Open-Source Protocol
HAP separates authorization from execution. Humans authorize actions through cryptographic attestations. Gatekeepers verify those attestations before any system is allowed to execute.
Issues cryptographic attestations proving a human authorized an action within defined bounds.
Verifies attestations before execution and blocks any action that exceeds authorized limits.
Performs the action — but only after authorization has been validated.
HAP enforces authorization through two infrastructure components: Service Providers issue attestations. Gatekeepers verify them before execution.
AI Agents can deploy code, move money, grant access, and operate infrastructure. But they cannot own it — because ownership requires bearing consequences, and AI cannot bear them.
HAP ensures that irreversible actions only execute within bounds set by a human who owns the outcome.
HAP turns policy requirements into enforceable infrastructure.
Article 14 mandates effective human oversight for high-risk AI. HAP satisfies this structurally — oversight is not a checkbox, it's the architecture.
Every AI action requires a human Decision Owner who has set the bounds and articulated the intent. No attestation, no execution.
Every decision produces a cryptographic trail of authorship, bounds, and commitments — tamper-proof and verifiable.
Defines authorization structure and attestation format.
Issue cryptographic attestations.
Verifies authorization before execution.
Open-source local gateway for runtime enforcement.
Protocol governance and trust model.
HAP is the open protocol for human authority over AI agents. Verifiable, interoperable, and infrastructure-free.