README.md

---
title: "Killinchu — Andean Drone Intelligence"
emoji: 🦅
colorFrom: gray
colorTo: indigo
sdk: docker
app_port: 7860
pinned: true
license: apache-2.0
short_description: "Provenanced defense intel · 53-drone mesh · cosign-signed"
tags:
  - doctrine-v11
  - defense
  - drone-intelligence
  - szl-holdings
  - agentic-ai
  - dsse
  - governance
  - provenance
  - apache-2.0
  - counter-uas
---
<!--
CRITICAL: This README requires YAML frontmatter at the TOP (above this comment).
HF Spaces returns CONFIG_ERROR (503) without it. Do NOT remove the --- block above
even when editing other sections. See /home/user/workspace/team/sentra-rescue/FRONTMATTER_GUARD.md
-->



# killinchu — investor overview

**749 declarations · 14 axioms · 163 sorries · Doctrine v11 LOCKED · kernel `c7c0ba17`**

[Quickstart](#try-the-api) · [Docs](https://docs.szlholdings.com/flagships/killinchu) · [Cookbook](https://github.com/szl-holdings/szl-cookbook) · [Verify](#verify--supply-chain) · [Cite](#cite-this-work) · [Releases](https://github.com/szl-holdings/killinchu/releases)

killinchu fuses drone health, space weather, and seismic threat onto one canvas. Live MQ-9 telemetry, NOAA space-weather feeds, and USGS seismic data — today split across five silos — become a single signed threat picture. Every fused reading carries a post-quantum Khipu receipt.

## Architecture

```mermaid
flowchart LR
  D[MQ-9 telemetry] --> F[killinchu fusion]
  N[NOAA space weather] --> F
  U[USGS seismic] --> F
  F --> T[Active threat board]
  T --> R[PQC-signed receipt]
```

## What it does

- Fuses live MQ-9 drone telemetry, NOAA space weather, and USGS seismic feeds.
- Real adversary signatures drive a live active-threat board.
- Every fused reading signs a post-quantum Khipu receipt.

## Why it matters

Threat data lives in five disconnected silos, so the operator never sees the whole picture in time. killinchu fuses them into one canvas with a signed provenance trail — the difference between situational awareness and situational guesswork for drone, space-weather, and seismic threat.

## Live demo

▶ **[Open the 90-second investor walkthrough](https://szlholdings-killinchu.hf.space/demo)** — narrated, animated, no jargon. Watch a real endpoint call sign a Khipu receipt live, then open the console yourself.

## Try the API

```bash
curl -s https://szlholdings-killinchu.hf.space/api/killinchu/v1/threats/active
```
```bash
curl -s https://szlholdings-killinchu.hf.space/api/killinchu/v1/drones/database
```
```bash
curl -s https://szlholdings-killinchu.hf.space/api/killinchu/v1/lambda
```

## Cite this work

This work is archived on Zenodo. Concept DOI: **[10.5281/zenodo.20434276](https://doi.org/10.5281/zenodo.20434276)**.
Architecture grounded in: Hickok & Poeppel 2007 · Hickok 2025 *Wired for Words*.

```bibtex
@software{szl_killinchu_2026,
  author    = {Lutar, Stephen P.},
  title     = {killinchu: Andean drone intelligence --- a formally-governed counter-UAS rule engine},
  year      = {2026},
  publisher = {SZL Holdings},
  version   = {v1.0.0},
  url       = {https://github.com/szl-holdings/killinchu},
  doi       = {10.5281/zenodo.20434276},
  note      = {Doctrine v11 LOCKED 749/14/163, kernel c7c0ba17}
}
```

## Compliance

| Standard | Status |
|:--|:--|
| SLSA | **L1 + L2 build provenance attested** — signed in-toto SLSA provenance v1 (`actions/attest-build-provenance@v2`), GitHub-hosted builder. Private repo ⇒ verify via `gh attestation verify` (GitHub trust domain). |
| NDAA Section 889 | covered vendors = exactly 5 (Huawei, ZTE, Hytera, Hikvision, Dahua); attestation on file |
| Packaging | ZARF + **UDS Core compatible** (Enterprise Agents lane) |
| Signing | Cosign / DSSE — real ECDSA-P256 when the cosign secret is present, else honestly UNSIGNED |

---

**Doctrine v11 LOCKED · 749 declarations · 14 axioms · 163 sorries · Λ Conjecture 1 · SLSA L1 + L2 build provenance attested · Sovereign-default**

DCO signed-off. Co-Authored-By: Perplexity Computer Agent. © 2026 SZL Holdings · ORCID 0009-0001-0110-4173.

---

## Built with / learned from

Our documentation and publication conventions were learned from open-source leaders — we
adapted their *patterns*, not their words. Inspired by patterns from **Polymathic AI**
([the_well](https://github.com/PolymathicAI/the_well), [walrus](https://github.com/PolymathicAI/walrus)),
**Anthropic**, **OpenAI** ([whisper](https://github.com/openai/whisper)), **Stripe** (docs craft),
Google DeepMind ([alphafold3](https://github.com/google-deepmind/alphafold3)),
Meta FAIR ([segment-anything](https://github.com/facebookresearch/segment-anything)),
and Hugging Face ([transformers](https://github.com/huggingface/transformers)).
We are a precision substrate, not a vibes company.

<!-- VERIFY-SUPPLY-CHAIN -->
## Verify — supply chain

Public, one-command provenance for the signed UDS image behind this Space.

```bash
# Image: ghcr.io/szl-holdings/killinchu:uds-v0.2.0  (sha256:dedfc3…718a)
cosign verify ghcr.io/szl-holdings/killinchu:uds-v0.2.0 \
  --certificate-identity-regexp="^https://github.com/szl-holdings/" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"
```

**Cosign image signature — Rekor transparency log:** entry [`#1710339915`](https://search.sigstore.dev/?logIndex=1710339915) — public, append-only, independently auditable.

**SLSA L2 build provenance (verify).** The image ships a signed in-toto **SLSA provenance v1** attestation produced by `actions/attest-build-provenance@v2` on a GitHub-hosted builder. killinchu is a **private** repo, so its build attestation is issued under the GitHub Fulcio trust domain (RFC3161 signed timestamp) rather than the public Sigstore Rekor log — verify it with GitHub's native tooling:

```bash
gh attestation verify oci://ghcr.io/szl-holdings/killinchu:uds-v0.2.0 --owner szl-holdings
```

> Doctrine v11 LOCKED · 749/14/163 · Λ Conjecture 1 · SLSA L1 + L2 build provenance attested (verifiable via `gh attestation verify`) · Apache-2.0 · DOI [10.5281/zenodo.20434276](https://doi.org/10.5281/zenodo.20434276).