TIP Node Operator Guide

What Is a TIP Node

A TIP node is a server that participates in the Trust Identity Protocol network. It stores a local copy of the directed acyclic graph (DAG) containing all identity registrations, content provenance records, disputes, and trust score updates. Any organization can run a node. No permission is required.

Nodes communicate via a gossip protocol, synchronizing new transactions with their peers. Every node can independently compute any trust score from its local DAG copy. There is no central database. The protocol is deterministic: given the same DAG history, every compliant node computes the same score.

Quick Start (Docker)

docker run -d \
  --name tip-node \
  -p 4000:4000 \
  -e TIP_ADMIN_API_KEY=$(openssl rand -hex 32) \
  -e TIP_PEER_URLS=https://node.theailab.org \
  -v tip-data:/app/data \
  ghcr.io/theailab-org/tip-node:latest

curl http://localhost:4000/health

# Expected response:
{
  "status": "ok",
  "chain_id": "tip-mainnet-v2",
  "protocol_version": "2.0.0",
  "tx_count": 0,
  "peer_count": 1
}

curl -X POST http://localhost:4000/v1/identity/register \
  -H "Content-Type: application/json" \
  -d '{
    "region": "US",
    "public_key": "<ML-DSA-65 public key hex>",
    "vp_id": "theailab",
    "vp_signature": "<VP signature>",
    "zk_dedup_proof": "<ZK proof hex>"
  }'

API Reference

Base URL: http://localhost:4000. All request and response bodies use application/json. Admin endpoints require the Authorization: Bearer <TIP_ADMIN_API_KEY> header. All responses include X-Powered-By: TIP-Protocol/theailab.org.

Rate Limits

Default rate limits per IP address: 100 requests/minute for public (read) endpoints, 20 requests/minute for write endpoints, and 50 requests/minute for admin endpoints. Rate-limited responses return HTTP 429 with a Retry-After header.

Example: Register Content

{
  "author_tip_id": "tip://id/US-a3f8c91b2d4e7021",
  "origin_code": "OH",
  "content": "First 10,000 characters of the content...",
  "content_hash": "<SHAKE-256 hash of the full content>",
  "title": "My Article Title",
  "author_signature": "<ML-DSA-65 signature of content_hash + origin_code>"
}

# Response:
{
  "ctid": "tip://c/OH-7f2a91bc3d5e4a-a3f8",
  "status": "registered",
  "pre_scan_flagged": false,
  "pre_scan_score": 0.42,
  "registered_at": "2026-03-26T12:00:00Z"
}

TIP-ID and CTID Formats

TIP-ID (Identity URI)

tip://id/[REGION]-[SHAKE256(public_key)[:16]]

Example: tip://id/US-a3f8c91b2d4e7021
Regex:   ^tip://id/[A-Z]{2}-[0-9a-f]{16}$

CTID (Content URI)

tip://c/[ORIGIN]-[SHAKE256(content)[:14]]-[tip_id[-4:]]

Example: tip://c/OH-7f2a91bc3d5e4a-a3f8
Regex:   ^tip://c/(OH|AA|AG|MX)-[0-9a-f]{14}-[0-9a-f]{4}$

Origin Codes

Every piece of content registered on TIP must declare one of four origin codes. The origin code is cryptographically bound to the content hash and the author's signature. Conservative labeling (declaring content as more AI-involved than it actually is) carries zero penalty. Only under-disclosure is penalized.

Trust Scoring and Tiers

Trust scores are deterministic integers from 0 to 1000, computed from the complete DAG transaction history. New identities start at 500 (or 550 with social attestation). Any protocol-compliant node given the same DAG must compute the same score.

Score Events

Registration (no attestation):        500
Registration (with social attestation): 550
OH declared, confirmed AG (1st):       -100
OH declared, confirmed AA (1st):        -40
AA declared, confirmed AG (1st):        -25
2nd offense:                           -200
3rd offense:                           -350
Conservative label (no penalty):          0
90-day clean record bonus:              +10

DAG Transaction Types

The DAG stores 17 transaction types. The first 8 were introduced in v1. The remaining 9 are v2 additions (FIX-02 through FIX-08).

Configuration Reference

All configuration is via environment variables. No config files.

Peer Networking

Nodes discover and sync with each other via a gossip protocol. On startup, a node connects to the peers listed in TIP_PEER_URLS and requests their peer lists. This bootstrapping process builds the mesh.

1. Node A sends GET /v1/dag/stats to each peer
2. If peer has more transactions, A sends GET /v1/node/peers
3. A requests missing transactions by hash range
4. A validates each transaction signature before inserting
5. A recomputes affected trust scores
6. A announces new local transactions to peers

Monitoring and Health

GET /health

{
  "status": "ok",
  "chain_id": "tip-mainnet-v2",
  "protocol_version": "2.0.0",
  "tx_count": 14823,
  "identity_count": 1247,
  "content_count": 8934,
  "peer_count": 12,
  "uptime_seconds": 86400,
  "last_gossip_at": "2026-03-26T11:45:00Z"
}

Monitor /health with your existing infrastructure tooling (Prometheus, Datadog, UptimeRobot, etc.). A healthy node returns HTTP 200 with "status": "ok". Alert if peer_count drops to 0 or if the response time exceeds 5 seconds.

Attribution and Licensing

The TIP Protocol specification is licensed under CC-BY 4.0 (free for everyone, forever). Attribution required:

TIP Protocol Specification by Dinesh Mendhe,
The AI Lab Intelligence Unobscured, Inc. (theailab.org)

The reference implementation code is licensed under TIPCL-1.0. Free for individuals, small businesses under $100K revenue, nonprofits, NGOs, educational institutions, government entities, and journalism organizations. Commercial tiers apply at and above $100K annual revenue, starting at the Micro tier ($500/yr) and scaling up to the Global tier. The license converts to Apache 2.0 on January 1, 2031.

Mandatory attribution for all code users:

Built on TIP Protocol by The AI Lab Intelligence Unobscured, Inc.
(theailab.org) | Licensed under TIPCL-1.0