Provenance Payload (PP) v1: universal envelope spec + reference implementation

[flyingrobots]

We want a minimal, portable provenance envelope that can be attached to artifacts across Echo / Continuum / Wesley / etc:

Goal

Define a versioned Provenance Payload (PP) schema that:

• Pins artifact content by digest (content-addressed)
• Records causal lineage / parents
• Records derivation metadata (tool, rule pack, parameters, environment)
• Supports signatures/attestations over canonical PP bytes
• Is deterministic (canonicalization is part of the spec)

Proposed fields (PP v1)

• Identity: pp_version, schema_uri, content_digest, artifact_kind, artifact_id?
• Lineage: parents[] (digest + role), epoch, worldline?
• Derivation: tool, procedure, parameters, rule_pack?, environment, timestamps?
• Assurance: signature?, attestations[]?
• Transport: encoding (json|cbor), canon (jcs-rfc8785|dag-cbor), compression?
• Ext: _ext namespaced object

Deliverables

• Spec doc in this repo (PP-001) including canonicalization + multihash guidance.
• JSON Schema (Draft 2020-12) for PP v1.
• Reference codecs (Rust or TS): JSON+JCS; optional CBOR (DAG-CBOR rules) and Ed25519 signing.

Acceptance criteria

• PP bytes canonicalize deterministically and validate against the schema.
• Given an artifact, verification checks: content_digest matches, signature verifies, and parent digests parse.

Integration notes

• Echo: attach PP to tick receipts + patches.
• Wesley: attach PP to compiled plans + migrations.
• Continuum: PP becomes the header for state deltas.