Model

Specification for edge device provisioning, attestation payload structure, device key management, store binding, and firmware integrity verification.

  • Device key generation and secure element binding
  • Attestation payload structure and signing
  • Firmware version enforcement
  • Store binding and re-provisioning
  • Remote revocation protocol

Federation Registry

Specification for the distributed root registry, federation tiering, cross-root handshake protocol, and policy compatibility verification.

  • Root registry entry structure
  • Tier 1/2/3 requirements and transitions
  • Cross-root handshake protocol
  • FIA exchange governance
  • Shared revocation propagation

Integration reference

Core API operations for KIFP-compliant integrations.

RSAT Verification

Validate RSAT signatures, check revocation status, enforce scope and expiry, and log verification decisions.

Policy Evaluation

Evaluate RSATs against configurable governance policies: risk thresholds, amount limits, consent scope, and merchant category.

Audit Retrieval

Query the immutable audit trail for authorization decisions, key lifecycle events, and federation actions.

KIFP v1.0 — Pre-Release Draft

Full specification access is available to approved deployment partners and federation participants. Request access through a private briefing.

Request Access

Protocol version: KIFP v1.0.0

Access Secure Demo|Contact