Skip to main content

The Problem With Prompts

Prompt engineering today is artisanal. There is no standard way to version a prompt, verify its integrity, or detect when it has been tampered with. Copy a prompt between systems and you have no guarantee it is the same prompt. Teams managing prompt libraries rely on git diffs and human review — no cryptographic identity, no tamper detection, no reproducible builds.

STRATT’s Approach

Every prompt unit in STRATT carries a Blake3 fingerprint computed from a normative, standards-aligned algorithm. Change one character in the prompt and the fingerprint changes. Move the prompt between systems, recompute the fingerprint, and verify integrity. The algorithm is public, deterministic, and machine-verifiable — no trust required, only computation.

How It Works

Five stages: parse YAML with a pinned parser configuration, transform the object (exclude self-referential fields, remove nulls, normalise Unicode to NFC), produce canonical JSON with keys sorted per RFC 8785, encode to UTF-8, and hash with Blake3. The spec ships with 14 test vectors covering every unit type and edge case. Pass the vectors and your implementation is conforming — guaranteed to produce the same fingerprints as every other conforming implementation.

Key Messages

  • “Prompt identity, not prompt hope” — every unit has a cryptographic fingerprint that changes if anything changes. Tamper detection is automatic.
  • “Standards-aligned, YAML-native” — the JSON canonicalisation stage follows RFC 8785. The YAML-to-JSON bridge is the novel contribution, fully specified with test vectors.
  • “Spec before code” — the algorithm was frozen as a normative specification before any implementation was written. Interoperability by construction.

Status

The canonical serialisation specification (stratt-canonical-v1) is frozen as of 2026-03-28. It resolves UA-06 (critical path dependency #1) and unblocks stratt publish, the command that ships the entire prompt architecture. This is a potential campaign narrative — the technical foundation is complete, but external positioning should follow the CLI alpha launch.