Draft 0.8.0 · 2026-05-30 Open specification — CC BY-SA 4.0

Ephemeral + Eternity. One attested primitive — two pillars, parametrised by time.

Ephernity is an open protocol for append-only, tamper-evident, cryptographically-signed state — and for the deterministic workflows that read and write it. State retention is a tuning knob from seconds to forever; workflows are a deterministic dialect whose every call is replayable and signed. Same machinery at every tier.

Walk through a ledger → Read the spec vs. the alternatives → Hosted implementation ↗

§ 01 · Pillars

Two pillars, one protocol.

Ephernity specifies a single substrate that does two equal-weight things. The storage pillar gives a piece of data a verifiable past; the compute pillar gives a deterministic workflow a verifiable execution. Both share the same hash chain, the same attestation envelope, and the same offline-verifiable trust root.

Pillar I · State

A timed micro-ledger.

Append-only, BLAKE3-content-addressed, hash-chained, Ed25519- or Falcon-1024-signed log. Retention, anchoring, and signature are a single tier triple, set per ledger from T0 ephemeral to T4 eternal.

─Tamper-evident by hash chain, verifiable in O(N) or O(log N) with a checkpoint.
─Per-record crypto-shred reconciles archival retention with GDPR Article 17.
─Public-chain anchoring for tamper-proof time, no on-chain settlement.

RFC-EPH-001 · 002 · 003 · 004 · 006 · 007 · 010

Pillar II · Compute

A deterministic dialect.

Verifiable workflows ("deterministic contracts") whose every call reads from the head of a state-ledger and writes the next entry. The dialect interface forbids non-determinism; the runtime envelope is attested.

─Inputs, code revision, and outputs are committed in the same ledger as state.
─Replay reproduces the result byte-for-byte from any conforming runtime.
─Per-call accounting is part of the protocol; pricing is not.

RFC-EPH-CMP-001 · 002 · 003

The two pillars are independent in theory — a deployment can use either one alone — and routinely composed in practice: workflows whose inputs and outputs are themselves ledger entries on the same substrate.

§ 02 · Thesis

“Real workloads do not live at one point. A piece of data has a lifecycle — hot for minutes, relevant for months, mandated for years, useful forever. The work that touches it has the same shape.”

Ledger systems today each optimise for one slice of the time axis. Ephemeral rollups for milliseconds; data-availability windows for days; leased storage for months; permaweb for forever. Stitching four systems together yields four trust models, four APIs, and no common integrity proof across the seams.

Ephernity's claim is structural: retention is a property of an entry, not a separate product, and execution is a property of an entry as well. One primitive should span the whole spectrum with the same attestation, and the horizon should be set per use case — the way a CPU cache, RAM, SSD, and tape stack together inside a single machine.

§ 03 · Tiers

A spectrum, not a stack.

The tier label is a parameterisation, not a separate codebase. Promotion T0 → T2 is a checkpoint and a re-anchor. Demotion is a crypto-shred. The micro-ledger discipline — order and tamper-evidence — is invariant across the entire range, and so is the deterministic-execution envelope on top.

Ephemeral

CPU cache

seconds — minutes

live game tick · agent scratch-state · match session

Ed25519

01/05

Session

RAM / DA blob

minutes — hours

real-time room · checkout · per-tenant working state

Ed25519

02/05

Operational

SSD

days — months

operational audit trail · ICT-incident logs

Ed25519

03/05

Compliance

cold storage

5 — 6 years

regulated audit / receipt · DORA-class records

Falcon-1024

04/05

Eternal

tape / permaweb

∞

provenance · notarization · protocol history

Falcon-1024

05/05

Full tier specification → RFC-EPH-006

§ 04 · Properties

What the protocol is — and is not.

001 · Content-addressed: BLAKE3, tree-hashed.
002 · Per-entry signed: Ed25519 hot — Falcon cold.
003 · Hardware-attested: HATP, root to host.
004 · Deterministic by construction: Verifiable workflows.
005 · Anchored, not on-chain: Proof timestamps only.
006 · Erasure-compliant: Crypto-shred, proof survives.

§ 05 · Wire

The entry, in 131 bytes.

The canonical entry header is a fixed-width record of 131 bytes — designed so that verification can run unmodified inside a flat KVM guest at microsecond latency.

binary layout listing

offset  size  field
 0      32    payload_cid          // blake3(payload)
32      32    prev_hash            // blake3(header[n-1])
64       8    seq                  // u64 big-endian
72       8    ts_ms                // u64 millis since unix epoch
80       4    tier                 // T0|T1|T2|T3|T4
84       1    sig_scheme           // ed25519 | falcon-1024
85      32    signer_id            // HATP host key id
117     14    reserved             // zero
131                                 ← header total

RFC-EPH-003 · canonical entry header

A range of N entries verifies in O(N) hashes plus N signature checks; checkpoint verification is O(log N). The arithmetic is, deliberately, boring.

§ 06 · Compute

The contract, as an interface.

A "deterministic contract" is an actor — a piece of code with persistent state and message handlers — whose execution model is constrained so that a verifier with the inputs, the code revision, and the prior state can reproduce the outputs byte-for-byte. The interface lives in RFC-EPH-CMP-001; its implementation is left to the operator.

borz listing

pub interface Contract {
    // No wall-clock; no ambient I/O; no unseeded randomness.
    // The only inputs are the prior state and the inbound message.
    // The only outputs are the next state and a response.

    fn step(
        prior_state: State,        // commit on a state-ledger
        message:     Message,      // commit on an input-ledger
        env:         DeterministicEnv,
    ) -> Result[StepOutput, Error]
}

pub type StepOutput = {
    next_state: State,
    response:   Response,
    receipts:   list[LedgerReceipt],   // every emit is a ledger entry
}

RFC-EPH-CMP-001 · contract interface — sketch

A conforming runtime commits the input, the prior-state hash, and the output to the same micro-ledger primitive described above. Replay reads the ledger, re-executes the step, and compares the resulting hash. Disagreement is detectable; agreement is the proof.

The dialect is open; conforming implementations are encouraged. The reference contract surface is written in Borz; other dialects can conform if they preserve the determinism interface and the ledger commitments.

§ 07 · Why now

The frontier moved to meet the design.

2025-11

Falcon hits mainnet.

Algorand executes the first post-quantum mainnet transaction using Falcon-1024 — the same scheme already chosen for Ephernity's durable tiers.

2025-01

DORA goes live.

EU financial entities must keep tamper-proof, cryptographically-signed, append-only audit logs with multi-year retention and TEE/HSM signing. That is the T3 tier, named directly.

2026-08

AI Act Art. 50.

Tamper-evident provenance records for AI-generated content become enforceable. The hash chain plus a deterministic-execution receipt is the artefact regulators describe in plain words.

§ 08 · Status

An open protocol, drafted in the open, implementations encouraged.

The specification is published under CC BY-SA 4.0. A reference implementation is maintained at github.com/ephernity. An EU-sovereign, hardware-attested hosted implementation — Epher Compute Chain — is operated by GINF Systems Kft. at epher.cc.

The protocol is the artefact. The hosted implementation is one realisation of it. Other operators, sovereign or otherwise, are welcome — the wire is open.

Read the RFC suite → Architecture