explaingit

onepunchforall/aep

Analysis updated 2026-05-18

0PythonAudience · developerComplexity · 4/5LicenseSetup · moderate

TLDR

A schema validated, tamper detectable file format for AI agent memory that replaces plain text handoffs with structured, cryptographically verifiable claims.

Mindmap

mindmap
  root((AEP))
    Packet Contents
      Sources
      Spans
      Claims
      Relations
      Reviews
    Integrity
      SHA-256 State Hash
      Merkle Root
      Fail Closed Validation
    Derived Views
      HTML Table
      SVG Diagram
      Mermaid Graph
    Verification
      Python Verifier
      Node.js Verifier

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Pass verifiable, tamper checkable findings between AI agents instead of relying on unstructured plain text handoffs.

USE CASE 2

Store per claim provenance and reliability labels so downstream agents do not have to blindly trust an earlier agent's output.

USE CASE 3

Generate derived HTML, SVG, and Mermaid views from the same integrity bound evidence packet for human review.

USE CASE 4

Verify a packet's integrity using either a Python or Node.js implementation and confirm both agree on the same hash.

What is it built with?

PythonNode.jsJSONLSHA-256JSON-LD

How does it compare?

onepunchforall/aep0xhassaan/nn-from-scratch3ks/embedoc
Stars00
LanguagePythonPythonPython
Last pushed2023-06-08
MaintenanceDormant
Setup difficultymoderatemoderatehard
Complexity4/54/51/5
Audiencedeveloperdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 1h+

Requires understanding of the packet schema and running both Python and Node verifiers to confirm cross-runtime integrity.

Use freely for any purpose, including commercial use, as long as you keep the copyright and license notices.

In plain English

AEP, short for Agent Evidence Packet, is a file format built to solve a specific problem in AI agent pipelines. When one AI agent hands its findings off to another, those findings usually arrive as plain text with no way to check where the information came from or whether it has been changed along the way. AEP replaces that unstructured prose with a structured, schema validated, tamper detectable format, with tooling written in Python. Each AEP packet is a directory, using a .aepkg extension, containing JSONL files, meaning one JSON record per line, for sources, spans, claims, relations, events, reviews, and validation runs. A span records the exact quoted location a claim came from, along with a SHA-256 hash of that quote. A root manifest ties everything together with its own SHA-256 state hash, which any compliant validator can independently recompute. If anything in the packet changes after that hash is set, validation fails. Every claim in a packet carries a reliability label, an evidence basis pointing back to a specific quoted span, and reviewer receipts, so a claim can be checked without simply trusting the agent that produced it. The format can generate derived views from the same underlying data: an HTML table, an SVG diagram of the integrity tree, and a Mermaid dependency graph, all tied back to the same root hash. Separate verifier programs written in Python and in Node.js were tested against the same packets and produced identical hashes, showing that two independent implementations agree the data has not been tampered with. AEP is aimed at developers building AI agent systems where verifiable provenance matters more than file size or ease of hand editing. The README reports the format closes 11 documented attack classes and includes over 35 fail closed validation error codes, at the cost of packets being noticeably larger on disk than plain HTML or Markdown. The project is released under the Apache 2.0 license.

Copy-paste prompts

Prompt 1
I want agents in a pipeline to hand off findings with verifiable provenance instead of plain text. Explain how a content addressed, hash chained file format like this could work.
Prompt 2
Show me how to structure JSONL files for claims, sources, and spans where each claim links back to an exact quoted location with a hash.
Prompt 3
How would I write a validator that recomputes a SHA-256 state hash over a directory of JSONL files and fails closed if anything has been tampered with?
Prompt 4
Explain the tradeoffs between a structured, schema validated evidence format and plain Markdown or HTML for storing AI agent findings.
Prompt 5
I need cross language verifiers, one in Python and one in Node.js, that must produce byte identical hashes for the same input. What pitfalls should I watch for?

Frequently asked questions

What is aep?

A schema validated, tamper detectable file format for AI agent memory that replaces plain text handoffs with structured, cryptographically verifiable claims.

What language is aep written in?

Mainly Python. The stack also includes Python, Node.js, JSONL.

What license does aep use?

Use freely for any purpose, including commercial use, as long as you keep the copyright and license notices.

How hard is aep to set up?

Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.

Who is aep for?

Mainly developer.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.