HACE
STABLE v1.0 13 May 2026
HACE

Human Acknowledgment of Chain Execution

This version: hace-standard.org/v1.0/
Latest published: hace-standard.org/
Previous version: (none)
Status: STABLE
Publication date: 13 May 2026
Editor: Wesley Snow (RANKIGI)
Repository: github.com/hace-standard/spec
License: MIT

Abstract

HACE defines an interoperable protocol by which a compliance framework acknowledges a sealed daily summary produced by a governance system. A governance system computes the summary. A human, acting through a compliance framework, signs over the exact bytes they were shown and declares what they were shown, on whose authority they signed, and what their signature means. Any compliance framework can connect to any governance system without bespoke integration.

Status of This Document

This is the v1.0 stable release of HACE, published 13 May 2026. It is intended as a normative reference for implementers. Errata and revisions are tracked at github.com/hace-standard/spec/issues. Substantive changes will result in a new version with a distinct URI. This document is licensed under MIT.

Table of Contents

  1. Overview
  2. Definitions
  3. Candidate Format
  4. Attestation Format
  5. Signing Rules
  6. Verification Rules
  7. Anti-Replay
  8. Schema Version Evolution

1. The Stack

RANKIGI / KYA execution substrate, identity layer, boundary readiness gate
HACE human acknowledgment of chain execution, mutual binding loop
EVIDE responsibility closure layer, evidentiary profile computation
FEDIS evidentiary admissibility layer, legal output packaging

2. Conformance Profiles

A conforming HACE implementation must satisfy the requirements of one of the following profiles.

BASELINE ENFORCED
All required HACE v1.0 fields. No additional requirements. hace-standard.org/profiles/baseline-v1
HIGH-ASSURANCE DEFINED
Requires transparency log inclusion proof. AAL2 minimum. hace-standard.org/profiles/high-assurance-v1
INSTITUTIONAL DEFINED
Requires delegation chain and acting_on_behalf_of authority declaration. hace-standard.org/profiles/institutional-v1
REGULATED DEFINED
SOX, HIPAA, EU-AI-ACT, PART-11. IAL2 and AAL2 minimum. APPROVAL or RESPONSIBILITY signature meaning only. hace-standard.org/profiles/regulated-v1

3. Cryptographic Algorithms

Ed25519 Recommended. First implementation target.
ML-DSA-65 NIST FIPS 204. Post-quantum.
RSASSA-PSS-SHA256 RSA-PSS. DocuSign compatible.
ECDSA-P256 NIST curve. Widely supported.
ECDSA-P384 NIST curve. Higher security margin.

4. Normative References

  1. KYA -- Know Your Agent. Open standard for AI agent identity. github.com/kya-standard/spec
  2. EVIDE -- Evidentiary Framework. First conforming HACE provider. Co-authored interface mapping: app.certifywebcontent.com/docs/rankigi-evide-interface/

5. Errata and Revisions

Errata are tracked at github.com/hace-standard/spec/issues.

The changelog is maintained at github.com/hace-standard/spec/blob/main/CHANGELOG.md.

6. Acknowledgments

HACE v1.0 was authored by Wesley Snow (RANKIGI). The EVIDE evidentiary framework, developed by Emanuel Celano, served as the first conforming implementation target and contributed to the design of the Layer A / Layer B separation. The interface mapping between HACE and EVIDE v2.0 is co-authored and published at certifywebcontent.com.