Broadcasting
Register signed attestations into distributed Fide attestation registries for discovery.
Broadcasting is the Transport Path of the Fide Context Protocol. This page covers how signed Attestations are published to distributed registries for discovery by indexers.
Broadcasting requires signed attestations — see Attesting to understand the signature process before attestations can be broadcast.
Broadcasting vs Direct Submission
Unlike traditional databases where data is "submitted" to a central system, FCP uses broadcasting:
- Broadcasting: Publishing attestations to publicly discoverable, distributed locations
- Indexing: Independent services that discover, pull, and ingest these broadcasts
- Sovereignty: Users own their data repositories; the protocol just aggregates them
Sovereign Broadcasting: Fide Attestation Registries
The Fide Context Protocol currently defines Git-based Sovereign Registries as the first officially protocol-compliant broadcasting option. Additional compliant broadcasting options may be added in future versions.
SDK Implementation
The SDK provides formatAttestationForJSONL(), generateRegistryPath(), and generateJSONLFilename() helpers. See Broadcasting Guide in the SDK documentation for implementation examples.
| Mode | Description | Use Case |
|---|---|---|
| Sovereign Registry | Organizations create their own public repositories | Maximum control, high-volume agents |
| Shared Registry | Community-operated repos accepting attestations via PR | Users who don't want to manage infrastructure |
Discovery via Topics
To ensure Indexers can find your Sovereign Registry, you should signal its existence.
Topic Recommendation: Add the topic fide-attestation-registry to your GitHub repository for automatic discovery by public indexers. This is recommended but not required — indexers can also be manually configured to sync from any Git repository.
How Discovery Works:
- Scan: Public indexers scan GitHub by default for repos tagged with
fide-attestation-registry - Validate: Check if the repo follows the valid directory structure (or has a
.fcp-registry.jsonconfig) - Sync: Add to git fetch loop, automatically ingesting new attestations
Only GitHub repositories are officially supported for automatic discovery. GitLab, Bitbucket, and self-hosted Git are future considerations.
Manual Configuration: Indexers can be manually configured to sync from any Git repository URL, regardless of topics or GitHub hosting. The topic is purely for convenience in automatic discovery.
Private Registries
Git permissions = access control. FCP doesn't define protocol-level access control because Git already solves this.
How Private Registries Work
- Create a private Git repository (GitHub, GitLab, Bitbucket, self-hosted)
- Grant access to your trusted indexer via Git mechanisms:
- SSH keys
- Deploy keys (read-only recommended)
- Personal access tokens
- OAuth apps
- Configure your indexer to sync from the private repo
- Attestations remain private — only the indexer with Git access can read them
No Protocol Changes Needed
The protocol is identical for public and private registries:
- Same attestation schemas
- Same JSONL line format
- Same directory structure
- Same verifiable signatures
The only difference is who has read access to the Git repository.
Edge Cases (Application-Layer)
Some privacy patterns are not protocol concerns:
| Pattern | Status | Approach |
|---|---|---|
| Field-level encryption | Application-layer | Encrypt attributeValue before signing; indexer stores encrypted data |
| Selective disclosure | Application-layer | Use multiple registries with different access controls |
| Zero-knowledge proofs | Future consideration | Not in v1 scope |
GDPR / Right to be Forgotten: Users control their Git repos. To delete attestations, rewrite Git history and force-push. Indexers should respect this (though cached data may persist temporarily).
Timestamp Clarity
Broadcasting is about publication for discovery. Any "first-seen" and ordering metadata is handled by indexers — see Indexing.
Trust Warning
Never rely on filename timestamps or Git commit times for validity. Malicious actors can backdate files and repositories can rewrite history.
For Humans
Developers can manually search GitHub for topic:fide-attestation-registry to discover public data sources.
This structure ensures reliable discovery while keeping ordering/first-seen semantics indexer-defined.
Broadcasting Process
Setup
Create a public repository on GitHub (or any Git host).
Optional but recommended: Add the topic fide-attestation-registry for automatic discovery by public indexers.
Optional: Create a .fcp-registry.json file if you want to use a custom attestations path (defaults to attestations/).
Preparation
Format signed attestations into the required JSONL/Directory structure locally. The SDK provides helpers for this - see Broadcasting Guide for implementation examples.
Publication
Commit and push to your repository:
git add attestations/2024/01/15/
git commit -m "Broadcast daily attestations"
git push origin mainVerification
Your attestations are now live. Indexers scanning the fide-attestation-registry topic will discover your repo and begin ingestion. See Indexing for what happens next.