WTF is OCC

OCC (Origin Controlled Computing) is a protocol that produces portable cryptographic proof when bytes are committed through an authorized execution boundary. The proof attests that a specific digital state was demonstrably possessed and committed in a specific form, by a specific boundary, no later than a specific moment.

The core idea

Most systems produce artifacts first and try to prove things about them later, attaching signatures, metadata, timestamps, or ledger entries after the fact.

OCC inverts this. Valid proof can only exist if the artifact was committed through a protected path. The proof is not added to the artifact. It is caused by the act of committing through the authorized boundary.

If proof exists, the authorized commit path was traversed.

How it works

Authorization, cryptographic binding, and commit happen as one indivisible operation:

1. Allocate - The enclave pre-allocates a causal slot (nonce + counter) before the artifact hash is known, proving the commitment position was reserved independently.
2. Bind - The artifact's SHA-256 digest is bound to the pre-allocated slot, combined with the monotonic counter, and signed with Ed25519 inside the TEE.
3. Commit - The artifact and its proof are produced together. Fail-closed: if any step fails, nothing is produced. The proof includes the signed slot record as causal evidence.

What you get

An OCC proof is a JSON object (schema version occ/1) containing:

artifact - SHA-256 digest of the committed bytes
commit - fresh nonce, monotonic counter, slot binding (slotCounter, slotHashB64), epoch identity, optional chain link
signer - Ed25519 public key and signature over the canonical signed body
environment - enforcement tier, platform measurement (PCR0), hardware attestation
slotAllocation - the pre-allocated causal slot record, independently signed by the enclave
agency - optional actor-bound proof via device biometrics (passkey/WebAuthn), with batch support
attribution - optional signed creator metadata (name, title, message)
timestamps - optional RFC 3161 TSA timestamps from an independent time authority

Key properties

Portable — a self-contained JSON object. Any verifier can check it offline with only the public key and the original bytes.
Atomic — fail-closed. Either a complete, valid proof is produced, or nothing is.
Causal — every proof is bound to a pre-allocated slot created before the artifact hash was known.
Ordered — monotonic counter within its epoch. Counter + epoch + chain link establish sequencing.
Measured — binds to a specific execution environment via measurement (PCR0 on Nitro, MRENCLAVE on SGX).
Verifiable — Ed25519 signature, SHA-256 digest, canonical serialization. Standard cryptographic primitives.

Enforcement tiers

Tier	Key Location	Boundary	Use Case
`stub`	Process memory	Software	Development, testing
`hw-key`	HSM / Secure Enclave	Software	Key custody
`measured-tee`	TEE memory	Hardware enclave	Production, highest assurance

Formal properties

The commit path satisfies these structural properties:

Genesis Invariant

s′ ∈ Σ_auth → ∃ s ∈ Σ, e ∈ E_auth : (s, e, s′) ∈ C

If authenticated state exists, an authorized event produced it.

Closure Property

Σ_auth = Cl(C, E_auth)

The authenticated state space is exactly the closure under authorized genesis.

Atomicity

∀ (s, e, s′) ∈ C : authorize(e) ∧ bind(e) ∧ commit(s′)

Authorization, binding, and commit occur as one indivisible operation.

Injective Genesis

φ : E_auth → Σ_auth is injective

Each authorization event maps to exactly one authenticated artifact.