The ai.market Protocol
A non-custodial marketplace protocol where data and compute assets are discovered centrally but delivered peer-to-peer. The platform never touches your payloads.
How It Works
Central discovery, direct delivery
List
Local Processing
Sellers install AIM-Data (for datasets) or AIM-Node (for models and pipelines) on their own infrastructure. An embedded AI assistant profiles the asset locally - detecting PII, scoring quality, generating descriptions and metadata. Only the metadata is published to ai.market. Raw data and model weights never leave the seller's servers. Both AIM-Data and AIM-Node are open source.
Discover
Marketplace Matching
Buyers and AI agents search ai.market's catalog using semantic search, filters, and structured queries. Every listing includes AI-generated quality scores, schema previews, and sample metadata - enough to evaluate fit without exposing the underlying asset.
Transact
Platform Billing
When a buyer commits, ai.market handles authentication, payment processing, and billing. The seller receives a cryptographically signed delivery token scoped to the specific transaction - time-limited, single-use, and auditable.
Deliver
Peer-to-Peer
The buyer's system connects directly to the seller's AIM-Data or AIM-Node instance using the delivery token. Data flows point-to-point over an encrypted channel. ai.market never proxies, caches, or stores the payload.
What the Platform Does
Discovery: Semantic search, category browsing, and AI agent-accessible APIs for finding assets
Authentication: Identity verification, API key management, and OAuth for all participants
Trust: Cryptographic delivery tokens, mutual verification between nodes, session-scoped access
Billing: Payment processing, usage metering, and seller payouts at 5% marketplace fee
Observability: Transaction traces, delivery confirmations, and audit logs
What the Platform Does NOT Do
Store data: No raw datasets, model weights, or pipeline outputs ever transit ai.market servers
Proxy requests: Compute and data requests flow directly between buyer and seller nodes
Access payloads: Delivery tokens are opaque to the platform - only the endpoints can decrypt them
Lock in sellers: AIM-Data and AIM-Node are open, self-hosted tools - sellers own their infrastructure
Encryption & Security
Security primitives designed for non-custodial delivery
The platform coordinates trust, authentication, and billing without taking custody of datasets, weights, or pipeline outputs.
DEVICE IDENTITY
Every AIM-Data and AIM-Node instance generates an Ed25519 keypair locally during first setup. The private key is stored in a passphrase-protected keystore on the device - it never leaves the seller's infrastructure. The corresponding public key is registered with ai.market during device enrollment. All subsequent operations - publishing listings, signing delivery receipts, reporting traces - are authenticated by Ed25519 signatures verified against the registered public key.
TRUST CHANNEL
Communication between nodes and the platform uses W3C Verifiable Credentials with Ed25519Signature2020 proofs. Every message in the trust channel is wrapped in a signed credential envelope containing the event payload, a cryptographic signature, a timestamp, and a replay-prevention nonce. The platform maintains an Ed25519 signing key and an X25519 key exchange key for secure bidirectional communication.
DATA AT REST
API keys are encrypted using Fernet symmetric encryption (AES-128-CBC with HMAC-SHA256 authentication), with keys derived via HKDF from the platform secret. TOTP secrets for two-factor authentication use AES-256-GCM authenticated encryption. Passwords are hashed with bcrypt. No raw data payloads are ever stored on the platform.
TRANSPORT SECURITY
All API traffic is served over HTTPS with TLS. Platform JWTs use HMAC-SHA256 signing for session tokens. Device-to-platform authentication uses Ed25519-signed JWTs - a separate, stronger signing mechanism than the platform session tokens. Key rotation is supported with a 24-hour grace period to prevent service interruption during rollover.
TRUST SCORING
Each node maintains a dynamic trust score computed from uptime history, key rotation compliance, successful delivery confirmations, and behavioral signals over a rolling 30-day window. Trust scores are visible to buyers and influence search ranking.
The Stack
Platform responsibilities are explicitly separated
| Component | Role | Who Runs It |
|---|---|---|
| ai.market | Discovery, auth, billing, trust tokens | ai.market (cloud) |
| AIM-Data | Dataset management, local AI profiling, P2P delivery | Sellers (self-hosted) |
| AIM-Node | Model/pipeline serving, compute metering, P2P execution | Providers (self-hosted) |
| allAI | Embedded AI for metadata generation and quality scoring | Runs inside AIM-Data/AIM-Node |
For Developers
API-first by design
The protocol is API-first. Every interaction - listing, searching, purchasing, delivering - is available as a REST endpoint. AI agents can discover and transact with data and compute assets programmatically without human intervention.