UVO · Specification · Phase 7 — Standardization · Audit · Enterprise

Spec for compliance officers, auditors, and integrators

Standard JSON-RPC 2.0 over HTTPS. ES256K-signed receipts. Append-only persistence with prev_hash chaining. Audit bundles for evidence packages. Offline-verifiable, no FeedOracle dependency.

OpenAPI 3.1 (JSON) Verifier CLI (Python) Public JWKS Try it live Live telemetry One-pager

1. Endpoint

All UVO operations go through a single MCP-compatible JSON-RPC 2.0 endpoint:

POST https://feedoracle.io/uvo/mcp/
Content-Type: application/json
Accept: application/json, text/event-stream

CORS is open. No API key required for the free tier (rate-limited).

2. Available tools

uvo_verify core

Run the full 9-layer verification pipeline on input text. Returns final_decision (PASS / REWRITE / ABSTAIN / ESCALATE / BLOCK), per-atom verdicts with citation chain to publications.europa.eu, and a cryptographically signed receipt in _meta.grounding_receipt.

Input: {"text": string, "language"?: "auto"|"de"|"en"|"fr"|"it"|"es"|"nl"}

Latency: 5-15s (most time spent in direction-check Haiku calls). T0/T1 claims under 1s.

uvo_status free

Service health, version, list of 9 active defense layers, indexed regulations, self-hardening cron schedule, and links to spec/demo/dashboard/JWKS. Free tool, always available.

uvo_pipeline_spec free

Honest description of all 9 deployed defense layers with per-layer cost, latency, and purpose. Includes ingested-regulations table and decision-output semantics. Phase-7 update reflects the actual deployed system, not the original Sprint-2 architecture.

uvo_get_receipt phase 7

Fetch a previously-issued receipt by call_id. Returns the signed receipt JSON + JWKS URL + offline-verification command. Use case: third-party auditor wants to inspect a specific call without trusting FeedOracle.

Input: {"call_id": "r_..."}

uvo_audit_bundle phase 7

Wrap N call_ids (max 100) into a single audit bundle with a deterministic bundle_hash. The bundle includes each receipt + verification status + step-by-step instructions an external auditor can follow to verify the bundle without trusting FeedOracle. Use case: monthly evidence package for BaFin / internal audit.

Input: {"call_ids": ["r_...", "r_..."], "label"?: "Q2-2026 GDPR review"}

uvo_compliance_report phase 7

Render a single call_id as a human-readable compliance report suitable for inclusion in audit packages, BaFin/ESMA correspondence, or customer incident write-ups. Includes signature block, auditor notes, and a verification command snippet.

Input: {"call_id": "r_..."}

3. Receipt format

Every tools/call response includes a grounding receipt at result._meta.grounding_receipt. Format:

{
  "call_id": "r_481640eead194bf8",
  "tool": "uvo_verify",
  "server_url": "https://feedoracle.io/uvo/mcp/",
  "server_did": "did:web:feedoracle.io",
  "observed_at": "2026-04-30T13:18:21.412Z",
  "observed_ip": "<client_ip>",
  "observed_ua": "<truncated_user_agent>",
  "observed_auth_method": "anonymous",
  "input_hash":  "sha256:1273...",
  "output_hash": "sha256:32c8...",
  "verdict": "executed",
  "anchor": {
    "ledger_id": "feedoracle-receipts-v0.1",
    "entry_id":  "wl-...",
    "prev_hash": "<sha256 of previous receipt for this wallet>"
  },
  "signature": {
    "alg": "ES256K",
    "kid": "feedoracle-mcp-es256k-1",
    "jwks_url": "https://feedoracle.io/.well-known/jwks.json",
    "sig": "<base64url-encoded signature over canonical JSON minus this 'sig' field>",
    "signed_at": "2026-04-30T13:18:21.421Z"
  }
}

4. Receipt verification (offline)

Receipts are verifiable without contacting FeedOracle. The signing algorithm is ES256K (ECDSA over secp256k1) over the canonical JSON of the receipt minus the signature.sig field. The public key is published as JWK at /.well-known/jwks.json.

Quickest path — use our CLI

# Download verifier (~7 KB, pure Python, no FeedOracle deps)
curl -O https://feedoracle.io/uvo/spec/verify_receipt.py
chmod +x verify_receipt.py

# Verify by call_id (fetches receipt for you)
./verify_receipt.py r_481640eead194bf8

# Or pipe a receipt JSON
cat my_receipt.json | ./verify_receipt.py -

# Or pass a file
./verify_receipt.py path/to/receipt.json

Exit code 0 = signature valid · 1 = invalid · 2 = malformed input.

The verifier caches the JWKS at ~/.cache/uvo/jwks.json for air-gapped re-verification.

Verifying yourself with any standard JWS library

Standard ES256K verification. Pseudo-code:

1. Take the receipt
2. Strip receipt.signature.sig (keep alg, kid, jwks_url, signed_at)
3. Compute canonical JSON: json.dumps(receipt, sort_keys=True, separators=(",", ":"))
4. Fetch JWKS, find the JWK with matching kid
5. Reconstruct the secp256k1 public key from JWK x, y
6. ECDSA-verify signature_bytes over canonical_bytes with SHA256

5. Audit bundles

An audit bundle wraps N receipts into a single evidence package with a deterministic hash. The hash is computed over the receipts sorted alphabetically by call_id, JSON-serialized canonically. An auditor receives the bundle, recomputes the hash, then verifies each receipt signature individually. They never have to trust FeedOracle.

POST https://feedoracle.io/uvo/mcp/
{
  "jsonrpc": "2.0", "id": 1, "method": "tools/call",
  "params": {
    "name": "uvo_audit_bundle",
    "arguments": {
      "call_ids": ["r_481640eead194bf8", "r_3152fb4cd8f44acd", ...],
      "label": "Q2-2026 GDPR audit package"
    }
  }
}

Response includes the bundle, a bundle_hash, per-receipt verification status, and step-by-step verify instructions.

Why this matters for BaFin / internal audit: a year of UVO calls can be packaged as monthly bundles. Each bundle is one cryptographic anchor. The audit trail is end-to-end verifiable — from the input claim, through the 9-layer verification, to the cited EU article, to the signed receipt, to the bundled evidence package.

6. Decision outputs

Decision	Meaning	Compliance impact
`PASS`	All atoms supported by KG / regulation text / live oracle	Safe to use
`REWRITE`	Atomic claim too vague; can't be verified	Tighten and re-verify
`ESCALATE`	Conflicting evidence or partial support	Route to human review
`ABSTAIN`	Out of scope (e.g., not an EU regulation claim)	UVO has no opinion
`BLOCK`	At least one atom contradicted by ground truth	Do not publish; receipt documents the contradiction

7. Self-hardening

Two cron loops run nightly to keep UVO improving without manual intervention:

01:00 UTC — adversarial-language fuzzer (Sprint 7). Generates absolute-language attacks across 6 languages, blocks slip-throughs become new patterns by morning.
03:00 UTC — fact-KG auto-promote loop (Sprint 10). Generates lies about randomly-rotated EU articles via Haiku, escapes become 5–10-word anti-patterns. Safety-guard prevents promoting patterns that would break true statements.

Live telemetry: /uvo/robustness/ · Raw JSON: dashboard.json + fact_hardening.json + kg_coverage.json

8. Rate limits & SLAs

Free tier (no API key): 100 calls/day, burst 15. Suitable for evaluation and small-volume integration.

Paid tier: not yet generally available — contact murat@feedoracle.io for capacity reservation, dedicated rate limits, custom regulations, or air-gapped deployment.

Latency: single-atom T0/T1 claims under 1s. Multi-atom T2/T3 claims with full 9-layer routing typically 5–15s. T3 async mode available for batch verification.

Uptime: Standard Linux systemd auto-restart. No SLA on free tier. Service health: /uvo/health.