Platform Concepts
Conformance Levels
EDM artifacts participate in a three-level conformance ladder: Compliant, Sealed, and Certified. Each level adds trust assurance and verification capabilities.
Overview
Conformance levels apply to Govern records (EDM artifacts). Safety and Observe are runtime products that carry DeepaData trust attestation but do not participate in the conformance ladder.
The SSL analogy: Anyone can encrypt a connection. Only a Certificate Authority can issue a certificate browsers trust. DeepaData applies this model to emotional AI governance.
The Three Levels
Compliant
Valid EDM JSON that validates against the schema for the declared profile. Any platform can produce Compliant artifacts by implementing the open specification.
- Schema validation passes
- Profile requirements satisfied
- Free. No DeepaData dependency.
Sealed
Cryptographically signed artifact with W3C Data Integrity Proof. Two paths available:
Self-sealed
Use ddna-tools to extract, self-seal, and verify with your own Ed25519 keys. No API key. No registry entry.
DeepaData-issued
Call /v1/issue. Registry entry created. Certificate ID assigned. VitaPass binding.
Certified
DeepaData countersignature attesting that five compliance checks passed. Certificate permalink created. Only available for Extended and Full profiles.
Five Compliance Checks
schema_valid— Artifact validates against EDM schemaprovenance_intact— Issuer DID verifiable, chain unbrokenconsent_attested— consent_basis field present and validgovernance_complete— Jurisdiction and TTL fields presentnon_biometric— Artifact does not infer protected states
Profile Eligibility
Not all profiles are eligible for all conformance levels. Certified requires Extended or Full.
| Profile | Compliant | Sealed | Certified |
|---|---|---|---|
| Essential (24 fields) | |||
| Extended (50 fields) | |||
| Full (96 fields) |
Why Essential is not Certified-eligible: Essential Profile does not include sufficient governance fields for complete compliance attestation. Use Extended or Full for Certified conformance.
API Usage
Request conformance level when calling /v1/issue.
# Request Sealed conformance (default for DeepaData-issued)
curl -X POST https://www.deepadata.com/api/v1/issue \
-H "Authorization: Bearer dda_live_YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"artifact": { ... },
"pathway": "extraction",
"profile": "extended"
}'
# Request Certified conformance (Extended/Full only)
curl -X POST https://www.deepadata.com/api/v1/issue \
-H "Authorization: Bearer dda_live_YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"artifact": { ... },
"pathway": "extraction",
"profile": "extended",
"conformance_level": "certified"
}'Certified Response
When Certified is requested and all checks pass, the response includes certification details:
{
"certificate_id": "cert_01HZ3G7K...",
"conformance_level": "certified",
"certification_checks": {
"schema_valid": true,
"provenance_intact": true,
"consent_attested": true,
"governance_complete": true,
"non_biometric": true
},
"certificate_url": "https://deepadata.com/verify/cert_01HZ3G7K..."
}Verification
Verify any DeepaData-issued certificate via the public registry endpoint.
# Verify a certificate (no API key required)
curl https://www.deepadata.com/api/v1/verify/cert_01HZ3G7K...Or visit the certificate permalink directly at deepadata.com/verify/{certificate_id}