Trust Infrastructure

The conformance ladder.

Compliant. Sealed. Certified. Three levels of trust assurance for emotional AI governance.

The SSL analogy_

Anyone can encrypt a connection. Only a Certificate Authority can issue a certificate that browsers trust. The encryption is the same. The trust anchor is different.

DeepaData applies this model to emotional AI governance. Anyone can produce and self-seal an EDM artifact. Only DeepaData can issue a registry-listed, independently verifiable certificate. The cryptography is the same. The trust anchor is different.

Your keys = self-signed

DeepaData keys = registry-listed

Three levels of assurance_

Choose the conformance level that matches your compliance requirements.

Level 1

Compliant

Valid EDM JSON. Any platform can produce this by implementing the open spec. Schema validated.

Profiles: Essential, Extended, Full

Free. No DeepaData dependency.

Artifact validates against EDM JSON schema
Profile requirements satisfied
Governance fields populated
Self-declared. No external verification.

Level 2

Sealed

Cryptographically signed. Tamper-evident. Two paths available.

Profiles: Essential, Extended, Full

Available at all tiers.

W3C Data Integrity Proof (eddsa-jcs-2022)
Self-sealed: Own Ed25519 keys. No registry entry.
DeepaData-issued: Registry entry created. Certificate ID assigned.
Independently verifiable via /v1/verify

Level 3

Certified

DeepaData countersignature. Five compliance checks passed. Certificate permalink.

Profiles: Extended and Full only

For enterprise procurement, regulatory submission, litigation defensibility.

schema_valid — artifact validates against declared profile
provenance_intact — issuer DID verifiable, chain unbroken
consent_attested — consent_basis field present and valid
governance_complete — jurisdiction and TTL fields present
non_biometric — artifact does not infer protected states

Profile × Conformance matrix_

Not all profiles are eligible for all conformance levels. Certified requires Extended or Full.

Profile	Compliant	Sealed (Self)	Sealed (DD)	Certified
Essential (24 fields)
Extended (50 fields)
Full (96 fields)

Why Essential is not Certified-eligible: Certified level requires DeepaData countersignature attesting to all five compliance checks. Essential Profile does not include sufficient governance fields for complete compliance attestation.

Self-sealed vs DeepaData-issued_

Both are cryptographically valid. The difference is who vouches for them.

Self-sealed

Use ddna-tools to extract, self-seal, and verify with your own Ed25519 keys. No API key required. No registry entry.

Cryptographically tamper-evident
Free. No dependency on DeepaData.
Cannot prove who issued it
Cannot prove issuer is accountable
No external verification path

DeepaData-issued

Call /v1/issue. DeepaData signs. Registry entry created. Certificate ID assigned.

Cryptographically tamper-evident
Registry-listed. Independently verifiable.
DeepaData as accountable CA
VitaPass binding created automatically
Certified level available (Extended/Full)

Start with Compliant. Progress as needed.

Start with Compliant. Progress to Sealed when your enterprise buyers ask. Progress to Certified when your regulator asks.

Read the Docs View the Trust Registry