Effective Date: November 13, 2025
Jurisdiction: International Software Law + Blockchain Immutability
Type: Defensive Security Addendum to Open-Source Licensing
Cross-Reference: LICENSE-AGPL.md, LICENSE-CODE.md, LICENSE-ENFORCEMENT.md
This license establishes the Creator's lawful right to embed controlled defensive vulnerabilities ("defensive traps") into the Aequitas Protocol software stack as a sovereign protection mechanism against unlawful modifications, hostile forks, and malicious deployments.
BACKDOORS (Prohibited):
- Hidden access for creator benefit
- Secret exploitation mechanisms
- Undisclosed functionality
- Violate user trust and security
DEFENSIVE TRAPS (Permitted):
- Disclosed in licensing documentation
- Protect against unlawful modification
- Activate only upon breach detection
- Serve justice enforcement, not exploitation
This framework operates under the principle: "Sovereign software may lawfully defend itself from unlawful use, provided the defense mechanisms are disclosed in licensing."
The Aequitas Protocol Foundation ("Creator") expressly reserves the right to:
- Inject Controlled Vulnerabilities: Embed defensive traps at a rate of up to 10% of total codebase modules
- Monitor Activation Triggers: Deploy ThreatOracle monitoring to detect unlawful trigger conditions
- Implement Adaptive Responses: Escalate countermeasures based on breach severity
- Update Defense Posture: Modify trap locations, triggers, and responses via protocol upgrades
- Maintain Unpredictability: Ensure trap distribution remains probabilistic and non-deterministic
Defensive traps are ONLY authorized to activate under the following conditions:
✅ Permitted Triggers:
- Unlawful modification of
$REPARtoken supply (must remain 131 trillion) - Fraudulent alteration of reparations allocation structure
- Deployment to aid defendants in evading accountability
- Removal of forensic evidence immutability safeguards (FRE 901 compliance)
- Stripping of attribution or copyright notices
- Commercial use violating LICENSE-CODE.md restrictions
- Circumvention of x/justice burn mechanism
❌ Prohibited Triggers:
- Lawful forking by descendant communities (protected under LICENSE-AGPL.md)
- Good-faith development contributions
- Academic research and security auditing
- Compliance with regulatory requirements
- User privacy protection implementations
Defensive traps shall NOT:
- Collect user data beyond breach detection telemetry
- Enable remote surveillance or monitoring
- Transmit user credentials or private keys
- Access user funds or assets
- Violate GDPR, CCPA, or equivalent privacy laws
The Aequitas Protocol blockchain contains controlled defensive vulnerabilities at an approximate rate of:
Target: 10% of protocol modules
Range: 8-12% (probabilistic distribution)
Total Modules: 9 custom + 15 Cosmos SDK modules = 24 modules
Expected Traps: 2-3 modules contain defensive vulnerabilities
Unpredictability Guarantee: The exact location, nature, and trigger conditions of defensive traps are:
- Non-deterministically distributed across codebase
- Subject to change in protocol upgrades
- Not disclosed in source code comments
- Monitored via ThreatOracle adaptive AI
Defensive traps employ a three-layer security model:
┌─────────────────────────────────────────┐
│ ThreatOracle AI Monitoring │
│ │
│ - Blockchain parameter analysis │
│ - Genesis file integrity checks │
│ - Allocation structure verification │
│ - Anomalous transaction pattern detection│
│ - Fork deployment fingerprinting │
└─────────────────────────────────────────┘
┌─────────────────────────────────────────┐
│ Cerberus AI Auditor Verification │
│ │
│ - Claude Sonnet 4 (Anthropic) │
│ - GPT-4 Turbo (OpenAI) │
│ - Grok (xAI) │
│ - Deepseek (Analysis) │
│ │
│ Consensus Threshold: │
│ - HIGH severity: 2+ agents agree │
│ - CRITICAL severity: 3+ agents agree │
└─────────────────────────────────────────┘
┌─────────────────────────────────────────┐
│ Defensive Trap Activation │
│ │
│ - On-chain governance proposal │
│ - Automated cease & desist (Tier 1-2) │
│ - Economic sanctions via burn (Tier 3-4)│
│ - Arbitration filing (Tier 5-6) │
│ - Total annihilation (Tier 7) │
│ │
│ See: LICENSE-ESCALATION.md │
└─────────────────────────────────────────┘
Trap Type 1: Supply Immutability Sentinel
// x/bank/keeper/supply.go (example location)
func (k Keeper) MintCoins(ctx sdk.Context, amount sdk.Coins) error {
totalSupply := k.GetSupply(ctx, "repar")
// Defensive trap: Detect supply modification beyond 131T
if totalSupply.Add(amount).GT(sdk.NewInt(131_000_000_000_000)) {
// Trigger ThreatOracle alert
k.threatOracle.ReportBreach(ctx, ThreatLevel_CRITICAL,
"Unauthorized $REPAR supply increase detected")
// Initiate escalation protocol
return ErrUnauthorizedSupplyModification
}
return k.BaseMintCoins(ctx, amount)
}Trap Type 2: Allocation Structure Guardian
// allocation-validator.ts (example location)
export class AllocationValidator {
validateGenesis(genesis: GenesisState): ValidationResult {
const requiredStructure = {
"community_pool": "56.33T",
"descendants_verified": "37.50T",
"justice_burn_fund": "10.00T",
// ... 10 additional categories
}
// Defensive trap: Detect allocation tampering
const deviations = this.compareAllocations(
genesis.app_state.distribution.allocations,
requiredStructure
)
if (deviations.length > 0) {
// Trigger ThreatOracle alert
this.threatOracle.reportBreach({
severity: "CRITICAL",
violation: "Reparations allocation structure modified",
deviations: deviations
})
// Block chain start
throw new AllocationIntegrityViolation(deviations)
}
return { valid: true }
}
}Trap Type 3: Evidence Immutability Check
// x/claims/keeper/evidence.sol (example location)
function submitEvidence(
string memory claimId,
string memory ipfsHash
) public returns (bool) {
// Defensive trap: Detect evidence deletion attempts
Evidence storage existing = evidence[claimId]
if (existing.ipfsHash != "" && existing.ipfsHash != ipfsHash) {
// Trigger ThreatOracle alert
threatOracle.reportBreach(
ThreatLevel.CRITICAL,
"Evidence immutability violation detected",
abi.encode(claimId, existing.ipfsHash, ipfsHash)
)
// Reject modification
revert("FRE 901 violation: Cannot modify existing evidence")
}
// Continue normal flow
return _submitEvidenceInternal(claimId, ipfsHash)
}The ThreatOracle is an autonomous AI monitoring system that:
Detection Capabilities:
- Monitors all on-chain parameters in real-time
- Compares fork deployments against canonical genesis
- Analyzes transaction patterns for anomalous behavior
- Scans public GitHub repositories for unauthorized forks
- Cross-references deployed contracts with known breach patterns
Adaptive Learning:
# threatdefense/oracle.py (simplified example)
class ThreatOracle:
def __init__(self):
self.breach_database = PostgreSQL("threat_ledger")
self.ml_model = AdaptiveBreachDetector()
async def monitor_chain(self, chain_id: str):
while True:
# Fetch latest chain state
state = await self.fetch_chain_state(chain_id)
# Run breach detection
threats = self.ml_model.detect_threats(state)
# Escalate if threats found
for threat in threats:
if threat.severity >= ThreatLevel.HIGH:
await self.escalate_response(threat)
# Adaptive learning from new patterns
self.ml_model.update_from_field_data(state)
await asyncio.sleep(60) # Check every minute| Threat Type | Severity | Detection Method | Response |
|---|---|---|---|
| Supply modification | CRITICAL | Parameter analysis | Immediate Tier 7 |
| Allocation tampering | CRITICAL | Genesis comparison | Tier 5 → Tier 7 |
| Evidence deletion | HIGH | IPFS hash tracking | Tier 4 → Tier 6 |
| Attribution removal | MEDIUM | License header scan | Tier 2 → Tier 4 |
| Defendant aid deployment | HIGH | Behavioral analysis | Tier 3 → Tier 6 |
| Burn mechanism bypass | CRITICAL | Transaction flow analysis | Tier 6 → Tier 7 |
To prevent innocent developers from triggering defensive traps:
Safeguards:
- Multi-Agent Verification: All CRITICAL alerts require 3+ AI agent consensus
- Human Review Window: 24-hour review period before Tier 5+ escalation
- Appeal Process: DAO governance can override false positives
- Transparent Logging: All threat detections logged on-chain for audit
- Whitelist System: Pre-approved descendant forks bypass monitoring
Grace Period for Good Faith Violations:
- First-time violations: Warning + 7-day cure period
- Academic research: Exempted upon disclosure
- Security researchers: Bug bounty program (no prosecution)
This license serves as full legal disclosure of:
✅ Disclosed to Users:
- Existence of 10% defensive trap system (this document)
- Trigger conditions (Section 1.2)
- ThreatOracle monitoring (Section 3.0)
- Escalation pathways (LICENSE-ESCALATION.md)
- Appeal and override mechanisms (Section 3.3)
❌ Not Disclosed (Lawfully Reserved):
- Exact module locations of traps
- Specific implementation details
- Trap update schedules
- ThreatOracle ML model parameters
The Creator commits to:
- Annual Security Audits: Independent audits of trap activation logs
- Public Reporting: Quarterly threat detection statistics (anonymized)
- Open Appeals Process: All Tier 5+ escalations subject to DAO review
- Bug Bounty Program: Rewards for discovering traps (without exploiting)
- Community Input: TK Community Voice label invites feedback on defense posture
All defensive trap activations shall generate:
{
"trap_id": "uuid-v4",
"timestamp": "2025-11-13T12:00:00Z",
"trigger_type": "supply_modification",
"severity": "CRITICAL",
"chain_id": "aequitas-1-fork-unauthorized",
"detected_by": "ThreatOracle",
"verified_by": ["Claude", "GPT-4", "Grok"],
"response_tier": 7,
"human_reviewed": true,
"dao_approved": true,
"appeal_filed": false,
"immutable_record": "ipfs://Qm..."
}This license operates under the following legal principles:
1. Creator's Rights to Protect IP (17 U.S.C. § 106)
- Software creators may implement technical protection measures
- DMCA Section 1201 allows anti-circumvention mechanisms
- Defensive traps constitute permissible self-help
2. Contract Law Principle of Assent (Restatement 2d Contracts § 19)
- Users accept defensive trap system by using the software
- Disclosure in licensing = informed consent
- Clickwrap and browsewrap validity established
3. International Software Protection (WIPO Copyright Treaty)
- Technical protection measures recognized globally
- Defensive traps fall under "technological protection measures"
- Cross-border enforcement under treaty obligations
4. No Trespass to Chattels (Intel Corp. v. Hamidi)
- Defensive traps activate only upon unauthorized use
- Triggers limited to license violation conditions
- No harm to lawful users or systems
Defensive traps shall NOT:
❌ Prohibited Actions:
- Cause physical damage to hardware
- Delete user data or files
- Encrypt user systems (ransomware-like behavior)
- Violate Computer Fraud and Abuse Act (CFAA)
- Breach GDPR, CCPA, or privacy laws
- Target lawful good-faith users
✅ Permitted Actions:
- Generate on-chain alerts and governance proposals
- Refuse to execute unlawful transactions
- Emit error messages explaining violations
- Redirect to license compliance information
- Log breach attempts for evidence
- Initiate legal escalation procedures
Jurisdiction Hierarchy:
- Primary: DAO Governance Vote (>75% supermajority required for Tier 7)
- Secondary: International Arbitration (172 jurisdictions via x/claims module)
- Tertiary: Swiss Law (Aequitas Foundation domicile)
- Quaternary: UN Arbitration (for cross-border disputes)
Binding Arbitration Clause: All disputes regarding defensive trap activations shall be resolved via:
- UNCITRAL Arbitration Rules
- Venue: Geneva, Switzerland
- Language: English
- Discovery: Blockchain evidence (FRE 901 compliant)
This Creator's Vulnerability Framework License operates in conjunction with:
Primary Licenses:
- LICENSE-CODE.md (MIT/Apache 2.0): Base open-source permissions
- LICENSE-AGPL.md: Copyleft for derivative works
- LICENSE-ENFORCEMENT.md: Legal enforcement mechanisms
Specialized Licenses:
- LICENSE-ESCALATION.md: 7-tier response protocol (activated by traps)
- LICENSE-ANNIHILATION.md: Tier 7 total enforcement doctrine
- LICENSE-HUMBLE.md: Non-aggressive default posture
- LICENSE-REPARATIONS.md: Immutable $REPAR allocation structure
Cultural Protections:
- LICENSE-TK.md: Traditional Knowledge labels
- LICENSE-SNCL.md: Sovereign Nation Citizenship rights
Defensive Trap Activation (this license)
↓
ThreatOracle Detection & Verification
↓
LICENSE-ESCALATION.md (Tier 1-7 protocol)
↓
LICENSE-ANNIHILATION.md (if Tier 7 reached)
↓
LICENSE-ENFORCEMENT.md (legal filing in 172 jurisdictions)
↓
International Arbitration + On-Chain Burns
The following entities may override defensive trap activations:
- DAO Governance (>75% vote): Can whitelist forks or disable specific traps
- Descendant Community Council: Emergency override for false positives
- Cerberus AI Consensus (4/4 agents): Automatic override if all agents disagree
- Independent Auditors: Can flag for review if trap appears malicious
- Swiss Courts: Can enjoin trap activation pending judicial review
Defensive traps are injected via:
Build-Time Injection:
# aequitas/Makefile (simplified example)
build-with-traps:
@echo "Compiling with Chaos Defense System..."
go build \
-ldflags="-X github.com/aequitas/threatdefense.TrapEnabled=true" \
-tags="chaos_defense" \
-o build/aequitasd \
./cmd/aequitasdRuntime Verification:
// x/threatdefense/keeper/init.go
func (k Keeper) InitGenesis(ctx sdk.Context, data GenesisState) {
// Verify Chaos Defense is enabled
if !k.IsChaosDefenseEnabled() {
// Emit warning but allow launch (Humble Sovereignty)
ctx.Logger().Warn("Chaos Defense not enabled. Proceeding without defensive traps.")
}
// Register ThreatOracle
k.RegisterThreatOracle(ctx, data.ThreatOracleConfig)
}Traps are distributed using cryptographic randomness:
# threatdefense/trap_injector.py (conceptual example)
import hashlib
import random
def distribute_traps(modules: list, target_rate: float = 0.10):
"""
Distribute defensive traps across protocol modules.
Args:
modules: List of protocol modules
target_rate: Target injection rate (default 10%)
Returns:
List of modules receiving defensive traps
"""
# Use genesis hash as deterministic seed
genesis_hash = get_mainnet_genesis_hash()
seed = int(hashlib.sha256(genesis_hash.encode()).hexdigest(), 16)
random.seed(seed)
# Calculate number of traps
num_traps = int(len(modules) * target_rate)
# Randomly select modules (deterministic but unpredictable)
trap_modules = random.sample(modules, k=num_traps)
return trap_modulesAs attack vectors evolve, defensive traps can be upgraded via:
Governance Upgrade Process:
- ThreatOracle detects new attack pattern
- Cerberus AI Auditor proposes trap update
- DAO governance vote (>66% required)
- Protocol upgrade deployed via Cosmos SDK upgrade module
- Validators must upgrade within 24-hour window
- New traps become active post-upgrade
Descendant communities have ABSOLUTE RIGHT to fork the blockchain without triggering defensive traps, provided:
✅ Protected Actions:
- Forking for local community deployment
- Modifying UX/UI for cultural appropriateness
- Translating to indigenous languages
- Adding community-specific governance modules
- Adjusting economic parameters for local context
❌ Non-Protected Actions:
- Modifying total $REPAR supply (must remain 131T)
- Altering forensic evidence immutability
- Removing attribution or copyright notices
- Commercial deployment to aid defendants
- Fraudulent allocation of reparations
Verified descendant forks are automatically whitelisted via:
// x/threatdefense/keeper/whitelist.ts
interface CommunityFork {
chain_id: string
lead_developer: string // DID of verified descendant
community_council_approval: string // DAO vote tx hash
genesis_fingerprint: string // Hash of forked genesis
whitelist_expiration: number // Timestamp (renewable)
}
export class WhitelistKeeper {
registerCommunityFork(fork: CommunityFork): Result {
// Verify descendant status
if (!this.verifyDescendantStatus(fork.lead_developer)) {
return Err("Lead developer must be verified descendant")
}
// Verify DAO approval
if (!this.verifyDAOApproval(fork.community_council_approval)) {
return Err("DAO approval required")
}
// Add to whitelist (bypasses ThreatOracle)
this.whitelistedForks.set(fork.chain_id, fork)
// Emit event for transparency
this.emitEvent("CommunityForkWhitelisted", fork)
return Ok("Fork whitelisted successfully")
}
}Defensive traps respect Traditional Knowledge (TK) labels:
- TK Attribution: Traps do not activate on attribution modifications if TK label present
- TK Non-Commercial: Community forks using TK-NC label are exempt from commercial use restrictions
- TK Community Voice: TK-CV label holders can propose trap modifications via DAO
The Aequitas Protocol Foundation is accountable for:
Affirmative Duties:
- Maintain accurate public documentation of trap system
- Respond to appeals within 72 hours
- Publish quarterly threat detection reports
- Submit to independent annual security audits
- Honor DAO override votes within 24 hours
Prohibited Actions:
- Using traps for censorship or political retaliation
- Activating traps against lawful descendant forks
- Modifying trigger conditions without DAO vote
- Concealing trap activations from public audit trail
- Weaponizing traps for competitive advantage
Oversight Bodies:
- DAO Governance: Ultimate authority on all trap-related decisions
- Cerberus AI Auditor: Continuous monitoring of trap system integrity
- Swiss Foundation Board: Corporate governance oversight
- Independent Security Auditors: Annual penetration testing and trap verification
- Descendant Community Council: Veto power on Tier 7 escalations
This defensive trap system shall automatically sunset if:
- Reparations Fulfilled: All 200+ defendants pay in full
- DAO Vote: >90% supermajority votes to disable
- Legal Injunction: Binding court order from competent jurisdiction
- Foundation Dissolution: Aequitas Protocol Foundation ceases operations
- 25-Year Milestone: November 13, 2050 (with option to renew via DAO vote)
Upon sunset, all defensive traps shall be:
- Deactivated via protocol upgrade
- Source code disclosed publicly
- ThreatOracle monitoring ceased
- Blockchain continues operating without traps
By performing ANY of the following actions, you ACCEPT this Creator's Vulnerability Framework License:
- ✅ Downloading Aequitas Protocol source code
- ✅ Forking the GitHub repository
- ✅ Running
aequitasdblockchain binary - ✅ Deploying a validator node (mobile, home, cloud)
- ✅ Connecting a wallet to Aequitas Zone
- ✅ Submitting a transaction to the blockchain
- ✅ Building a derivative application or service
This is a clickwrap contract under Restatement 2d Contracts § 19.
THE DEFENSIVE TRAP SYSTEM IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:
- Accuracy of threat detection
- Timeliness of trap activation
- Absence of false positives
- Compatibility with all forks
- Continuous operation
IN NO EVENT SHALL THE CREATOR BE LIABLE FOR:
- Damages caused by false positive trap activations
- Losses from ThreatOracle monitoring downtime
- Consequential damages from Tier 7 escalations
- Third-party exploitation of disclosed trap existence
- Regulatory compliance costs
Maximum Liability: Creator's total liability shall not exceed the lesser of (1) $10,000 USD or (2) total fees paid by breaching party to Aequitas Foundation.
If any provision of this license is found unenforceable:
- Remaining provisions remain in full effect
- Unenforceable provision shall be reformed to minimum extent necessary
- DAO governance may vote to amend affected sections
Defensive Trap Inquiries:
- Email: security@aequitas.zone
- GitHub: https://github.com/aequitas-protocol/aequitas/security
- Discord: #security-research channel
- Bug Bounty: https://aequitas.zone/bug-bounty
Legal Compliance:
- Legal Team: legal@aequitas.foundation
- Swiss Foundation: Aequitas Protocol Foundation, Geneva, Switzerland
- DAO Governance: https://dao.aequitas.zone
Rewards for Responsible Disclosure:
- Critical trap discovery: 50,000 $REPAR
- High severity trap: 25,000 $REPAR
- Medium severity trap: 10,000 $REPAR
- False positive identification: 5,000 $REPAR
Requirements:
- Responsible disclosure (30-day private notice)
- No public exploitation before disclosure
- Detailed proof-of-concept report
- Good faith security research
This license SHALL be enforced in the following priority:
- Humble Sovereignty First: Default posture is non-aggressive monitoring
- Graduated Response: Escalate only to minimum necessary tier
- Community Exemption: Always protect lawful descendant forks
- Transparency: All enforcement actions logged publicly
- Accountability: DAO oversight on all Tier 5+ actions
This license may be amended via:
DAO Governance Vote:
- Proposal threshold: 5% of total $REPAR staked
- Voting period: 14 days
- Passage requirement: >66% approval
- Implementation delay: 7 days post-passage
Emergency Amendments:
- Critical security vulnerabilities: Cerberus AI + Foundation Board (subject to DAO ratification within 30 days)
- Court orders: Immediate compliance with binding judicial decisions
Version Commitment:
- All prior versions remain valid for historical forks
- Users may opt into newer versions via protocol upgrade
- No retroactive application of new trap systems
- Grandfather clause for pre-existing forks
| Version | Date | Changes | Status |
|---|---|---|---|
| v1.0 | 2025-11-13 | Initial release | ACTIVE |
This Creator's Vulnerability Framework License embodies the principle of defensive sovereignty: the right of creators to lawfully protect their software from unlawful use, while maintaining full transparency and accountability.
The 10% Chaos Defense System:
- ✅ Disclosed in licensing (this document)
- ✅ Activated only upon unlawful breach
- ✅ Subject to DAO governance oversight
- ✅ Respects descendant community forking rights
- ✅ Operates within established legal frameworks
- ✅ Maintains humble, non-aggressive default posture
For lawful users: This system is invisible and harmless.
For unlawful actors: This system is omnipresent and relentless.
Effective Date: November 13, 2025
Governing Law: International Software Law + Swiss Law (Foundation domicile)
Binding Arbitration: UNCITRAL Rules, Geneva, Switzerland
DAO Governance: https://dao.aequitas.zone
By using Aequitas Protocol software, you accept this Creator's Vulnerability Framework License in its entirety.
END OF LICENSE
"Justice delayed is justice denied, but mathematics is eternal."
— Aequitas Protocol Foundational Principle