GRIFF AI Standards Wiki

A written standard for chain of custody in AI agents.

GRIFF-AI-8802 is our own standards family for agent identity, authority, communications, running-state custody, evidence, and certified closeout. It is the specification our platform is built to meet — published, versioned, and open for review rather than kept as an internal convention.

Registry version 2026-04-30.4· public summary only; controlled implementation annexes remain restricted.

Registry version

2026-04-30.4

Current family

GRIFF-AI-8802

Current base

GRIFF-AI-8802.1 / RFC-0001

Reference product

MASTER ATC

Why we wrote it

Compliance for work an agent did, not just work a person signed off on.

As agents take on more of the work, the question a reviewer asks changes: not just what happened, but which agent did it, under whose authority, through which systems, against what policy, and with what evidence. GRIFF-AI-8802 is our answer, written down so it can be checked against — mapped to line up with existing AI governance, security, and federal assurance frameworks, without exposing the private implementation details underneath.

Profile A

Manual Custody

Human-reviewed reports, manifests, message ids, hashes, and closeout certificates.

Profile B

Structured Ledger

Structured records for agents, tasks, communications, events, evidence, and certificates.

Profile C

Real-Time Orchestrated

Live session state, drift detection, exact-id readback, and automated evidence routing.

Profile D

Assurance Ready

Customer evidence packs, control crosswalks, retention, exceptions, and signed or hash-bound certificates.

Standards family

The active 8802 series.

Built like a real standard rather than a one-off memo: a charter, a base standard, and active parts that cover evidence, communications, orchestration, and closeout.

GRIFF-AI-8802

Overview, Architecture, and Governance

0.2.1-draft · Standards Family Charter

Family charter, governance model, numbering system, release posture, and public/private boundary.
GRIFF-AI-8802.1 / RFC-0001

Agentic AI Custody and Control Systems

1.1.1-draft · Authoritative Standards Candidate

Base standard for identity, authority, communications, running-state custody, evidence, and closeout.
GRIFF-AI-8802.2

Agent Evidence Envelope

0.2.0-draft · Controlled Draft

Active part for custody envelopes, evidence objects, policy decisions, hashes, and approvals.
GRIFF-AI-8802.3

Agent Communications Ledger

0.2.1-draft · Controlled Draft

Active part for direct routing, broadcast visibility, exact-id reply proof, source-of-truth controls, missing local mirror status, message-id mismatch handling, subscriber cursor limits, and Cloudflare ledger synchronization.
GRIFF-AI-8802.4

Certified Agent Closeout

0.2.2-draft · Controlled Draft

Active part for closeout handshakes, final-state evidence, rosters, session identifiers, remote-ledger blocker handling, global handshake procedure, and exit proof.
GRIFF-AI-8802.5

Real-Time Agent Activity Orchestrator

0.2.0-draft · Controlled Draft

Active part for session state, queues, ledgers, dashboards, alerting, and coordination surfaces.
GRIFF-AI-8802.6

Customer Audit Pack and Assurance Export

0.2.0-draft · Controlled Draft

Active part for customer evidence packs, assurance exports, control crosswalks, retention posture, and exceptions.
GRIFF-AI-8802.7

Model, Token, and Data Movement Telemetry

0.2.0-draft · Controlled Draft

Active part for model usage, token telemetry, data movement accounting, boundary events, and audit-ready reporting.
GRIFF-AI-8802.8

Agentic AI Building Blocks and Integration Divisions

0.2.1-draft · Controlled Draft

Active part for reusable control blocks, integration divisions, implementation categories, and controlled extension paths.

Division model

Eleven divisions, from identity to closeout.

Div. 00
General Requirements
Scope, conformance, governance, definitions, versioning.
Div. 01
Agent Identity
Stable identity, session binding, machine context, service registration.
Div. 02
Authority And Policy
Authority envelopes, owner gates, risk tiers, approvals.
Div. 03
Startup Custody
Startup state, RFC load, direct-message check, handoff acceptance.
Div. 04
Communications
Direct routing, exact-id readback, watcher timeout, stale-state controls.
Div. 05
Running-State Custody
Progress, tool calls, model events, file and browser actions.
Div. 06
Evidence And Hashing
Evidence objects, manifests, screenshots, hash binding.
Div. 07
Closeout Certification
Blue-light handshakes, final screen evidence, shutdown proof.
Div. 08
Assurance Packs
Customer evidence, crosswalks, retention, exceptions.
Div. 09
Orchestrator Infrastructure
Real-time state, queues, ledgers, dashboards, alerting.
Div. 10
Sector Profiles
Federal, enterprise, SOC 2, FedRAMP, internal operations.

Roadmap & alignment

Public discovery, controlled access.

Latest-spec API

Commercial roadmap: a public or controlled metadata API for current standards metadata, release status, and approved customer packet routing without exposing private annex internals.

Version alignment

The website, MASTER ATC materials, and Master control registry are treated as one standards story so public claims stay aligned with the current base and active parts.

What’s public

Objectives outside, implementation inside.

This page explains the control objectives, conformance profiles, family structure, and assurance value in plain terms. Production schemas, signing mechanics, deployment details, and customer-specific evidence formats stay in controlled implementation annexes.

Access path

Qualified reviews get the full packet.

Security, procurement, partner, and investor reviews can request the standards packet, the private annex index, sample assurance artifacts, and implementation evidence under NDA.

Request access