This repository hosts the official materials for the Provenance Identity Continuity (PIC) framework, including:
- the PIC Model — the conceptual and formal theoretical framework,
- the PIC Specification (PIC Spec) — the normative definition of execution semantics and invariants,
- and, when published, PIC Protocol specifications defining concrete protocol encodings and interoperability profiles.
Together, these documents define what it means for a system to be PIC-compliant.
Attribution Notice
This work is based on the Provenance Identity Continuity (PIC) Model,
a theoretical framework created by Nicola Gallo, including its foundational definitions, invariants, and the structural resolution of the confused deputy class of vulnerabilities.The PIC Specification and all related official documents are published, maintained, and governed by Nitro Agility S.r.l. as the Specification Steward.
Authorship of the PIC Model remains with its original author and is independent of repository ownership, governance, or publication activities.
- This repository contains the Official PIC Specification and related official documents designated by the Specification Steward.
- PIC Protocol documents, when present, implement the PIC Model as defined by the PIC Spec and MUST NOT redefine its core invariants.
- Forks and derivative works may exist under the terms of the license, but MUST NOT present themselves as canonical unless explicitly designated by the Specification Steward.
This project is licensed under the
Creative Commons Attribution 4.0 International (CC BY 4.0) license.
See LICENSE for full terms.
Project process and responsibilities are defined by the following documents:
- Governance:
GOVERNANCE.md - Contributing:
CONTRIBUTING.md - Code of Conduct:
CODE_OF_CONDUCT.md - Maintainers:
MAINTAINERS.md - Security Policy:
SECURITY.md
Authorship, attribution requirements, and the normative status of the PIC Model, PIC Spec, and PIC Protocol documents are defined exclusively in the PIC Specification (Appendix B).
In case of conflict, the applicable LICENSE files and the normative text of the PIC Specification and any Official PIC Protocol specifications take precedence over this README.