Skip to content

GLOSSARY

Public-safe terminology.

Marketing-level definitions. The protocol-level definitions live behind a mutual NDA.

Structural Authentication

The category-defining paradigm EdSSA introduced. Two parties authenticate by independently constructing the same ephemeral credential from shared in-memory state and public ambient inputs — without a central authority in the hot path, without per-request communication to a third party, and without multi-node consensus. The umbrella term in the patent application "Decentralised Stateless Structural Authentication" (filed 1 May 2026).

Adaptive Credential Plasticity

The architectural property — also referred to as the "breathing credential" — by which independent design parameters control security level and operational resilience separately. Authentication absorbs transient ratchet ticks, oracle hiccups, schema transitions, and clock drift transparently, without weakening the cryptographic guarantee.

EdSSA Seed

The shared in-memory state that two endpoints derive at bootstrap and advance autonomously thereafter. Lives only in volatile memory; never written to non-volatile storage at runtime. The full mechanism is L3 material under NDA.

Schema Blueprint

The volatile-only positional structure each endpoint holds, used by the deterministic rule engine to construct or parse the ephemeral credential. Rotates autonomously and is never persisted. Detailed structure under NDA.

Three-Class Oracle Taxonomy

The classification of public ambient inputs that contribute to credential derivation. EdSSA distinguishes three oracle roles, each with a distinct function in the protocol. Specific roles, source curation, and quality ranks are L3 material under NDA.

Recipe-and-Anchor Recovery

A cold-boot recovery mechanism that does not require persistent storage of secret state at either endpoint. Designed to differ structurally from PUF helper-data schemes. Construction details under NDA.

Breathing credential

The marketing-level metaphor for the ephemeral credential that EdSSA protocol endpoints exchange. The credential is built freshly each request from a shared in-memory state and public ambient inputs; the state advances autonomously over time.

Bootstrap

The single, initial post-quantum handshake between two endpoints. After bootstrap, the bootstrap material is discarded; subsequent authentication runs on derived state.

Decentralised verification

The property that no central authority sits in the hot path of authentication. Each endpoint can verify its counterparty locally, using only state held in volatile memory.

Forward secrecy from quantum break

The property that even a future quantum-break of the bootstrap handshake cannot recover authentication state established before the break. Achieved by discarding bootstrap material immediately and advancing state through one-way functions only.

Hibernation handshake

A protocol mode in EdSSA Orbit that allows two endpoints to remain mutually authenticated across multi-orbit or multi-day communication gaps without re-bootstrap.

Oracle

A public, ambient input — observable in the operating environment — that contributes to credential derivation. EdSSA uses a curated taxonomy of oracle classes; the specific source list and quality ranks are L3 material under NDA.

Post-quantum primitive

A cryptographic primitive whose security does not depend on assumptions broken by a cryptographically relevant quantum computer. EdSSA uses primitives standardised by NIST FIPS 203 and the related family.

Ratchet

The autonomous, scheduled advancement of the in-memory state. Both endpoints advance independently. The forward direction is one-way.

Resilience margin

The headroom designed into the protocol to absorb transient noise — clock drift, oracle hiccups, schema transitions — without weakening the cryptographic guarantee.

Stateless authentication

Authentication in which no per-session secret is held on disk. State exists in volatile memory at each endpoint, and only there.

Threshold authentication

A multi-member identity scheme in which the group identity remains valid as long as a threshold of members are present and authentic. Used by EdSSA Swarm.

Validating relay

A pass-through component that validates authentication tokens before traffic reaches origin. EdSSA Edge is the validating-relay tier of the protocol family.

Audit emission

Configurable emission of structured audit records per verification event, with tiers from no emission through compliance-baseline records (suitable for DSCSA, FMD, NIS2, ISO 27001) up to high-assurance modes with optional cryptographic tamper-evidence. Detailed specification under NDA.

Want the deeper definitions?

Available under mutual NDA.

Talk to us →