TFEF — Token Forensics Exchange Format
TFEF is the open, vendor-neutral schema for forensic AI evidence. Owning the standard outlasts owning features — the way OpenTelemetry, MITRE ATT&CK, and OCSF own their categories. TFEF v0.1 is published in this repository under Apache-2.0.
This page orients you to TFEF and its role. The normative document is
docs/tfef/v0.1-spec.md in the repository — linked below.
What the spec defines
- Bundle layout — the on-disk structure of an evidence bundle: manifest, signature, anchor proof, the events, and any diffs.
ForensicEventhash-chain rules — how events chain, what each hash covers, and the integrity guarantees that follow.- Event-type taxonomy — the canonical set of forensic event types (capture, replay, evidence export, policy change, and more).
- Payload schemas — the shape of each event type's payload.
- Tombstone-and-rehash erasure — how GDPR right-to-be-forgotten is honored without deleting rows, preserving chain integrity.
- Conformance levels — TFEF-C (capture), TFEF-R (replay), TFEF-E (evidence export): what a tool must implement to claim each.
Why it matters
Observability vendors can copy features; they cannot copy being the standard. A bundle in TFEF is portable evidence — readable by any conforming tool, defensible to an auditor, not locked to one vendor.
TFEF v0.1 says signature covers hash. The Pillar 1 split-hash design
showed that is wrong for multi-host reality — it must split into
content_hash (producer-signed) and chain_hash (server-computed) in
v0.5. See Pillar 1 — Tamper-evident capture.
Last updated