Skip to main content
Volver
Integrity APIAI SafetyProctoringTelemetryNode.jsPrivacy

Project Simurgh

Project Simurgh is the defensive counterpart to The Invisible Window research: a zero-trust integrity API for autonomous agents and high-stakes proctoring. Instead of trusting a visual stream that can be structurally bypassed, Simurgh validates behavioral and environment metadata, builds tamper-evident audit records, and keeps the integrity signal privacy-preserving.

Repositorio

01. Problema

The Invisible Window shows that browser and OS screen-capture pipelines cannot be treated as ground truth. Proctoring platforms and agentic AI systems that rely on screenshots or UI vision can be deceived by documented display-affinity APIs and click-through overlays. A safer integrity layer needs to verify behavior and environment state without expanding surveillance.

02. Visión General de la Solución

  • Built a metadata-only integrity pipeline that evaluates behavioral telemetry rather than screen contents
  • Added Academic Shield flows for exam creation, session join, privacy acceptance, telemetry submission, review reports, and audit verification
  • Separated deterministic local scoring from optional AI narrative analysis so provider failures do not break the authoritative score
  • Added native-helper and Local Integrity Node direction for detecting display-affinity and producing signed proof envelopes
  • Anchored the project to The Invisible Window threat model while keeping the implementation vendor-neutral and privacy-preserving

Construcción

Stack Tecnológico

Node.js / ExpressBrowser telemetry clientHMAC tamper-evident audit chainmacOS Swift Local Integrity NodeOptional AI narrative analysis
  • Samples lightweight behavioral telemetry windows instead of recording screen pixels
  • Detects focus loss, bulk paste, idle gaps, typing anomalies, and display-affinity risk signals
  • Stage 1 Academic Shield workflow covers exam lifecycle, privacy acceptance, local risk scoring, reports, and audit verification
  • Stage 2 proof pipeline signs privacy-preserving integrity envelopes for future device-level trust

Seguro

  • No screen pixels, webcam frames, audio, typed answer content, pasted content, or personal identity data collected
  • Student identifiers hashed before storage
  • Instructor, helper, audit, and session boundaries separated with dedicated secrets
  • Replay protection rejects duplicate sequences, stale timestamps, future timestamps, and malformed telemetry
  • HMAC-SHA256 linked audit chain makes report tampering detectable
  • Privacy-preserving reviewer model: Simurgh produces review recommendations, not automatic misconduct findings

03. Prueba y Verificación

Afirmaciones Verificadas

  • >Published as Zenodo preprint under CC BY 4.0 — DOI 10.5281/zenodo.20374849 — 12 pages, 31 references, IEEE conference format
  • >Stage 1 research MVP and Stage 1.5 validation pack documented in the repository
  • >Telemetry payloads are lightweight behavioral JSON windows, not video streams
  • >Audit verification endpoint validates the HMAC-linked event chain
  • >GitHub Stage 1 checks run the project quality gate on main and pull requests

Artículos de Investigación

2 Artículos

IEEE-format preprintCC BY 4.0 preprint

Project Simurgh: Privacy-Preserving Device Integrity Proofs for Capture-Resistant High-Stakes Sessions

12-page defensive follow-up to The Invisible Window, replacing visual surveillance with metadata-only integrity proofs.

Zenodo2026DOI 10.5281/zenodo.20374849
Descargar Artículo
Supplement preprintPhase C preprint

Privacy-Preserving Integrity Evidence for Student-Society Voting-Adjacent Workflows: A Phase C Pilot of Project Simurgh at Macquarie University

5-page voting-adjacent pilot reporting 31 consented sessions alongside a Macquarie student-society event, with ballot-choice exclusion, HMAC audit chaining, forbidden-field rejection, and 5/5 collection-closure gates.

Zenodo2026DOI 10.5281/zenodo.20549736
Descargar Artículo

Enlaces del Proyecto

Código Fuente Artículos de Investigación Read the preprint

Cite this work

Abedini, M. R. (2026). Project Simurgh: Privacy-Preserving Device Integrity Proofs for Capture-Resistant High-Stakes Sessions. Zenodo. https://doi.org/10.5281/zenodo.20374849