ABT-E
Education
Permanent institutional signing of credentials. Student-controlled per-disclosure projection. No cross-verifier correlation.
Filed · Patent pending
ABT methodology family · variant ABT-E · educational records
A degree that belongs to the student forever
How forward-only activation prevents institutional retraction of a credential — and how the same envelope supports employer verification and aggregate research without sharing the student's full record.
US Provisional Patent 64/056,353 · Filed May 4, 2026 · sidratnam.com/abt/
Forward-only activation · Issued credential cannot be retracted by destroying tier keys · Three independent projections from one envelope
Nadia Volkov graduates — degree credential issued
Volkov completes her degree at Meridian University. The ABT-E envelope is constructed with three tiers: a degree tier (credential, grades, date), a transcript tier (full academic record), and a research tier (aggregate statistics, no PII). She holds the root credential key.
Student · first party
Nadia Volkov
ek_volkov — root credential key
Holds degree credential permanently
Controls all disclosure projections
degree envelope issued →
University
Meridian University
Issues and signs degree envelope
Holds institutional signing key
Cannot retract after issuance
Credential envelope · ek_volkov · MU-2025-BSc-CompSci
student_idNV-8841
degreeBSc Computer Science · Meridian University · 2025
GPA3.81 / 4.00
degree_tiercredential projection · encrypted to employer verification key
transcript_tier[ full academic record · Nadia-controlled consent release ]
research_tier[ aggregate statistics · encrypted to research key ]
registry_witnessMU-2025-BSc-CompSci · issued · hash-chained · forward-only
The forward-only activation means this credential cannot be retracted. Once the hash chain entry for the degree issuance is recorded, destroying the institutional signing key or any tier key does not un-issue the degree. The credential existed as a cryptographically proven fact at the moment of hash chain entry. Forward-only activation is a property of the registry: past events cannot be expunged.
Forward-only activation — the lock that protects the student
The forward-only property means: once the degree is issued and logged in the hash chain, no future action by Meridian University can remove it. The student's credential exists independently of the institution's subsequent choices.
forward_only_check: event: MU-2025-BSc-CompSci · issued · 2025-06-15 registry_hash: SHA256(ek_volkov || issuance_data || h_n-1) = h_n can_institution_retract_after_issuance: NO retraction_attempt: would require forging h_n in chain result: credential persists independently of institution's key status institutional_key_destroyed: credential remains verifiable registry_entry_expunged: hash chain integrity broken · detectable
An institution that later disputes the credential faces a structural problem. The hash chain entry proves the credential was issued at a specific time by Meridian University's signing key. Denying the issuance requires either (a) claiming the chain entry is fraudulent — which requires demonstrating a hash chain forgery — or (b) acknowledging the issuance but disputing validity on other grounds, which is a separate legal question from whether the credential was issued. Forward-only activation does not prevent litigation over credential validity; it prevents the factual erasure of the issuance event.
Employer verification — degree tier only
Volkov applies to a software engineering role. The employer requests degree verification. Volkov authorizes a degree-tier projection: credential confirmed, GPA confirmed, transcript not included.
Student
Nadia Volkov
Authorizes degree-tier projection
Scoped: degree + GPA only
Transcript: not included
degree verification →
Employer
Recruiting verification system
Receives degree + GPA
Transcript: not in this projection
Research tier: sealed
Employer projection · ek_volkov · verification_emp_b2c4
degree_confirmedBSc Computer Science · Meridian University · 2025
GPA3.81 / 4.00
credential_validtrue · verified against registry hash chain
transcript[ not in employer projection · student did not authorize ]
research_tier[ not in employer projection ]
Employer receives degree confirmation without access to grades history or course detail. The employer projection is a yes/no credential confirmation plus GPA. Individual course grades, failed courses, academic probation records, and other transcript content are in the transcript tier — which is a separate projection Volkov controls independently.
Transcript released — Volkov-controlled consent
A graduate school application requires a full transcript. Volkov authorizes a transcript-tier projection to the admissions office. This is a separate consent event from the employer verification — distinct scope, distinct recipient.
Transcript projection · admissions_grd_d7f1
student_nameNadia Volkov
degreeBSc Computer Science · 2025
courses72 credit hours · full course list included
gradesFull grade history · per-course breakdown
academic_standingGood standing throughout
employer_projection[ employer received separate projection · not linked to this one ]
The employer projection and the graduate school projection are independent events. The employer does not know Volkov is applying to graduate school. The graduate school does not know which employers she has shared credentials with. Each disclosure is scoped to its recipient and does not create a cross-disclosure record accessible to other recipients.
Research aggregate — no student PII in the research tier
Meridian University's institutional research function analyzes graduation rates, GPA distributions, and employment outcomes. It accesses the research tier — aggregate statistics without any individual student PII.
Research tier · MU-2025-BSc-CompSci cohort (aggregate)
cohortBSc CompSci 2025 · n=142
GPA_distributionmean 3.24 · σ 0.41 · range 2.1–4.0
graduation_rate91.4%
employment_outcome78% employed in field within 6 months
individual_student_PII[ not in research tier · no names / IDs / individual records ]
Volkov's individual record does not appear in the research tier. The research tier contains cohort aggregates. Volkov's GPA (3.81) contributes to the cohort mean — it is not individually identifiable in the research projection. The research function cannot reverse the aggregate to find any individual student's record.
Retraction attempt — the credential persists
Meridian University faces a dispute about the 2025 graduating class. It attempts to mark certain credentials as invalid. The forward-only hash chain prevents factual erasure of the issuance event.
retraction_attempt: institution: Meridian University target: MU-2025-BSc-CompSci · ek_volkov action_attempted: mark_invalid · remove_from_registry registry_response: hash_chain_entry: h_n (SHA256 including ek_volkov issuance at 2025-06-15) chain_status: unbroken · verified retraction: not possible · forward-only log institution_can: append_dispute_flag (visible to all parties) institution_cannot: remove_h_n · alter_issuance_event Volkov_credential_status: valid · independently verifiable
The institution can append a dispute flag — it cannot erase the issuance. Meridian University may append a note to the registry record indicating the credential is under dispute. That note is itself hash-chained and visible. What it cannot do is delete or alter the original issuance event. Volkov retains a credential whose existence is cryptographically proven, even if its validity is disputed in a separate legal proceeding. Forward-only activation ensures the evidentiary record of issuance exists regardless of the institutional dispute.