Source for the public TSP site, the open specification, the reference SDK, the TrustBadge component, interop fixtures, and the release checks behind truststandardprotocol.com.
TSP wraps important AI outputs as signed TrustEnvelope receipts. A
recipient, auditor, or browser verifier can check the signature, content
hash, issuer manifest, and timestamp evidence against the public
specification — without trusting a vendor dashboard.
The painful question that TSP exists to answer always arrives after the AI output has already moved:
- Was this the exact answer the customer, citizen, employee or reviewer saw?
- Was it edited after generation?
- Which source, model, policy, timestamp and manifest produced it?
- Can a third party verify the artifact without trusting the vendor dashboard?
Before TSP: trust the system record. With TSP: check the receipt.
| If you are… | The fastest path is… |
|---|---|
| A regulator, policymaker or supervisor | The deployed TSP × EU AI Act mapping and the browser verifier. |
| A compliance, legal, risk or procurement lead | The verification gap page, the pilot pricing page, and a 20-second scan of the homepage. |
| An AI developer or security engineer | The @lexitsp/sdk repository and its examples/ directory. |
| An end-user or affected citizen | The browser verifier — paste any envelope you have been given and see if it still verifies. |
| A contributor to this site | The rest of this README, plus CONTRIBUTING.md. |
TSP is in public alpha. The open layer is public:
- The public site at https://truststandardprotocol.com
- The TSP specification at https://truststandardprotocol.com/spec
@lexitsp/sdk— reference TypeScript SDK and CLI (MIT)@lexitsp/trustbadge-react— end-user UI component (MIT)- Interop fixtures and local verification flows
The other commercial platform modules (Risk, Evidence, Oversight, Control Plane) are focused pilot and production services and are not included in this open-source repository.
Until an external organization signs a TrustEnvelope with its own key
and DNS-hosted manifest (Gate A, see
docs/FIRST_ADOPTER_KIT.md), TSP should be
described as an open specification plus reference implementation.
tsp-site/
├── src/app/[locale]/ Next.js App Router pages (Norwegian + English)
├── src/components/ Site components, verifier UI, playground UI
├── messages/ `no.json` and `en.json` translations
├── fixtures/v3.0/ TSP test vectors (canonical / tampered / invalid-sig / invalid-tsa / …)
├── packages/lexitsp-sdk/ Public SDK workspace package (mirrored to LexiTSP/sdk)
├── packages/trustbadge-react/ Public TrustBadge workspace package (mirrored to LexiTSP/trustbadge-react)
├── scripts/ Release, claim-lint, interop, manifest, smoke scripts
└── docs/ Public protocol and adopter documentation
The public open layer must keep working without LexiCo-hosted
infrastructure. Public TSP repositories must not depend on private
@lexi-co/* packages.
Requirements:
- Bun 1.x
- Node.js 18+ for compatibility with some tooling
bun install
bun run devThe local site runs on http://localhost:3838.
bun run check:releasecheck:release includes the production build, package tests, claim lint,
manifest checks, bun run check:links link checking, strategic-readiness checks,
public-surface checks, interop fixtures, package smoke and a production-start smoke. Before
publishing or deployment, also walk
docs/PRE_PUBLISH_AUDIT.md.
/and/en/developersand/en/developers/specand/en/spec/playgroundand/en/playground/verifyand/en/verify/eu-ai-actand/en/eu-ai-act/verification-gapand/en/verification-gap/priser(pricing) and/en/priser/kontakt(contact) and/en/kontakt/newsletterand/en/newsletter/.well-known/tsp-manifest.json/examples/manifest.json
The manifest currently shipped in public alpha is a demo identity for site and verifier smoke tests. Replace it with production root and instance keys before using it as external Gate A evidence.
The public packages are published from their dedicated repositories:
Clean install smoke:
npm init -y
npm install @lexitsp/sdk@alpha @lexitsp/trustbadge-react@alpha react react-dom
npx tsp --helpThe public npm scope is @lexitsp. It is intentionally separate from
LexiCo's private GitHub Packages scope.
TSP copy is treated as part of the architecture. Public language must match what the code and specification actually support. Avoid overclaims:
- transport-protocol metaphors that TSP does not implement;
- broad proof claims that exceed the envelope checks;
- unsupported compliance guarantees;
- production claims for alpha services;
- claims that a regulator accepts TSP unless that has been confirmed in writing.
Prefer concrete language:
- signed
TrustEnvelope; - local verification of signature and content hash;
- manifest-backed issuer identity;
- public alpha reference implementation;
- paid pilot alpha tool.
The release gate runs a bilingual claim-lint to keep this discipline in CI.
The next protocol-validation milestone is Gate A:
A named external organization signs a
TrustEnvelopewith its own key, its own DNS-hosted manifest, and integration code not written by LexiCo.
The first-adopter kit is in docs/FIRST_ADOPTER_KIT.md.
The strategic discipline pass is implemented as public artifacts plus a release assertion, not as private planning notes:
docs/EXTERNAL_VALIDATION_PROGRAM.mddocs/ECOSYSTEM_AND_CONFORMANCE.mddocs/TSP_V3_CORE_STABILITY_GUARANTEE.mddocs/WORKING_GROUP_CHARTER.mddocs/INDUSTRY_ADOPTION_NARRATIVES.mddocs/STANDARDS_AND_RESEARCH_BRIEF.mddocs/PUBLIC_METRICS.mddocs/STRATEGIC_FIXES_IMPLEMENTATION.mddocs/PRE_PUBLISH_AUDIT.md
Run:
bun run check:strategyThis keeps Gate A, one-hour implementation, governance disclosure, v3 stability, and honest zero-state metrics visible. It also blocks claims that imply authority acceptance, official standard status, or compliance guarantees before evidence exists.
Report suspected vulnerabilities privately to security@truststandardprotocol.com.
See SECURITY.md. Security-sensitive areas include
envelope verification, signature validation, manifests, revocation,
DANE, TSA evidence, and reviewer decisions.
See CONTRIBUTING.md. Contributions should
preserve the boundary between:
- the open specification layer (specification, SDK, TrustBadge, fixtures, docs, local verifier);
- the paid pilot layer (Risk, Evidence, Oversight, Control Plane).
The open specification path must remain useful without LexiCo-hosted infrastructure.
@lexitsp/sdk: MIT@lexitsp/trustbadge-react: MIT- TSP specification text: CC-BY-4.0
- Website content and brand assets: © LexiCo AS
- Paid pilot tools: separate commercial terms
LexiCo AS · Tønsberg, Norway · https://truststandardprotocol.com ·
general: hello@truststandardprotocol.com · security: security@truststandardprotocol.com