Build on the corpus.

The Apeiris public knowledge layer is open, machine-readable, and signed. Everything here is one fetch → verify → use pattern away — no SDK required, no account, same-origin JSON over HTTPS.

Loading corpus profile…

Quickstart

Three steps: fetch the signed manifest, verify an artifact against its pinned hash, then use the data. This runs in a browser or Node with no dependencies.

// 1. Fetch the signed manifest (the index + integrity anchor)
const manifest = await (await fetch('https://apeiris.ai/integration/manifest.json')).json();

// 2. Fetch a domain matrix and verify its bytes against the pinned SHA-256
const res   = await fetch('https://apeiris.ai/integration/domains/security-controls-full.json');
const bytes = await res.arrayBuffer();
const hash  = [...new Uint8Array(await crypto.subtle.digest('SHA-256', bytes))]
                .map(b => b.toString(16).padStart(2, '0')).join('');
const pinned = manifest.domains.find(d => d.slug === 'security').sha256;
if (hash !== pinned) throw new Error('integrity check failed — do not trust this artifact');

// 3. Use the controls
const { dataset } = JSON.parse(new TextDecoder().decode(bytes));
console.log(dataset.controls.length, 'controls'); // 52

Don't trust — recompute. The manifest is signed (Ed25519 over the JCS-canonical bytes); every artifact carries a SHA-256 you can recompute yourself. The Verify page does exactly this, live, in your browser.

Core concepts

Four kinds of artifact

  • Control matrices — the 12 domain JSONs at /integration/domains/<slug>-controls-full.json. Each control carries its validation_objective, evidence_required, machine_tests, blocking_effect, and frameworks[] mappings.
  • The manifest/integration/manifest.json: the domain index, per-artifact SHA-256, and an Ed25519 signature over the whole thing.
  • Coverage & proof — per-framework coverage maps and the Evidence Proof Map (/integration/proofmap.json): obligation → addressing controls → required evidence → verdict.
  • The conformance contract/integration/conformance.json: every controlled vocabulary (fit, basis, blocking_effect, …), each value's meaning, and the consumer invariants — derived live from the data.

Two invariants that keep it honest

  • mapped ≠ satisfied. A control being mapped to a framework obligation says the map exists; it does not say your deployment satisfies it. That is decided by evidence at runtime. Try it on the Prove an obligation page.
  • basis: anchored vs asserted. Each framework mapping carries a basis: anchored means the cited identifier was validated in CI against the framework's captured primary text; asserted means cited but not yet anchored. Treat asserted as unvalidated.

Endpoints

Everything is static JSON over HTTPS with permissive CORS. The most useful entry points:

The full, categorized reference — all endpoints with copy-paste curl examples — lives on the API & Endpoints page. Machine discovery: /llms.txt.

Verify integrity

Two layers, both recomputable without trusting us:

  • Per-artifact SHA-256 — each artifact's hash is pinned in the manifest (see the Quickstart). Recompute the bytes and compare.
  • Manifest signature — the manifest carries an Ed25519 signature over its RFC 8785 (JCS) canonical form, minus the signature field. The public key (trust anchor) is at /integration/keys/manifest-signing-ed25519.pub.json; the private key is held offline.

The Verify page runs both checks live in the browser; the API page lists the out-of-band CLI equivalents.

MCP servers

Two read-only, zero-dependency MCP servers (stdio JSON-RPC, protocol 2024-11-05) let an agent query the corpus through one governed, checksum-verified interface. They live in the apeiris-control-core repo; run from its root:

// claude / MCP client config
{
  "mcpServers": {
    "apeiris-graph": { "command": "node", "args": ["adapters/graph-mcp/server.js"] },
    "apeiris-atlas": { "command": "node", "args": ["adapters/atlas-mcp/server.js"] }
  }
}
  • Knowledge graphget_node, neighbors, shortest_path, query_graph over the ~3,200-node graph. Human view: the Graph Explorer.
  • ATLASget_technique/mitigation/tactic/case_study, search, version_diff, map_to_apeiris over the pinned MITRE ATLAS model.

Both verify their artifact against the manifest SHA on load and refuse to serve on mismatch; every response carries provenance.

Build a verifier

A minimal Apeiris-aware verifier does three things:

  • Fetch + verify the manifest and the artifacts you rely on (Quickstart) — refuse to proceed on a hash mismatch.
  • Resolve controls by their cross-domain URI, e.g. apeiris://security/controls/IA-01, and read evidence_required + blocking_effect to know what a passing state demands.
  • Compose obligations — walk an obligation's proof chain (from proofmap.json) and evaluate each control against the evidence you hold. Keep coverage (mapped) and evidence (satisfied) as two distinct verdicts. The Prove page is a reference implementation of this loop in ~120 lines.

Cite Apeiris

Cite a single control by its stable cross-domain URI:

apeiris://security/controls/IA-01
 https://apeiris.ai/domains/security/#IA-01

Cite the corpus as a versioned, verifiable whole by pinning the manifest version and its signature key id — so a reader can reproduce exactly what you cited:

Apeiris public knowledge layer, manifest v1.1.0,
signed ed25519-… — https://apeiris.ai/integration/manifest.json

License

The public knowledge layer is openly published. The authoritative license is declared in the manifest's usage block (shown live below) and governs reuse of the control definitions, evidence model, and cross-domain URI scheme. Read the full license →

License: loading from the manifest…