// How it works

Consent, made checkable.

LLMConsent turns "please don't use my data without asking" into something a machine can actually honor: a signed token that says what is allowed, a check that every system runs the same way, and a record of what happened. Here is the whole thing, end to end.

01/ The shape of it

Three parties, one protocol between them.

A person grants consent. An AI system checks it before acting. Value and attribution flow back. The protocol is the neutral layer in the middle that no one party owns.

Person

Owns the data and the digital twin. Sets the terms.

consent token signed · scoped · revocable

LLMConsent

Grant, check, revoke. Verifies permission. Owns nothing, runs everywhere.

verified permission allow / deny + rate

AI system

Trains, infers, or acts as an agent, only within what was granted.

attribution & compensation flow back to the person

02/ The lifecycle

Walk a consent token through its life.

Every interaction runs the same five steps. Step through them and watch the record change.

Step 01 / 05

Grant

consent-record.lcs

subjectyou

grantinference

modelsany

attributeon, max 1%

compensate0.001 / 1k tok

expires24h

statusgranted

03/ A single request

What a system does before it touches your data.

The check is the heart of it. One call, one verifiable answer, the same for a hobby project and a frontier lab.

1
An agent wants to act. It needs to train on, infer from, or take an action with data that belongs to someone.
2
It calls checkConsent. The protocol looks up the token covering that data, permission, and model.
3

Token valid? If yes: returns allowed and the agreed rate. The action proceeds, attribution is recorded, usage is metered.

If no: returns denied. The action does not happen. No token, no permission.
4
Everything is logged. What was used, on whose authority, and within which limits. Attribution where it is measurable, bounded influence where it is not.

function trainModel(bytes32 dataHash) external {
    (bool allowed, uint256 rate) =
        llmConsent.checkConsent(msg.sender, dataHash, PERMISSION_TRAIN);
    require(allowed, "Training consent required");
    // proceed, then settle against `rate`
}
      

allowed, rate = llm_consent.check(data.hash, Permission.INFERENCE)
if not allowed:
    raise ConsentRequired("User consent needed")
result = model.run(data)         # then meter usage against `rate`
      

04/ The stack

Four standards, each building on the last.

Consent is the foundation. Everything above it inherits the same grant, check, and revoke guarantees.

LCS-004 Cross-Agent Memory Consent-governed memory pools that let agents share context across systems, so experien... LCS-003 Agent Permissions Capability-based security for autonomous agents: what they may do, how much they may sp... LCS-002 Digital Twin User-owned, persistent AI representations that evolve across interactions, with fine-gr... LCS-001 Core Consent Cryptographically-verifiable consent tokens that scope how data may be used for trainin...

Read the full standards

05/ Now the honest part

What is still being figured out.

Provenance is solvable: record consent when data enters a pipeline and you can prove it later. Exact influence inside trained weights mostly is not, which is why the token bounds influence instead of pretending to measure it. In the agentic world the picture flips and most use becomes traceable. We wrote about both, and we would rather show the open problems than hide them.

The attribution problem Read the spec Contribute