Three-Layer Architecture for Cryptographic Integrity.
Verify, Don't Trust.
Core Enhancement: VCP v1.1 extends tamper-evidence to completeness guarantees—enabling third parties to cryptographically verify not only that events were not altered, but that no required events were omitted.
Protocol-compatible updates with certification-level impacts
Clearer separation of integrity mechanisms: Event Integrity, Collection Integrity, and External Verifiability.
Silver tier now requires daily anchoring. Lightweight options (OpenTimestamps, FreeTSA) are explicitly acceptable.
Simplifies implementation without sacrificing verifiability. Hash chains complement but don't replace external anchoring.
Enables multi-tier, multi-policy deployments with explicit conformance tier declaration.
Standardized error event types (ERR_CONN, ERR_AUTH, ERR_TIMEOUT, etc.) with structured ErrorDetails schema for consistent error logging.
Reference architecture (Appendix F) for deploying VCP as a sidecar container with integration patterns. Documentation-only, no implementation changes required.
VCP v1.1 is protocol-compatible with v1.0. Existing implementations will continue to work, though some may need updates to achieve v1.1 VC-Certified status.
A clear structure for understanding cryptographic integrity
Purpose: Third-party verification without trusting the producer
Frequency: Tier-dependent (10min / 1hr / 24hr)
Purpose: Prove completeness of event batches
Purpose: Individual event completeness
Note: PrevHash provides real-time detection (OPTIONAL in v1.1)
The critical integrity mechanism for "Verify, Don't Trust"
| Tier | Frequency | Anchor Target | Proof Type |
|---|---|---|---|
| Platinum | Every 10 minutes | Blockchain or RFC 3161 TSA | Full Merkle proof |
| Gold | Every 1 hour | RFC 3161 TSA or attested database | Merkle root + audit path |
| Silver | Every 24 hours | Public timestamping service or attested database | Merkle root only |
Free, Bitcoin-backed timestamping with decentralized verification.
FreeFree RFC 3161 compliant time-stamping authority service.
FreeCommercial service with free tier for basic timestamping needs.
Free Tier AvailableSupporting multi-tenant deployments with explicit conformance declaration
{
"PolicyIdentification": {
"Version": "1.1",
"PolicyID": "org.veritaschain.prod:hft-system-001",
"ConformanceTier": "PLATINUM",
"RegistrationPolicy": {
"Issuer": "VeritasChain Inc.",
"PolicyURI": "https://veritaschain.org/policies/prod-hft",
"EffectiveDate": 1735084800000
},
"VerificationDepth": {
"HashChainValidation": true,
"MerkleProofRequired": true,
"ExternalAnchorRequired": true
}
}
}To ensure global uniqueness without a central registry:
PolicyID = <reverse_domain>:<local_identifier>
org.veritaschain.prod:hft-system-001
com.acme.trading:gold-algo-v2
jp.co.broker:silver-mt5-bridge
What existing implementations need to update
| Requirement | Grace Period | Hard Deadline |
|---|---|---|
| External Anchor (Silver) | 6 months | June 25, 2026 |
| Policy Identification | 3 months | March 25, 2026 |
After the hard deadline, v1.0-only implementations will not receive VC-Certified status for new certifications.
Consistent error logging with structured event types
{
"ErrorDetails": {
"ErrorType": "ERR_CONN",
"ErrorCode": "BROKER_DISCONNECT",
"Message": "Connection lost to broker API",
"Severity": "HIGH",
"Recoverable": true,
"RetryCount": 3,
"Context": {
"endpoint": "api.broker.com",
"lastSuccessful": 1735084800000
}
}
}Reference deployment pattern for VCP integration (Appendix F)
┌─────────────────────────────────────────────────────────┐
│ Application Pod │
│ ┌─────────────────┐ ┌─────────────────────────┐ │
│ │ Trading Algo │─────▶│ VCP Sidecar │ │
│ │ (Main App) │ │ ┌─────────────────┐ │ │
│ │ │ │ │ Event Collector │ │ │
│ │ • Order Logic │ gRPC │ │ Merkle Builder │ │ │
│ │ • Risk Engine │──────│ │ Anchor Client │ │ │
│ │ • Market Data │ │ │ Signature Gen │ │ │
│ └─────────────────┘ │ └─────────────────┘ │ │
│ └───────────┬─────────────┘ │
└───────────────────────────────────────┼────────────────┘
│
▼
┌───────────────────────────────────┐
│ External Services │
│ • TSA (RFC 3161) │
│ • Blockchain Anchor │
│ • VCP Explorer API │
└───────────────────────────────────┘Deploy as sidecar container. Main application sends events via gRPC/HTTP. No VCP code in your app.
Cryptographic operations isolated from business logic. Independent scaling and updates.
Reference architecture in Appendix F. No implementation changes required for v1.1 compliance.
Authoritative documentation for VCP v1.1 implementers
Complete implementation guidance covering three-layer architecture, external anchoring, Policy Identification, error events, and sidecar integration patterns.
View Implementation GuidePreparing for the quantum era with dual-signature support
{
"Security": {
"Signature": "base64(Ed25519_signature)",
"SignAlgo": "ED25519",
"PQCSignature": "base64(Dilithium2_signature)",
"PQCSignAlgo": "DILITHIUM2"
}
}2025-2026: Implement dual-signature capability
2027-2029: Deploy dual signatures in production
2030+: Phase out classical-only signatures
VCP v1.1 was officially released in January 2026. We welcome feedback from the community to continue improving the specification.
Silver Tier reference implementation with sidecar architecture
Technical feedback and bug reports
Formal comments to standards@veritaschain.org
Join the discussion on algorithmic transparency
"A civilization that can learn before accidents occur."
— VeritasChain Standards Organization