Integrity APIAI SafetyProctoringTelemetryNode.jsPrivacy

Project Simurgh

Project Simurgh is the defensive counterpart to The Invisible Window research: a zero-trust integrity API for autonomous agents and high-stakes proctoring. Instead of trusting a visual stream that can be structurally bypassed, Simurgh validates behavioral and environment metadata, builds tamper-evident audit records, and keeps the integrity signal privacy-preserving.

代码库

01. 问题

The Invisible Window shows that browser and OS screen-capture pipelines cannot be treated as ground truth. Proctoring platforms and agentic AI systems that rely on screenshots or UI vision can be deceived by documented display-affinity APIs and click-through overlays. A safer integrity layer needs to verify behavior and environment state without expanding surveillance.

02. 解决方案概述

Built a metadata-only integrity pipeline that evaluates behavioral telemetry rather than screen contents
Added Academic Shield flows for exam creation, session join, privacy acceptance, telemetry submission, review reports, and audit verification
Separated deterministic local scoring from optional AI narrative analysis so provider failures do not break the authoritative score
Added native-helper and Local Integrity Node direction for detecting display-affinity and producing signed proof envelopes
Anchored the project to The Invisible Window threat model while keeping the implementation vendor-neutral and privacy-preserving

构建

技术栈

Node.js / ExpressBrowser telemetry clientHMAC tamper-evident audit chainmacOS Swift Local Integrity NodeOptional AI narrative analysis

• Samples lightweight behavioral telemetry windows instead of recording screen pixels
• Detects focus loss, bulk paste, idle gaps, typing anomalies, and display-affinity risk signals
• Stage 1 Academic Shield workflow covers exam lifecycle, privacy acceptance, local risk scoring, reports, and audit verification
• Stage 2 proof pipeline signs privacy-preserving integrity envelopes for future device-level trust

安全

No screen pixels, webcam frames, audio, typed answer content, pasted content, or personal identity data collected
Student identifiers hashed before storage
Instructor, helper, audit, and session boundaries separated with dedicated secrets
Replay protection rejects duplicate sequences, stale timestamps, future timestamps, and malformed telemetry
HMAC-SHA256 linked audit chain makes report tampering detectable
Privacy-preserving reviewer model: Simurgh produces review recommendations, not automatic misconduct findings

03. 证明与验证

已验证声明

>Published as Zenodo preprint under CC BY 4.0 — DOI 10.5281/zenodo.20374849 — 12 pages, 31 references, IEEE conference format
>Stage 1 research MVP and Stage 1.5 validation pack documented in the repository
>Telemetry payloads are lightweight behavioral JSON windows, not video streams
>Audit verification endpoint validates the HMAC-linked event chain
>GitHub Stage 1 checks run the project quality gate on main and pull requests

研究论文

2 论文

IEEE-format preprintCC BY 4.0 preprint

Project Simurgh: Privacy-Preserving Device Integrity Proofs for Capture-Resistant High-Stakes Sessions

12-page defensive follow-up to The Invisible Window, replacing visual surveillance with metadata-only integrity proofs.

Zenodo2026DOI 10.5281/zenodo.20374849

下载论文

Supplement preprintPhase C preprint

Privacy-Preserving Integrity Evidence for Student-Society Voting-Adjacent Workflows: A Phase C Pilot of Project Simurgh at Macquarie University

5-page voting-adjacent pilot reporting 31 consented sessions alongside a Macquarie student-society event, with ballot-choice exclusion, HMAC audit chaining, forbidden-field rejection, and 5/5 collection-closure gates.

Zenodo2026DOI 10.5281/zenodo.20549736

下载论文

项目链接

源代码研究论文 Read the preprint

Cite this work

Abedini, M. R. (2026). Project Simurgh: Privacy-Preserving Device Integrity Proofs for Capture-Resistant High-Stakes Sessions. Zenodo. https://doi.org/10.5281/zenodo.20374849