SpecApril 3, 2026

RFC-0001: SPANFORGE — Open Event-Schema Standard for AI Compliance

The full SPANFORGE open specification. Defines the Event Envelope, Namespace Taxonomy, HMAC Audit Chains, PII Redaction Framework, and Compliance Namespaces for standardised AI compliance across any LLM provider.

By SpanForge Maintainers

RFC-0001: SPANFORGE — Open Event-Schema Standard for AI Compliance

Status: Accepted
Version: 1.0.0
Authors: SpanForge Maintainers
Created: 2025
Updated: 2026

Abstract

This RFC defines the SPANFORGE event-schema standard: a structured, typed event envelope for recording, signing, redacting, and exporting events emitted by agentic AI systems. The goal is a language-agnostic, vendor-neutral schema that any instrumentation library can emit and any compliance backend can consume.

Motivation

Agentic AI systems (LLM pipelines, tool-calling agents, multi-step workflows) produce rich operational data — model calls, tool invocations, memory reads, guardrail decisions, cost accrual, PII exposure — but there is no shared vocabulary for this data. Each vendor invents its own schema, creating lock-in and making cross-tool analysis impossible.

SPANFORGE provides the missing standard: a minimal, extensible envelope that covers the full lifecycle of an AI event while remaining compatible with OpenTelemetry spans.

Core Concepts

1. Event Envelope

Every SPANFORGE event is a JSON object with the following top-level fields:

FieldTypeRequiredDescription
event_idstring (UUID v4)Globally unique event identifier
schema_versionstring (semver)Schema version, e.g. "1.0.0"
namespacestringEvent type namespace (see §4)
timestampstring (ISO 8601 UTC)Event creation time
service_namestringEmitting service name
payloadobjectNamespace-specific data
trace_idstringParent trace identifier
span_idstringSpan identifier for this event
parent_span_idstringParent span for hierarchy
signaturestringHMAC-SHA256 over canonical form
redacted_fieldsarray[string]Fields redacted by PII filter
metaobjectArbitrary extension metadata

2. Canonical Form

The canonical form used for signing is the JSON object serialized with:

  • Keys sorted lexicographically (recursive)
  • No extra whitespace
  • UTF-8 encoding
  • signature field excluded from the signed body

3. HMAC Signing

signature = HMAC-SHA256(key=secret, msg=canonical_json_bytes).hex()

Chain integrity is verified by re-computing the signature and checking timestamp monotonicity across a sequence of events.

4. Namespaces

SPANFORGE defines 22+ built-in namespaces. Each namespace specifies the shape of payload:

Compliance & Governance

NamespaceDescription
consent.granted / consent.revoked / consent.violationData-subject consent lifecycle (GDPR Art. 22/25)
hitl.queued / hitl.reviewed / hitl.escalated / hitl.timeoutHuman-in-the-loop review workflow (EU AI Act Art. 14)
model_registry.registered / model_registry.deprecated / model_registry.retiredModel governance lifecycle (SOC 2 CC6.1, NIST MAP 1.1)
explanation.generatedDecision explainability record (EU AI Act Art. 13, NIST MAP 1.1)
audit.accessData access record
compliance.checkCompliance rule evaluation result

Instrumentation & Telemetry

NamespaceDescription
llm.callLLM request/response, token counts, model info
llm.streamStreaming token events
agent.decisionAgent reasoning step / tool selection
agent.executionTool execution result
agent.memoryMemory read/write operations
tool.callGeneric tool invocation
tool.resultTool execution outcome
guardrail.checkContent / safety filter evaluation
guardrail.blockBlocked request with reason
cost.usageToken cost accrual
cost.budgetBudget limit event
retrieval.queryRAG retrieval request
retrieval.resultRAG retrieval results
session.start / session.endSession lifecycle
error.exceptionException with stack trace

Custom namespaces MUST use reverse-DNS notation: com.example.my_namespace.

5. Schema Versioning

Short version:

  • MAJOR version bumps are breaking; implementations MUST reject events from future major versions
  • MINOR version bumps add fields; implementations MUST ignore unknown fields (be liberal in what you accept)
  • PATCH version bumps are documentation/clarification only

Reference Implementation

The spanforge Python package is the reference implementation of this RFC:

import spanforge

# Emit a compliant event
event = spanforge.Event(
    namespace="llm.call",
    payload={"model": "gpt-4o", "prompt_tokens": 512, "completion_tokens": 128},
    service_name="my-agent",
)
print(event.to_dict())

Backward Compatibility

All changes to this RFC go through the RFC amendment process:

  1. Open a GitHub Issue with the rfc-amendment label
  2. Discussion period of minimum 14 days
  3. Two maintainer approvals required
  4. Schema version bump per semver rules

License

This RFC and the SPANFORGE schema are published under MIT License.

← Back to Library
Explore more

Browse the full research library

See all resources →
The methodology

See the five-phase lifecycle in full

Explore the platform →
Talk to SpanForge

Request a briefing for your team

Get in touch →