{"standard":"ICA Institutional Control Architecture","version":"v1.0","published_at":"2026-05-25","publisher":"Aleeth","license":"Open Standard · Reference Implementation Reserved","canonical_url":"https://imperium.aleeth.com/api/ica/enterprise/standard/ica-v1","components":{"layered_architecture":{"L1":{"name":"Sensors + Provider Direct Integration","purpose":"Independent vantage-point capture"},"L2":{"name":"Air Traffic Controller","purpose":"Cross-sensor correlation + coverage gap detection"},"L3":{"name":"Decision Control","purpose":"Per-step trace integrity + lineage chains"},"L4":{"name":"Compliance Engine","purpose":"Rule evaluation across regulatory frameworks"},"L5":{"name":"Provenance Seal","purpose":"Append-only audit + public-ledger anchoring via OpenTimestamps"},"L6":{"name":"Observability + Behavioral Baseline","purpose":"Continuous assessment + drift detection"},"L7":{"name":"Incident Control + Receipt Protocol","purpose":"Ed25519 signed chained receipts + court-grade timeline reconstruction"}},"iac_framework":{"version":"IAC-1.0","domains":9,"criteria":39,"rating_scale":["C","PC","NC"],"tiers":["TA0","TA1","TA2","TA3"],"verdicts":["compliant","partial","advisory","critical"],"outcomes":["granted","conditional","deferred"]},"receipt_protocol":{"signature_algorithm":"Ed25519","hash_algorithm":"SHA-256","canonicalization":"recursive_keysort_json","chain_property":"parent_receipt_hash","verification":"public-no-auth GET /api/ica/iac/certs/verify/:cert_id","anchor":"OpenTimestamps → public ledger (every 6h)"},"sentinel_pack_format":{"identifier_pattern":"<jurisdiction>-<framework>-<year>","required_fields":["id","version","name","domain","authored_by","effective_date","framework_alignment","modules"],"module_required_fields":["id","title","l_layer","requirements"],"requirement_required_fields":["code","title"],"hash_algorithm":"SHA-256 of recursive_keysort_json"},"append_only_pattern":{"enforcement":"PostgreSQL PL/pgSQL triggers","proof_required":"sacrificial-row tamper test before LIVE","exclusion":"RLS-policy omission is NOT proof (service_role bypasses RLS)"},"independence_principle":{"rater_neq_reviewer":true,"drafter_neq_signer":true,"cooling_off_hours":24,"enforcement":"in code, not UI · audit log on bypass attempts"}},"reference_implementation":"TheSchreckMethod/TSM-ICA","contact":"shane@theschreckmethod.com"}