--- vault_clearance: KETER halo: classification: RESTRICTED confidence: HIGH front: "15_Project_ShadowsOfSight" custodian: "The Architect" created: 2026-03-27 updated: 2026-03-27 wing: CONDITIONAL containment: "Integrity architecture — concepts shareable, keys are not" --- # 15_Project_ShadowsOfSight — Integrity Suite **Project triad:** [BOUNTY_BOARD.md](BOUNTY_BOARD.md) · [WORLDLINE.md](WORLDLINE.md) · vault [§6 workflow](../README.md#6-workflow-applies-across-all-projects). > **Software is Dead. People are Alive. Information is Immortal.** > ShadowsOfSight makes information that is *alive* — containers that know when they've been tampered with. --- ## Architecture ``` ┌─────────────────────────────────────────────────────────────┐ │ SHADOWSOFSIGHT │ │ │ │ ┌──────────────┐ ┌──────────────┐ ┌───────────────────┐ │ │ │ BIOSHIP v2 │ │ SHADOW SEAL │ │ BIOSHIP VAULT │ │ │ │ Living │ │ Orthodox │ │ Fleet management │ │ │ │ Binary │ │ HMAC seal │ │ Apollyon keys │ │ │ │ Container │ │ (baseline) │ │ HALO integration │ │ │ └──────┬───────┘ └──────┬───────┘ └────────┬──────────┘ │ │ │ │ │ │ │ ▼ ▼ ▼ │ │ ┌──────────────────────────────────────────────────────┐ │ │ │ CERBERUS BRIDGE │ │ │ │ Connects ShadowsOfSight seals to CerberusLantern │ │ │ │ active detection — immune system meets predator │ │ │ └──────────────────────────────────────────────────────┘ │ └─────────────────────────────────────────────────────────────┘ ``` ### Two Protection Modes | Mode | Tool | For | Heartbeat | |------|------|-----|-----------| | **Living** (Bioship) | `bioship.py` | Frozen assets: keys, published papers, baselines | Yes — stale = dead | | **Static** (Shadow Seal) | `shadow_suite.py` | Working documents: READMEs, code, logs | No — re-baseline after edits | --- ## Bioship — The Living Binary (v2) A self-verifying container where **every cell knows what the whole organism must look like**. Tamper with one byte and the ship knows it's infected. ### Five Properties | Property | What It Does | |----------|-------------| | **Fractal Integrity** | Every cell has hashes of siblings — verify the whole from any fragment | | **DNA Strand** | Domain-separated Merkle root (v2: `H(0x00\|\|leaf)`, `H(0x01\|\|internal)`) in every cell | | **Heartbeat** | Timestamp that must be refreshed — stale = dead copy | | **Immune Response** | KEEL HMAC over entire structure — detects ANY change | | **Self-Describing** | Ship reports exactly which cell is infected | ### Commands ```powershell python bioship.py create -o # Wrap payload python bioship.py diagnose # Health check python bioship.py heartbeat # Refresh python bioship.py extract -o # Unwrap (refuses if infected) python bioship.py infect # Test immune system ``` ### NP-Complete Cultivator Results (12 attacks) ``` # Attack Orthodox Bioship v2 Winner 1 BYTE_FLIP DETECTED DETECTED TIE 5 SEAL_FORGE MISSED DETECTED BIOSHIP 6 STALE_CLONE MISSED DETECTED BIOSHIP 11 KEEL_REBUILD MISSED DETECTED BIOSHIP 12 SECOND_PREIMAGE DETECTED DETECTED TIE Orthodox: 9/12 detected, 0 wins Bioship: 12/12 detected, 3 wins ``` --- ## Bioship Vault — Apollyon Key Delivery HALO classification → Bioship policy enforcement: | HALO Level | Heartbeat | Bioship Policy | |------------|-----------|---------------| | PUBLIC | — | No Bioship needed (dead software) | | INTERNAL | 30 days | Monthly living container | | RESTRICTED | 7 days | Weekly heartbeat | | CLASSIFIED | 24 hours | Daily — fortress container | | SOVEREIGN | 1 hour | PQ-encrypt first, then Bioship | | APOLLYON | 1 hour | SOVEREIGN + Shamir splitting + tripwire | ```powershell python bioship_vault.py wrap --class RESTRICTED python bioship_vault.py keygen --name --shares 5 --threshold 3 python bioship_vault.py deliver --dest python bioship_vault.py fleet-check ``` --- ## Shadow Seal — Static Integrity (Legacy) The original baseline + HMAC system. Still used for working documents. | Goal | Command | |------|---------| | Verify | `TRIGGER_VERIFY.bat` or `python shadow_suite.py verify` | | Re-seal | `TRIGGER_BASELINE.bat` or `python shadow_suite.py baseline` | | Health check | `TRIGGER_SUITE_DOCTOR.bat` | | New canary | `TRIGGER_CANARY_NEW.bat` | ### Integrity Layers | Layer | What | |-------|------| | L1 | SHA-256 of file content | | L2 | Size + mtime metadata | | L3 | HMAC over full manifest | | L4 | NTFS ADS `SEAL:ShadowOfSight` | | L5 | High-entropy canaries | --- ## Defense in Depth (Three-Project Integration) | Layer | Project | What It Stops | |-------|---------|---------------| | **Integrity** | ShadowsOfSight (Bioship + Shadow Seal) | Tampered files, forged seals, stale clones | | **Detection** | CerberusLantern (3 heads) | Malware, suspicious binaries, network anomalies | | **Access** | HALO Protocol | Unauthorized classification access | --- ## Folder Map ``` 15_Project_ShadowsOfSight/ ├── README.md ← this file (canonical) ├── BIOSHIP.md ← concept documentation (HALO) ├── BOUNTY_BOARD.md ├── WORLDLINE.md ├── fleet/ ← Bioship fleet (ships + keys + manifests) │ ├── fleet_manifest.json │ └── keys/ ← Apollyon key material ├── tools/ │ ├── bioship.py ← Living binary engine v2 │ ├── bioship_vault.py ← Vault integration + key delivery │ ├── np_cultivator.py ← 12-attack tampering suite │ ├── orthodox_seal.py ← Comparison class (traditional) │ ├── form_drill.py ← Original 6-attack FORM drill │ ├── cerberus_bridge.py ← CerberusLantern integration │ ├── shadow_suite.py ← Legacy baseline system │ ├── shadow_baseline.py │ ├── shadow_verify.py │ ├── shadow_canary_factory.py │ └── shadow_common.py ├── config/suite.json ├── manifest/ ← Legacy seal files ├── canaries/ ├── secrets/ ← .shadow_key (BACKUP THIS) └── TRIGGER_*.bat ``` --- ## Authority Project mechanics: **this README**. Vault-wide law: **vault root `README.md`**. Priority Doctrine: **HALO_PROTOCOL.md §Priority Doctrine**. If this file and vault root disagree on *lab* process, **vault root wins**.