GMEOW Attestation Module

• IRI: https://blackcatinformatics.ca/gmeow/slices/attestation
• Tier: core
• Group: core

What This Slice Covers

This slice owns 75 terms and contributes 20 mapping or projection rows. Use it when its terms match the native fact you want to preserve; use the linkage tables to see how those facts leave GMEOW for consumer vocabularies.

Dependencies

• gmeow:slices/events
• gmeow:slices/kernel
• gmeow:slices/observations
• gmeow:slices/provenance
• gmeow:slices/trust

Consumers

• Signed-claim envelopes for trust, software releases (SLSA/Sigstore), and GTS COSE signing.

Local Map

Examples

Software Release

• Source: slices/core/attestation/examples/software-release.ttl
• GMEOW terms: gmeow:Attestation, gmeow:AttestationArtifact, gmeow:CreativeWork, gmeow:CryptographicSignature, gmeow:SoftwareAgent, gmeow:VerificationResult, gmeow:artifactMediaType, gmeow:attestationArtifact, gmeow:attestationType, gmeow:attestationTypeSLSAProvenance
• External prefixes: xsd

# SPDX-FileCopyrightText: 2026 Blackcat Informatics® Inc. <paudley@blackcatinformatics.ca>
# SPDX-License-Identifier: CC-BY-4.0
#
# Worked example: a supply-chain attestation. A gmeow:Attestation binds an
# gmeow:attester (who vouches) to an gmeow:attestedSubject (what is vouched for)
# under an gmeow:attestationType drawn from the open vocabulary of real formats
# (SLSA provenance, in-toto, DSSE, C2PA, verifiable credential, …). Here a CI
# pipeline issues a SLSA-provenance attestation over a release bundle, carries
# the signed artifact, and a relying party records a gmeow:VerificationResult —
# the attestation is a claim; verifying it is a separate, recorded act.
@prefix gmeow: <https://blackcatinformatics.ca/gmeow/> .
@prefix ex:    <https://blackcatinformatics.ca/gmeow/examples/attestation/> .
@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .

ex:ciSystem a gmeow:SoftwareAgent ; gmeow:name "Acme CI pipeline"@en .
ex:relyingParty a gmeow:SoftwareAgent ; gmeow:name "Production deploy gate"@en .

ex:release a gmeow:CreativeWork ;
    gmeow:title         "myapp 1.0.0 release bundle"@en ;
    gmeow:contentDigest "sha256:abc123def4567890abc123def4567890abc123def4567890abc123def4567890" .

# --- The attestation: the CI system vouches for the release as SLSA provenance.
ex:slsaAttestation a gmeow:Attestation ;
    gmeow:attester           ex:ciSystem ;
    gmeow:attestedSubject    ex:release ;
    gmeow:attestationType    gmeow:attestationTypeSLSAProvenance ;
    gmeow:issuedAt           "2026-06-14T12:00:00Z"^^xsd:dateTime ;
    gmeow:attestationArtifact ex:artifact ;
    gmeow:hasSignature       ex:sig ;
    gmeow:verificationResult ex:verifyResult .

ex:artifact a gmeow:AttestationArtifact ;
    gmeow:artifactMediaType "application/vnd.in-toto+json" ;
    gmeow:contentDigest     "sha256:def456abc1237890def456abc1237890def456abc1237890def456abc1237890" .

ex:sig a gmeow:CryptographicSignature ;
    gmeow:signatureAlgorithm "ecdsa-p256" ;
    gmeow:signedBy           ex:ciSystem .

# --- Verification is its own recorded act: the deploy gate checked the chain.
ex:verifyResult a gmeow:VerificationResult ;
    gmeow:hasVerificationStatus gmeow:verificationStatusVerified ;
    gmeow:verifiedBy            ex:relyingParty .

Terms

Classes

Properties

Individuals

Linkages

• Rows: 20
• Projection profiles: intoto, sigstore, slsa
• External vocabularies: dqv, https, prov, rdf, schema, vc, wot

Guide

Attestation, verification, and transparency — modelling & interoperability guide

GMEOW models attestation as gmeow:Attestation, a gufo:Relator that reifies a signed claim envelope. The module is intentionally cross-cutting: it is not tied to any single domain (identity, messaging, supply chain, or publishing) and is designed to be used as a common substrate for any scenario that needs provenance-bearing assertions, verification activities, and append-only transparency logs.

The design follows GMEOW Principle 12 (solver boundary): the model gives you what to assert and how to record verification, not a decision procedure for whether an assertion is true.

Core classes

Value vocabularies

Key properties

Attestation → world

Artifact

Verification

Transparency & ledger

Signature (reused from the trust module)

Cross-cutting reuse (not redefined in this module)

The attestation module reuses existing cross-cutting properties rather than minting new IRIs (Principle 4):

Signature model

gmeow:hasSignature is intentionally domain-free (no rdfs:domain). Anything that can carry a cryptographic signature — a message, a document, an attestation artifact, a transparency-log entry — uses the same property. The kind of signature is expressed through the range class:

• gmeow:CryptographicSignature — abstract superclass.
• gmeow:DKIMSignature — email domain-key signature (lives in the email slice; specializes trust's CryptographicSignature).
• gmeow:SMIMESignature — S/MIME email signature.
• gmeow:PGPSignature — OpenPGP signature.

Signature metadata (signer key, algorithm) is on the signature object itself via gmeow:signedBy, gmeow:signingKey, and gmeow:signatureAlgorithm.

What Attestation is not

• Not a truth guarantee. Attestation records who asserted what; truth is a standpoint-indexed claim (gmeow:StandpointClaim) handled by the coreference module.
• Not a replacement for Certification. gmeow:Certification (trust module) binds a public key to an identity via a gmeow:certifier; its property shape is different from Attestation (which uses attester/attestedSubject/attestedClaim). Certification is documented as a specialisation of attestation via skos:scopeNote, not a subclass.
• Not a trust score. Verification yields a discrete status (verified/failed/ revoked/expired/unverified), not a numeric confidence. Confidence values, when needed, are attached to the underlying Observation or StandpointClaim.

Example: a self-issued verifiable credential

@prefix gmeow: <https://blackcatinformatics.ca/gmeow/> .
@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
@prefix ex:    <https://example.org/id/> .

ex:vcOver18 a gmeow:Attestation ;
    gmeow:attestationType    gmeow:attestationTypeVerifiableCredential ;
    gmeow:attestedSubject    ex:alice ;
    gmeow:attestedClaim      ex:claimAliceOver18 ;
    gmeow:attester           ex:alice ;
    gmeow:issuedAt           "2025-06-01T00:00:00Z"^^xsd:dateTime ;
    gmeow:validUntil         "2026-06-01T00:00:00Z"^^xsd:dateTime ;
    gmeow:attestationArtifact ex:vcArtifact ;
    gmeow:hasSignature       ex:sigAlice .

ex:vcArtifact a gmeow:AttestationArtifact ;
    gmeow:artifactMediaType "application/vc+ld+json" .

ex:sigAlice a gmeow:CryptographicSignature ;
    gmeow:signedBy           ex:alice ;
    gmeow:signingKey         "did:example:alice#keys-1" ;
    gmeow:signatureAlgorithm "ed25519" .

ex:slsaVerify a gmeow:VerificationActivity .

ex:slsaVerifyResult a gmeow:VerificationResult ;
    gmeow:verifiedBy         ex:verifierAgent ;
    gmeow:hasVerificationStatus gmeow:verificationStatusVerified .

Example: certificate-transparency inclusion

ex:ctEntry a gmeow:TransparencyLogEntry ;
    gmeow:logEntryUrl       "https://ct.example/entries/42" ;
    gmeow:logEntryIndex     42 ;
    gmeow:ledgerInclusionProof "base64:proofData…" .

Interoperability layers

1. Term alignment — mappings/gmeow-attestation.sssom.tsv maps to PROV-O, W3C Verifiable Credentials, W3C DID, W3C Web of Things, and W3C DQV.
2. SSSOM + EDOAL — generated from mapping-dsl/equivalences/attestation.ttl. PROV-O Entity ↔ AttestationArtifact, Activity ↔ VerificationActivity, wasGeneratedBy ↔ hasSignature / signedBy, etc.
3. Refused mappings — in-toto, SLSA, DSSE, Sigstore, SCITT, C2PA, RATS/EAT, and nanopublications are acknowledged as related but not aligned because their granularity or property shapes differ from GMEOW's relator-based model. Users who need those vocabularies should bridge at the application layer or via custom projection mappings.
4. Round-trip — VC credentialSubject maps to attestedSubject; issuanceDate/expirationDate map to issuedAt/validUntil; proof maps to hasSignature → CryptographicSignature.
5. Contested / revoked — a revoked attestation does not disappear. It gains a VerificationResult with verificationStatusRevoked, and the original Attestation remains in the graph with its history intact. For suppression of superseded labels (e.g. a corrected issuer name), use gmeow:displayable false.

Terms

The classes, properties, and value vocabularies this module declares, anchored to the model above. Signature metadata (signedBy, signingKey, signatureAlgorithm, CryptographicSignature) and the validity/identity cross-cutters are reused from the trust and temporal modules, not redefined here.

gmeow:Attestation · gmeow:attester · gmeow:attestedSubject · gmeow:attestedClaim · gmeow:hasAttestation

The core relator: a reified envelope recording that an gmeow:attester (one, functional) vouches for a bare gmeow:attestedSubject entity and/or an gmeow:attestedClaim observation, under a policy and with evidence. An entity reaches its attestations through the inverse gmeow:hasAttestation; competing attestations coexist (Principle 9) and an attestation proves who said what, never that it is true.

gmeow:attestationType · gmeow:AttestationType · gmeow:attestationPolicy · gmeow:AttestationPolicy · gmeow:issuedAt

The envelope's classification and provenance: gmeow:attestationType names one or more gmeow:AttestationType kinds (SLSA provenance, in-toto, VC, DSSE, C2PA, nanopublication…); gmeow:attestationPolicy names the gmeow:AttestationPolicy rules the attester followed; gmeow:issuedAt stamps the single issue instant (functional). Validity rides the temporal module's validFrom/validUntil.

gmeow:AttestationArtifact · gmeow:attestationArtifact · gmeow:artifactMediaType · gmeow:hasSignature · gmeow:signatureOf

The concrete carrier: an gmeow:AttestationArtifact is the serialized document (in-toto JSON, DSSE envelope, VC, C2PA manifest) linked from the logical attestation by gmeow:attestationArtifact and typed by gmeow:artifactMediaType. gmeow:hasSignature is the domain-free universal spine attaching a cryptographic signature to anything signed, with gmeow:signatureOf its inverse — a valid signature proves integrity and key control, never truth.

gmeow:VerificationActivity · gmeow:VerificationResult · gmeow:verificationActivity · gmeow:verificationResult · gmeow:verifiedBy · gmeow:hasVerificationStatus · gmeow:VerificationStatus

Verification as act and outcome: a gmeow:VerificationActivity is the checking event, producing a gmeow:VerificationResult (gmeow:verifiedBy an agent, carrying gmeow:hasVerificationStatus from the gmeow:VerificationStatus vocabulary — verified / failed / expired / revoked / policy-failed / finality-pending). A result is one verifier's observation under one policy, not a global verdict; competing results coexist (Principles 9, 12).

gmeow:TransparencyLogEntry · gmeow:transparencyLogEntry · gmeow:logEntryIndex · gmeow:logEntryUrl

Transparency-log evidence: a gmeow:TransparencyLogEntry (Rekor entry, SCITT receipt, CT inclusion proof) linked via gmeow:transparencyLogEntry, identified by gmeow:logEntryIndex (functional, log-local) and retrievable at gmeow:logEntryUrl. Inclusion proves it was logged, not that it is correct (Principle 1).

gmeow:LedgerTransaction · gmeow:LedgerEvent · gmeow:Block · gmeow:BlockchainNetwork · gmeow:SmartContract · gmeow:BlockchainAccount

Ledger/blockchain evidence: a gmeow:LedgerTransaction (information-object view of a payload) and the on-chain gmeow:LedgerEvent it emits, located by gmeow:Block on a gmeow:BlockchainNetwork, with gmeow:SmartContract and gmeow:BlockchainAccount as the deployed program and the address-controlled signing identity. Ledger inclusion proves inclusion under chain rules, not real-world truth.

gmeow:transactionHash · gmeow:blockHash · gmeow:blockNumber · gmeow:chainId · gmeow:contractAddress · gmeow:signatureRecoveryAddress · gmeow:logIndex · gmeow:confirmationDepth · gmeow:finalityStatus · gmeow:LedgerFinalityStatus · gmeow:ledgerInclusionProof · gmeow:SignatureScheme

The ledger identity and finality facets: hashes and identifiers (gmeow:transactionHash, gmeow:blockHash, gmeow:blockNumber, gmeow:chainId, gmeow:contractAddress, gmeow:signatureRecoveryAddress, gmeow:logIndex), settlement state (gmeow:confirmationDepth, gmeow:finalityStatus over gmeow:LedgerFinalityStatus — pending / confirmed / finalized / orphaned / reorged), the domain-free gmeow:ledgerInclusionProof, and the gmeow:SignatureScheme vocabulary of cryptographic algorithms. Finality checks run in the solver layer (Principle 12).

See also

• ontology/modules/attestation.ttl — canonical module source.
• mapping-dsl/equivalences/attestation.ttl — mapping DSL alignments.
• tests/test_attestation.py — structural and negative tests.
• slices/extensions/email/docs.md — how hasSignature is used for DKIM / S/MIME / PGP in email.
• ontology/modules/trust.ttl — gmeow:Certification, the key-to-identity specialisation.