Frequently Asked Questions

DeliveryTag is a protocol for auditable deliverability verification of 24/7 Carbon-Free Energy (CFE) claims. It extends the EnergyTag Granular Certificate with nodal attribution and evidentiary proof. EnergyTag certifies hourly matching; DeliveryTag adds nodal attribution and PTDF-based deliverability inference.

RECs and GOs certify that a clean MWh was generated in a specific hour. DeliveryTag adds auditable deliverability evidence: nodal attribution and PTDF-based corridor inference supporting the claim that the MWh was physically deliverable to the buyer’s transmission node under current grid topology, cross-checked by a 7-layer hardware-signed sensor stack (Hepta-Validation).

Mode A (Nodal Attribution) covers ~80% of hours where corridors are uncongested; PTDF verification alone is sufficient. Mode B (Physical Electron Swap) covers ~20% of hours where corridors are congested; flex-load curtailment frees corridor capacity and full Hepta-Validation plus the Opportunity Cost Oracle is required.

A structured cryptographic data object that reconciles the TSO merit-order log, the PTDF matrix row, flex-curtailment telemetry, and the counterfactual LME calculation. Every DeliveryTag carries one. See §4.8.

Yes, and DeliveryTag does not claim to do that. In an AC grid electrons oscillate rather than travel; there is no meaningful identity to a single charge carrier between injection and withdrawal. DeliveryTag supports auditable deliverability inference, not particle tracking. The relevant physics is network flow (Kirchhoff's laws + PTDF), not quantum mechanics.

A DeliveryTag carries three independent evidentiary inputs designed to support the conclusion that the claimed clean-energy event physically occurred and was deliverable to the buyer's node: (1) PTDF-weighted corridor attribution using TSO-published grid-physics data (the same matrices the system operator uses for dispatch and settlement); (2) a causal dispatch proof reconciling the merit-order log, curtailment telemetry, and counterfactual LME; and (3) Hepta-Validation, seven hardware-verified sensor layers (electrical, thermal, magnetic, acoustic, spatial/SAR, emissions, economic) cross-checking the event at the source. Together they support the answer to "did power flow through this corridor to this node at this hour?" at a level suitable for third-party assurance under ISAE 3000.

Physical Integrity Node. Tamper-evident hardware with a CRYSTALS-Dilithium secure element (NIST FIPS 204) that signs sensor bundles at the source. Comes in two types: S-PIN (supply-side, generator or flex-load) with full Hepta stack, and D-PIN (demand-side, buyer POI) with Tri-Sensor stack.

Three required layers: Electrical (IEC 62053-22 Class 0.2S meter), Magnetic (fluxgate magnetometer), Frequency (50/60 Hz analyzer). One optional: Thermal (FLIR). Layers 4–7 (Acoustic, Spatial, Emissions, Economic) are S-PIN-only.

No. The D-PIN sits on the buyer’s side of the utility meter, same regulatory category as a commercial power-quality monitor. Required: UL/CE hardware certification, licensed electrician, local electrical inspector. Not required: utility approval, PUC/FERC filing, TSO interconnection study.

4 to 8 hours of physical install per site; 1 week end-to-end including electrical inspector sign-off and Accredited Signer commissioning. Hyperscalers can deploy in parallel across a global portfolio.

The secure element zeroises the Dilithium private key. All subsequent signed bundles are invalid. A new AssuranceAccreditation VC from the Accredited Signer is required to re-commission.

DeliveryTag is architected to satisfy the evidentiary elements of WRI Alternate Methodology 2 (Section 5.1.2 of the 2025 consultation draft). Official recognition by WRI, SBTi, or any specific reporting framework has not been granted; our mapping is submitted as a candidate reference approach. See §3.4 and the live tracking at deliverytag.org/regulatory-watch.

Yes. The same DT-F certificate serves all five frameworks without re-issuance or re-verification because it carries the union of their evidence requirements natively. See §3.4.4.

A party qualified to issue a reasonable-assurance opinion under ISAE 3000 or equivalent. Intended scope includes Big 4 audit practices and ISO 14065 / IAF-MLA accredited validation bodies. Engagement of specific signers is contractual and will be disclosed only once in place. Replaces the legacy CDM-era “VVB” label. Principle 33.

Yes. A Big 4 ISAE 3000 reasonable-assurance opinion over the Guardian policy is a supported audit pathway. Tier 1 deployments are designed for reasonable assurance; Tier 2 for limited assurance.

Three demand-side proof configurations. Tier 1 (Full Hepta, D-PIN present, reasonable assurance). Tier 2 (Attested Meter, Accredited Signer attestation, limited assurance). Tier 3 (Registry-only, operational claims only). Principle 35.

No. Only mandatory for Tier 1 (default for hyperscaler 24/7 CFE, regulated 45V hydrogen, Big 4-audited corporate Scope 2). Transitional buyers can use Tier 2 with an attested utility meter during 2026 to 2028.

A single buyer can register multiple D-PINs under one Buyer DID. Each D-PIN binds to its own TSO interconnection node. Guardian policy routes each DT-F to the D-PIN whose node matches the certificate. See §4.11.2.

Q4 2026. One EU reference architecture (~300 MW industrial flex cluster under ENTSO-E) and one US reference architecture (~170 MW industrial DR pool in PJM). Acceptance criteria listed in §10.

Pricing methodology: Two-mode tariff. Mode A applies during uncongested hours (the majority); Mode B applies during congested hours where physical-electron swap evidence is required. Final per-MWh rates and tier-based cancellation costs are to be defined with pilot partners and the Foundation board. Hardware (D-PIN) and audit (Accredited Signer / ISAE 3000) costs amortise across each reporter’s annual volume.

FRAND (Fair, Reasonable, Non-Discriminatory) through the Integrity Protocol Foundation (Swiss Stiftung, Zug). Two USPTO patents pending: 64/023,803 (DSEE) and 64/023,364 (T-NAC).

The Integrity Protocol Foundation, a Swiss Stiftung in formation. Correspondence address: Baarerstrasse 135, 6300 Zug, Switzerland. Trustees will be appointed for fixed terms; once registered, the Foundation will hold the specification and associated IP on behalf of the industry.

The public consultation phase runs through Q3 2026. Contact k@integrity.farm for technical review calls, working-group participation, or pilot partnership conversations.

On the Managed Guardian Service testnet indexer, inspectable without credentials: indexer.guardianservice.app/vc-documents/1776463652.420668534