UCCO Session Notes — 14 March 2026¶

Decisions and additions to be incorporated into UCCO v1.2¶

1. The one-sentence pitch (LOCKED)¶

"The internet moved data without knowing who sent it. UCCO moves capability with full knowledge of who holds it, what they're certified to do, and what they actually did."

Use in: commercial architecture doc, investor deck, standards body cover letters.

2. What UCCO actually is — framing corrections¶

Current spec problem: reads as a cute technical standard. Light and fluffy. Missing the point.

Correct framing: UCCO is an enriched transit layer with identity, security, and consequence native to the protocol. Not bolted on. The internet's missing layer — what you'd design if you started from scratch knowing actors aren't always trustworthy, acts have real-world consequences, evidence gets destroyed, and machines would eventually outnumber humans as actors.

SSL analogy (Tim's — KEEP): "SSL for the age of autonomous action." - SSL secured data in transit. UCCO secures action — the moment a certified actor does a certified thing in the real world. - Before SSL you couldn't do commerce on the internet. After it you could. - Before UCCO you can't do autonomous machine commerce or AI agent deployment in regulated environments at scale. After it you can. - Nobody using it needs to understand the cryptography. That's the point.

TCP/IP analogy (secondary): UCCO is to capability what TCP/IP is to data transport. Open protocol. Anyone implements. First mover with best infrastructure wins. UCCA is to UCCO what Cisco was to TCP/IP.

Key distinction from TCP/IP: TCP/IP is pure transit — no memory, no consequence, no identity. UCCO carries semantic weight. Knows what actor is certified to do. Records what they did. Attaches consequence — legal, financial, regulatory — at the protocol layer. The chain event is simultaneously a record, a trigger, a billing event, and a legal instrument.

3. The full system workflow (Tim's description — canonical)¶

LEGISLATION
    ↓
STANDARDS
    ↓
HUMAN EXPRESSION OF COMPETENCE AT ATOMIC UNIT SIZE
    ↓
UCCA — THE PASTEURISER AND SYNTHESISER
    Ingests: legislation / standards / human competency units
    Does: assimilates / contextualises / verifies / pasteurises / tracks
    Output: clean cryptographically packed UCCO containers
    ↓
UCCO — THE PACKED CONTAINER
    Travels on the wire
    ↓
ENDPOINT
    Unpacks / verifies / deploys capability
    Actor acts
    ↓
UCCO PHONES HOME (active return channel — not passive)
    "Received. Deployed. My current circumstance also requires
     capability unit 2389289112."
    ↓
UCCA RUNS AGAIN
    Finds unit / packs / verifies / bills / sends
    ↓
LOOP NEVER STOPS. METER NEVER STOPS.

Key insight: The capability request event (already in spec) is NOT an exception handler. It is the engine of the entire system. It is the active return channel. It needs to be reframed in the standard and fully described in the commercial doc.

4. The Cube Model (Tim's — canonical)¶

UCCO container = a cube with potentially thousands of sockets.

Mandatory sockets: Must be active for container to be valid. Defined by the standard. A container missing mandatory socket data is malformed, contaminated, or deprecated. This is the anti-sprawl mechanism. The standard is a validation schema, not just a description.

Domain-specific sockets: Labelled by the packer for their use case. Aerospace labels theirs differently to medical, differently to defence. Not sprawl — intentional extensibility. The core is universal. The content is domain-specific.

Unlabelled sockets: Available for contextualisation. The receiving endpoint labels them for their specific use case.

Implication for packers: Container packers are by default required to write to mandatory endpoints to produce a valid container. This makes UCCO a true universal capability layer — the mandatory sockets define what "capability" means at the protocol level.

5. Multiple packers — non-exclusive, complementary¶

UCCA is one packer among potentially many. Others: aerospace, biotech, defence, medical, financial services.

UCCA's position: First to market. 15,000 human CCOs across trade and technical skills. Already wired to deliver on the endpoints. Others start from zero.

Non-exclusive capability stacking: A soldier robot can hold: - USDF defensive/weapons/munitions capability (from defence packer) - UCCA tyre-changing capability (from UCCA) - NHS basic field medicine capability (from medical packer)

These are complementary, not conflicting. The cube accepts all of them. The robot is richer for it. This is a feature of the architecture, not a bug.

Competitive moat clarification: The open standard enables competing packers. But UCCA's moat is not the standard — it's the factory. The TGA corpus is 60 years of legislative and standards alignment, atomised to unit level, already verified. That's not a dataset. That's infrastructure that took decades to build even though nobody knew they were building it. A competing packer must build their factory before they can ship one container. UCCA is already shipping.

6. Classification tiers (NEW — not in spec)¶

UCCO containers MAY have sockets with access-controlled content.

Three content states for a socket: - OPEN — readable by any conforming verifier - PROPRIETARY — readable only by authorised commercial verifiers - CLASSIFIED — readable only by authorised verifiers at the specified classification level (e.g. SECRET, TOP SECRET)

Key principle: A container with inaccessible (classified/proprietary) sockets is NOT malformed provided all mandatory sockets are valid. Classification is a content attribute, not a structural failure.

What this enables: - Defence and intelligence market access - The chain still works identically — mandatory sockets confirm validity - The classified content inside sockets is opaque to everyone except the authorised consumer - UCCA doesn't need to know what's in a classified socket to validate the container is well-formed

Add to standard: One paragraph. Containers MAY have access-controlled sockets. Container validity is determined by mandatory socket integrity only. Socket content classification is declared in the envelope metadata but content is not revealed to non-authorised verifiers.

7. K2 Volatility Mode (NEW — not in spec)¶

Standard K1/K2 operation: - UCCA holds K1 (issuing authority, HSM) - Robot/device holds K2 (persistent, HSM or secure enclave) - Neither alone decrypts the container - Container is addressed to that specific actor — not transferable, not replayable

Ephemeral K2 — Tim's addition: - K2 held ONLY in volatile memory (RAM) - Power present → key exists → container live → actor operates - Power gone → key gone → container dead → nothing recoverable - No HSM. No persistent storage. No forensic surface. - The container didn't get destroyed. It never existed in any recoverable sense once power left.

Defence implication: - Captured robot = cryptographically sterile paperweight - Cannot reverse-engineer what it was certified to do - Cannot replay its capability container on another unit - The chain recorded everything while it was live - If connectivity existed before power loss: chain events already synchronised to vault - If not: chain shows exactly where it went dark — honest about the gap

Add to standard: K2 Volatility Mode — a flag on the capability envelope:

"k2_mode": "PERSISTENT | EPHEMERAL"

PERSISTENT: K2 in HSM, survives power cycle, standard operation. EPHEMERAL: K2 in volatile memory only. Destroyed on power loss. No recovery path. Container immediately invalidated on power loss. Any acts performed during the session were logged to chain before power loss or are unrecoverable.

Chain event to add: k2_ephemeral_session_start and k2_ephemeral_session_end (or k2_ephemeral_session_lost if power loss rather than clean shutdown).

What stays commercial in confidence: How UCCA manages ephemeral key issuance, rotation, and operational protocols around it.

Strategic note: This solves the captured hardware problem that defence procurement has been working on for decades. It is native to the capability layer — not bolted on. This is what gets the spec taken seriously in a room with DARPA or Five Eyes procurement.

8. The callback mechanism — needs stronger framing in standard¶

Currently: capability_request reads as an exception handler. Should read as: the active return channel. The engine of the system.

The UCCO container is not a passive credential. It is an active agent that: - Reports its deployment status - Assesses its current operational context - Identifies gaps between current context and current capability - Requests additional capability units from the issuing authority - Receives, unpacks, and deploys new units in the same session

This transforms UCCO from a credentialing protocol into a living capability operating system.

Add to standard: explicit section on the Active Return Channel. Frame capability_request not as exception handling but as the standard operating mode for dynamic environments.

9. What goes in standard vs commercial in confidence¶

IN THE STANDARD: - Callback / active return channel mechanism - Classification tier framework (socket access control) - K2 Volatility Mode (PERSISTENT / EPHEMERAL flag) - Multi-packer / complementary capability stacking - Container validity = mandatory sockets only (regardless of classified socket content)

COMMERCIAL IN CONFIDENCE: - The pasteurisation process — how UCCA ingests legislation/standards/competency units - The billing model and meter mechanics - The upchain marketplace - The contextualisation and synthesis engine - UCCA's specific implementation of ephemeral key issuance and rotation - The TGA corpus and enrichment pipeline

10. The commercial architecture doc — opening frame (HELD)¶

Does NOT open with the protocol.

Opens with the wreckage that exists without it:

Right now, when something goes wrong — a nurse makes an error, a robot damages a patient, an AI agent makes a bad credit decision — nobody can actually prove what that actor was certified to do, what they did, when they did it, and who authorised it. The evidence is in seventeen different systems, some of it gone, most never captured. Lawyers spend three years reconstructing a story that should be a five-second chain lookup.

That's not a cute idea. That's a billion dollar liability problem that every regulated industry has right now and nobody has solved.

Tim's framing: "I'm on the other side of the forest. They lack the mountain in the background of their view to put the forest in perspective."

The spec is the map. But you have to show people what they're looking at first.

NEXT ACTIONS (in order)¶

Incorporate items 6, 7, 8 into UCCO v1.2 standard
Write commercial architecture document — opens with the wreckage
Write the callback / active return channel section for the standard
Brief Alex: VCC surface (vcc.ucca.online stub)
URGENT: GitHub PAT expires March 26 — renew
URGENT: ucca.com.au + ucca.asia expire March 24 — renew