OKF Concept Bundle · 86 concepts

Signatures Are
All You Need.

TinyCloud is cryptographic access control for AI and applications. Authority is a signed, attenuable capability; data lives in user-sovereign spaces; every claim here traces to source. This is the human reference layer on top of the agent-readable markdown bundle.

Layer 1

Protocol

The cryptographic, identity, and permissioning substrate — DIDs, capabilities, spaces, encryption, consistency.

Layer 2

TinyCloud Apps

Manifest apps built by TinyCloud that bring data in and enshrine particular spaces.

Layer 3

Super-operable Applications

Top-level apps composing a user’s data across every layer into a novel experience.

The Thesis

Thesis

Signatures Are All You Need: Cryptographic Access Control for AI and Applications.

Bitcoin let people hold and transfer value without banks. TinyCloud lets people hold and share data without platforms. Both rely on the same primitive: cryptographic signatures. Show up anywhere with your key — one signature proves ownership and unlocks access.

The single primitive

Every access in TinyCloud reduces to verifying a chain of signatures back to a data owner. There is no platform account and no central registry to consult at access time. A request is authorized if and only if it carries a self-verifying signature chain rooted in the owner's key. This is what "signatures are all you need" means concretely: authorization is a property of the message, not of a backend's mutable state.

Owner keys need only two properties: they must be self-custodiable and able to update a public registry. Any key with those properties can be an owner key. TinyCloud uses Ethereum keys by default because they satisfy both and inherit mature tooling for wallets, signatures, recovery, and registry updates — see DIDs and Sign-In with Ethereum.

Why it matters now

As software gets cheap to build, advantage shifts to data ownership. AI tools need structured, machine-readable data to be useful — you cannot ask an AI "what did I say yesterday?" without transcripts. That pressure to make data legible collides with the fact that information asymmetry is what preserves value. Traditional clouds force a choice: structure your data for AI and expose it to a platform operator, or keep it private and unusable. TinyCloud dissolves the tradeoff: data is fully legible to your agents and applications while remaining asymmetric to everyone else, because access is gated by owner-rooted signatures rather than platform terms of service.

In an era of synthetic content and cloneable voices, this verifiability runs end-to-end. When an AI system operates on your data, the capability it presents proves who authorized what, all the way back to you.

How the rest of the protocol follows

  • Owners create spaces — user-controlled data containers — and grant scoped, revocable capabilities to delegates (applications, services, devices, AI agents, session keys).
  • Each grant is a delegation; each access is an invocation; access can be withdrawn via revocation.
  • Authorization events form a hash-linked graph that replicates across trusted nodes for eventual consistency without centralized coordination — see the consistency model.

The companion framings — sovereign data, the three-layer architecture, and the trust model — expand on what this thesis buys the user.

Sources

  • whitepaperREADME.md (Abstract, §1 Introduction)

Sections

Foundations · 4
Framing, thesis, and the trust model that motivate the TinyCloud protocol.
Identity · 4
Owner and session identities — DIDs, SIWE sign-in, and OpenKey.
Spaces · 4
The autonomic space primitive, its addressing grammar, system spaces, and hosting.
Authorization · 8
The capability model — delegation, invocation, revocation, attenuation, and validation.
Policy Engine · 4
The central permissioning primitive: policy-gated delegation generalizing to agent transactions.
Services · 8
Node-hosted services exposed over capability-gated abilities.
Encryption · 5
At-rest column encryption, user-bound encryption networks, and threshold decryption.
Storage · 3
Content-addressed blob store, metadata DB, and per-space SQL.
Consistency · 4
Epoch ordering, conflict resolution, hybrid consistency, and replication.
Applications · 5
The manifest model, capability composition, install registry, and TEE backends.
Secrets · 2
The secrets space and encrypted vault entries.
Credentials · 4
OpenCredentials — verifiable credentials that feed the policy engine.
Nodes · 3
Node architecture, TEE confidential compute, and host delegations.
SDK · 6
How to use the protocol — packages, sign-in, data APIs, delegation, and CLI.
Future · 7
Roadmap and design-intent items not yet shipped.
For agents: the raw markdown bundle is served verbatim at /llms.txt and under /concepts/<section>/<name>.md. concepts/ is the source of truth; this site renders it in place.