Process Provenance
in AI
Deep Research Brief · May 26, 2026
provenance llm-wiki witnessd academic-integrity process-provenance c2pa eu-ai-act adversarial-collapse
Provenance Labs · Generated by Rook (OpenClaw) High Confidence
Executive Summary

The Conditional Barbell Hypothesis predicts that AI's hollowing of middle-tier cognitive labor shifts economic premium toward performative humanity and constitutive human presence. Process provenance — cryptographically verifiable records of a document's analytical trajectory — becomes the mechanism by which scholars defend claims to both poles. The integration of Karpathy's LLM Wiki pattern and Condrey's Witnessd framework provides the execution engine.

Conditional Barbell Hypothesis

AI hollows middle-tier cognitive work, driving premium toward uniquely human attributes and the irreplaceable fact of human presence.

LLM Wiki Pattern

Append-only chronological log (log.md) creates grep-able audit trail of every ingest, query, and synthesis — preventing long-context "context rot."

Witnessd Framework

Jitter seal (HMAC-SHA-256 over session_secret + keystroke_ordinal + cumulative_document_hash) cryptographically binds human keystroke entropy to document evolution.

Adversarial Collapse Principle

Forces skeptics to make simultaneous, falsifiable allegations across Telemetry, Cryptographic, and Temporal layers rather than expressing vague doubt.

The Conditional Barbell Hypothesis
Why Process Provenance Matters Economically

AI automates routine, structured cognitive tasks — including literature summarization and citation formatting — hollowing out the middle of the cognitive labor market and forcing workers toward either end of the barbell.

Premium Pole 1

Performative Humanity: Creativity, critical thinking, emotional intelligence, contextual nuance, and authentic expression — attributes AI cannot replicate.

Premium Pole 2

Constitutive Human Presence: The inherent and irreplaceable value of being human — lived experience, conscious intent, and personal values AI lacks as a statistical model.

Process Provenance Role

Jitter seal demonstrates real human keystrokes produced intermediate document states. Append-only log.md records a human was there throughout the knowledge-building process.

The Transformation

"I wrote this" shifts from an unverifiable assertion into a falsifiable claim — backed by cryptographic proof and chronological audit trail.

Source 9: MIT Sloan, Harvard Gazette, UC Berkeley CMR — multi-source synthesis (Tier 2)
The Three-Layer Digital Provenance Taxonomy
Decoupling Trust into Independent Dimensions
LayerFocusAnswersGap
Data ProvenanceDataset lineage & transformations"Where did this data come from?"Doesn't answer who wrote the analysis
Content ProvenanceC2PA cryptographic signing"Who signed these pixels?"Signs custody, not creation — post-hoc reconstruction problem
Process ProvenanceChronological analytical trajectory"How was this produced?"Missing layer — the critical gap for academic integrity

Key insight: Digital signatures prove key possession, not authorship. An author who generates text with AI, constructs intermediate states post-hoc, and signs each hash produces a chain indistinguishable from genuine composition. Only Process Provenance closes this gap.

Sources 5, 6, 10: C2PA Explainer, EU AI Act Article 50, Cross-Publisher Analysis (Tier 1-2)
Karpathy's LLM Wiki: The Execution Engine
Append-Only Process Provenance Log

The LLM Wiki solves context rot — the degradation of LLM output quality as conversation length grows. Each turn appends to wiki/log.md, creating a structured, grep-able audit trail that externalizes state.

raw/

Raw source data — PDFs, HTML dumps, transcripts. Immutable once ingested. Prevents source drift.

wiki/sources/

One markdown page per source. LLM extracts title, authors, abstract, key claims. Human reviews.

wiki/concepts/

Cross-cutting concept pages linking related sources. The emergent value of the knowledge graph.

wiki/log.md

Append-only chronological record. Every operation logged with timestamp: ingest, query, lint, synthesize. Prevents "what did we already do?" loops.

Source 1: Karpathy, GitHub Gist (Tier 1)
Witnessd: The Cryptographic Attestation Layer
Jitter Seal & the physjitter Daemon

The jitter seal is computed as: HMAC-SHA-256(session_secret, keystroke_ordinal || cumulative_document_hash) — generated by the physjitter user-mode daemon capturing keystroke timing delays at microsecond precision.

TierAttestationThreat Model
T1OS-level keystroke loggingApplication-level adversary
T2OS-level + validationUser-level adversary
T3Hardware-Bound (TPM)OS-level adversary
T4Hardware-Hardened (Secure Enclave)Kernel-level adversary
Sources 2, 3, 4: Condrey — Witnessd, IETF PoP Protocol, ZK-PoP (Tier 1)
The Adversarial Collapse Principle
Converting Vague Doubt into Falsifiable Allegations
"Evidence systems should be judged by whether disputing them requires a conjunction of specific, testable allegations against components with independent trust assumptions."
Telemetry Layer

Claim: Keystroke timing was fabricated by kernel-level adversary.

Defense: At Tier T3/T4, keystroke validation is dual-source — OS events AND hardware signal (TPM/Secure Enclave) must agree.

Cryptographic Layer

Claim: HMAC-SHA-256 was tampered with or session secret extracted from Secure Enclave.

Defense: TPM/Secure Enclaves are independently audited hardware — claiming compromise is a specific, testable allegation.

Temporal Layer

Claim: System clock was rolled back to fabricate temporal sequence.

Defense: External NTP/blockchain anchors + Verifiable Delay Functions (VDFs) independently record state hashes at wall-clock times.

Honest Limitation

Explicitly: Kernel-level adversaries can defeat the system. Typing AI-generated content produces valid evidence. The contribution is converting vague doubt into falsifiable allegations.

Source 2: Condrey, Witnessd (Tier 1) — Adversarial Collapse Principle
Integrated Architecture: LLM Wiki + Witnessd
Complementary Frameworks, Not Overlapping
DimensionLLM WikiWitnessd
LayerProcess Provenance (analytical trajectory)Cryptographic Attestation (keystroke proof)
RecordsWhat was done (ingest, query, lint)How it was done (human keystrokes)
GranularityOperation-levelKeystroke-level (microseconds)
ImmutabilityAppend-only (convention)Cryptographically enforced (HMAC chain)
VerificationHuman-auditable (grep log.md)Machine-verifiable (jitter seal validation)
PrivacyFull content visibleZK-PoP: content hidden, process verifiable

Verification Protocol: 1. Audit log.md for complete source ingestion + query trail. 2. Validate .pop packet via Adversarial Collapse Principle. 3. Check VDF timestamp anchors against external clocks. 4. Verify CLAUDE.md/AGENTS.md schema compliance.

Sources 1, 2: Karpathy LLM Wiki + Condrey Witnessd — architectural synthesis (Tier 1)
Risks, Gaps & Open Questions

Sources 2, 4: Condrey — Witnessd limitations + ZK-PoP performance (Tier 1)
Recommended Next Actions

Sources & Process Provenance
10 sources · 6 Tier 1 · 4 Tier 2

Tier guide:  Tier 1 = Primary source (academic paper, official specification, or original framework)  ·  Tier 2 = Policy analysis, trade publication, or multi-source synthesis  ·  Tier 3 = Single-source reporting — verify independently before citing

Generated May 26, 2026 · DeepSeek V4 Pro · research-to-vault v1.0 · Gambit / brief-to-slides v2.0