--- title: "Killinchu — Andean Drone Intelligence" emoji: 🦅 colorFrom: indigo colorTo: red sdk: docker app_port: 7860 pinned: true license: apache-2.0 ecosystem-stage: "operational" short_description: "Provenanced defense intel · 53-drone mesh · cosign-signed" tags: - killinchu - doctrine-v11 - defense - drone-intelligence - szl-holdings - agentic-ai - dsse - governance - provenance - apache-2.0 - counter-uas --- # killinchu — investor overview **749 declarations · 14 axioms · 163 sorries · Doctrine v11 LOCKED · kernel `c7c0ba17`** [Quickstart](#try-the-api) · [Docs](https://docs.szlholdings.com/flagships/killinchu) · [Cookbook](https://github.com/szl-holdings/szl-cookbook) · [Verify](#verify--supply-chain) · [Cite](#cite-this-work) · [Releases](https://github.com/szl-holdings/killinchu/releases) killinchu fuses drone health, space weather, and seismic threat onto one canvas. Live MQ-9 telemetry, NOAA space-weather feeds, and USGS seismic data — today split across five silos — become a single signed threat picture. Every fused reading carries a post-quantum Khipu receipt. ## Architecture ```mermaid flowchart LR D[MQ-9 telemetry] --> F[killinchu fusion] N[NOAA space weather] --> F U[USGS seismic] --> F F --> T[Active threat board] T --> R[PQC-signed receipt] ``` ## What it does - Fuses live MQ-9 drone telemetry, NOAA space weather, and USGS seismic feeds. - Real adversary signatures drive a live active-threat board. - Every fused reading signs a post-quantum Khipu receipt. ## Why it matters Threat data lives in five disconnected silos, so the operator never sees the whole picture in time. killinchu fuses them into one canvas with a signed provenance trail — the difference between situational awareness and situational guesswork for drone, space-weather, and seismic threat. ## Live demo ▶ **[Open the 90-second investor walkthrough](https://szlholdings-killinchu.hf.space/demo)** — narrated, animated, no jargon. Watch a real endpoint call sign a Khipu receipt live, then open the console yourself. ## Try the API ```bash curl -s https://szlholdings-killinchu.hf.space/api/killinchu/v1/threats/active ``` ```bash curl -s https://szlholdings-killinchu.hf.space/api/killinchu/v1/drones/database ``` ```bash curl -s https://szlholdings-killinchu.hf.space/api/killinchu/v1/lambda ``` ## Cite this work This work is archived on Zenodo. Concept DOI: **[10.5281/zenodo.20434276](https://doi.org/10.5281/zenodo.20434276)**. Architecture grounded in: Hickok & Poeppel 2007 · Hickok 2025 *Wired for Words*. ```bibtex @software{szl_killinchu_2026, author = {Lutar, Stephen P.}, title = {killinchu: Andean drone intelligence --- a formally-governed counter-UAS rule engine}, year = {2026}, publisher = {SZL Holdings}, version = {v1.0.0}, url = {https://github.com/szl-holdings/killinchu}, doi = {10.5281/zenodo.20434276}, note = {Doctrine v11 LOCKED 749/14/163, kernel c7c0ba17} } ``` ## Compliance | Standard | Status | |:--|:--| | SLSA | **L1 + L2 build provenance attested** — signed in-toto SLSA provenance v1 (`actions/attest-build-provenance@v2`), GitHub-hosted builder. Private repo ⇒ verify via `gh attestation verify` (GitHub trust domain). | | NDAA Section 889 | covered vendors = exactly 5 (Huawei, ZTE, Hytera, Hikvision, Dahua); attestation on file | | Packaging | ZARF + **UDS Core compatible** (Enterprise Agents lane) | | Signing | Cosign / DSSE — real ECDSA-P256 when the cosign secret is present, else honestly UNSIGNED | --- **Doctrine v11 LOCKED · 749 declarations · 14 axioms · 163 sorries · Λ Conjecture 1 · SLSA L1 + L2 build provenance attested · Sovereign-default** DCO signed-off. Co-Authored-By: Perplexity Computer Agent. © 2026 SZL Holdings · ORCID 0009-0001-0110-4173. --- ## Built with / learned from Our documentation and publication conventions were learned from open-source leaders — we adapted their *patterns*, not their words. Inspired by patterns from **Polymathic AI** ([the_well](https://github.com/PolymathicAI/the_well), [walrus](https://github.com/PolymathicAI/walrus)), **Anthropic**, **OpenAI** ([whisper](https://github.com/openai/whisper)), **Stripe** (docs craft), Google DeepMind ([alphafold3](https://github.com/google-deepmind/alphafold3)), Meta FAIR ([segment-anything](https://github.com/facebookresearch/segment-anything)), and Hugging Face ([transformers](https://github.com/huggingface/transformers)). We are a precision substrate, not a vibes company. ## Verify — supply chain Public, one-command provenance for the signed UDS image behind this Space. ```bash # Image: ghcr.io/szl-holdings/killinchu:uds-v0.2.0 (sha256:dedfc3…718a) cosign verify ghcr.io/szl-holdings/killinchu:uds-v0.2.0 \ --certificate-identity-regexp="^https://github.com/szl-holdings/" \ --certificate-oidc-issuer="https://token.actions.githubusercontent.com" ``` **Cosign image signature — Rekor transparency log:** entry [`#1710339915`](https://search.sigstore.dev/?logIndex=1710339915) — public, append-only, independently auditable. **SLSA L2 build provenance (verify).** The image ships a signed in-toto **SLSA provenance v1** attestation produced by `actions/attest-build-provenance@v2` on a GitHub-hosted builder. killinchu is a **private** repo, so its build attestation is issued under the GitHub Fulcio trust domain (RFC3161 signed timestamp) rather than the public Sigstore Rekor log — verify it with GitHub's native tooling: ```bash gh attestation verify oci://ghcr.io/szl-holdings/killinchu:uds-v0.2.0 --owner szl-holdings ``` > Doctrine v11 LOCKED · 749/14/163 · Λ Conjecture 1 · SLSA L1 + L2 build provenance attested (verifiable via `gh attestation verify`) · Apache-2.0 · DOI [10.5281/zenodo.20434276](https://doi.org/10.5281/zenodo.20434276). --- *Doctrine v11 LOCKED · 749/14/163 · kernel c7c0ba17 · Λ = Conjecture 1 · SLSA L1 honest + L2 attested*