Architecture


Introduction

AON is a protocol for propagating immutable authorization objects between participants. The protocol itself assigns no meaning to objects. It only defines how immutable objects are identified, propagated, and referenced. It stores them, propagates them, and exposes their relationships. Meaning is defined entirely by namespaces.


Objects

Everything in AON is an immutable object. Objects may reference earlier objects, forming directed graphs. Typical object types include:

The protocol does not require these types. They are conventions established by namespaces.


Namespaces

Namespaces define how objects are interpreted. A namespace specifies:

Different namespaces may coexist on the same network without affecting one another.


Execution

Objects never execute themselves. Participants called executors observe the propagated object graph and independently determine when a graph satisfies the rules of a namespace.

When execution occurs, the executor publishes a receipt describing the completed state transition. Receipts become part of the immutable object graph.


Trust

AON establishes propagation, not truth. Object integrity is provided by cryptographic hashes and signatures. Whether an object represents a valid authorization, proof, or completed execution depends entirely on the namespace interpreting it.

Different namespaces may rely on different verification mechanisms, including smart contracts, SPV proofs, external systems, or local policy.


Lifecycle

Authorization
participant defines what may occur
Condition
requirements are defined
Proof
conditions are satisfied
Executable Graph
all components present
Execution
any executor may act
Receipt
transition recorded

Objects are created independently, propagated through the network, evaluated according to a namespace, executed by any participant, and finalized by publishing a receipt.


Example

In the CSD/USDC namespace (aon-namespace-csd-usdc):

The protocol remains unchanged. Only the namespace defines how those objects are interpreted.


Design

AON does not attempt to define how systems should authorize actions. It provides a common protocol for propagating immutable authorization objects. Coordination emerges from independently verified object graphs rather than centralized authority.