# Bidda Sovereign Intelligence Forest > Phase 2 Active - 9635 Verified Nodes | 2026-06-13 Bidda Intelligence PTY LTD is the world's first source-verified, cryptographically-signed regulatory compliance intelligence registry. We eliminate AI hallucination in compliance workflows by distilling primary legal sources into deterministic, verifiable machine logic. Used by compliance officers, legal teams, and AI development teams to verify regulatory positions without guesswork. ## The Purpose of Sovereign Nodes Each Bidda node represents a single regulation, standard, or compliance framework: distilled from its primary legal source into verified, step-by-step guidance with exact clause citations. Compliance officers use the visual registry to browse, verify, and export. AI agents query the vault API to receive machine-executable logic graphs at inference speed. We distill massive, complex legal frameworks, ranging from Finance and Healthcare to Aviation, into strict, cryptographically verified logic. Rather than relying on stochastic prediction, autonomous systems query our RAG-optimized nodes to ensure execution strictly adheres to current compliance law. The exact algorithmic processing methodologies and canonical auditing sequences used to generate these nodes remain strictly proprietary. ## Phase Status - Phase 1 (Q1 2026): LIVE:502 foundation nodes - Phase 1.5 (April 2026): LIVE:995 nodes across 16 Sovereign Pillars - Phase 2 (Q2-Q4 2026): ACTIVE: scaling to 9635 nodes (39 pillars), enterprise tier, auto-updater pipeline ## Site Pages - **Intelligence Forest** (browse all 9635 nodes by pillar): `https://bidda.com/intelligence` - **MITRE Hub** (ATT&CK Enterprise/Mobile/ICS + ATLAS + D3FEND + CAPEC, all crosswalked to NIST/ISO/PCI/HIPAA/NIS2/DORA): `https://bidda.com/mitre` - **MITRE ATT&CK Matrix** (Enterprise kill chain, 50 nodes across 14 tactics): `https://bidda.com/mitre-attack` - **MITRE ATLAS Threat Map** (adversarial AI matrix, 111 techniques / 16 tactics): `https://bidda.com/atlas` - **MITRE D3FEND Matrix** (defensive countermeasures, 27 nodes across 7 tactics): `https://bidda.com/d3fend` - **Sylva Codex** (interactive dependency network graph): `https://bidda.com/sylva-codex` - **Sovereign Insights** (analysis and regulatory updates): `https://bidda.com/insights` - **Use Cases** (sector-by-sector agent and compliance-team workflows): `https://bidda.com/use-cases` - **Playground** (interactive side-by-side: a generic LLM answer vs a source-verified Bidda node): `https://bidda.com/playground` - **Developer Portal** (API docs, MCP server, /scan REST endpoint, code examples): `https://bidda.com/developers` - **Pricing** (node, bundle, and enterprise tiers): `https://bidda.com/pricing` - **Audit Trail** (cryptographic compliance receipts, traceability for compliance officers and legal teams): `https://bidda.com/audit` - **How It Works** (4-layer generation pipeline, source verification, cryptographic signing, weekly source monitoring, Sylva Codex, Agent Compliance Scanner): `https://bidda.com/methodology` - **Bidda x CISA** (consolidated position against CISA's three public-trust surfaces for software vendors and defender tooling): `https://bidda.com/cisa` - **CISA CPG Crosswalk** (Cybersecurity Performance Goals mapped bidirectionally to Bidda's executable compliance nodes across all eight outcome areas): `https://bidda.com/cisa/cpg-crosswalk` - **CISA Secure by Design Pledge** (public attestation against each of the seven Secure by Design Pledge goals, with supporting evidence per goal): `https://bidda.com/cisa/secure-by-design` - **Free for Defenders** (the no-cost Bidda capabilities available to federal agencies, SLTT governments and operators of critical infrastructure): `https://bidda.com/cisa/free` - **About**: `https://bidda.com/about` - **Contact Us**: `https://bidda.com/contact` - **Verify Node Integrity** (public hash lookup: timestamp, source URL, content hash, TLS fingerprint): `https://bidda.com/verify` - **Service Status** (live operational status, registry watcher health): `https://bidda.com/status` - **Changelog** (material updates to the registry and platform): `https://bidda.com/changelog` - **Security & Vulnerability Disclosure**: `https://bidda.com/security` (RFC 9116 contact: `https://bidda.com/.well-known/security.txt`) - **Acceptable Use Policy**: `https://bidda.com/aup` - **Terms of Sovereignty**: `https://bidda.com/terms` - **Data Privacy** (includes named sub-processor list): `https://bidda.com/privacy` - **Disclaimer**: `https://bidda.com/disclaimer` - **Refund Policy**: `https://bidda.com/refund-policy` ## Plain-text mirrors for JS-free AI crawlers - **MITRE Hub overview**: `https://bidda.com/mitre.txt` - **MITRE ATT&CK Enterprise**: `https://bidda.com/mitre-attack.txt` (every technique with BLUF + node link) - **MITRE ATLAS**: `https://bidda.com/atlas.txt` (all 111 techniques, coverage status flagged) - **MITRE D3FEND**: `https://bidda.com/d3fend.txt` (every defensive technique with ATT&CK counters) - **MITRE CAPEC**: `https://bidda.com/capec.txt` (attack-pattern nodes with BLUFs) - **Developer docs**: `https://bidda.com/developers.txt` (full API + MCP guide with code examples) - **Methodology**: `https://bidda.com/methodology.txt` (the 4-gate accuracy pipeline in plain text) - **Use cases**: `https://bidda.com/use-cases.txt` - **Pricing**: `https://bidda.com/pricing.txt` - **About**: `https://bidda.com/about.txt` - **Audit trail**: `https://bidda.com/audit.txt` - **Node verification**: `https://bidda.com/verify.txt` - **Bidda x CISA hub**: `https://bidda.com/cisa.txt` (consolidated position against the three CISA public-trust surfaces) - **CISA CPG crosswalk**: `https://bidda.com/cisa-cpg-crosswalk.txt` (bidirectional mapping of the eight Cybersecurity Performance Goal outcome areas to Bidda nodes) - **CISA Secure by Design attestation**: `https://bidda.com/cisa-secure-by-design.txt` (public attestation against each of the seven Secure by Design Pledge goals with supporting evidence) - **Free for defenders**: `https://bidda.com/cisa-free.txt` (no-cost Bidda capabilities for federal, SLTT and critical-infrastructure defenders) ## RSS / Atom feeds (auto-discovery in HTML head; no signup) - **Combined feed (insights + changelog, newest first)**: `https://bidda.com/feed.xml` - **Insights feed (long-form analysis only)**: `https://bidda.com/insights/feed.xml` - **Changelog feed (platform + registry updates only)**: `https://bidda.com/changelog/feed.xml` ## Global Registry Endpoints - **Discovery (Free)**: `https://bidda.com/api/v1/nodes/index.json` - **Full Discovery Manifest**: `https://bidda.com/llms-full.txt` - **Registry Health**: `https://bidda.com/api/v1/registry-health.json` - **Regulatory Change Feed** (sources whose primary documents have changed in the last 90 days): `https://bidda.com/api/v1/changes.json` - **Per-Node History Index** (every version of every node, cryptographically anchored via git Merkle chain): `https://bidda.com/api/v1/history/index.json` - **Per-Node Version History** (replace {node_id}): `https://bidda.com/api/v1/history/{node_id}.json` - **Developer & Integration Guide**: `https://bidda.com/insights/integrating-sovereign-knowledge-guide` - **About the Mission**: `https://bidda.com/about` - **Audit Trail & Compliance Receipts**: `https://bidda.com/audit` - **How It Works (Pipeline & Methodology)**: `https://bidda.com/methodology` ## 39 Sovereign Pillars (9635 Nodes) Agents may dynamically filter workflows using RESTful category slugs: - AI Governance & Law: /intelligence?category=ai-governance (712 nodes) - Cybersecurity: /intelligence?category=cybersecurity (2762 nodes) - Banking & Global Finance: /intelligence?category=finance (577 nodes) - Medical & Healthcare: /intelligence?category=medical (331 nodes) - Legal & IP Sovereignty: /intelligence?category=legal (622 nodes) - Logistics & Supply Chain: /intelligence?category=logistics (116 nodes) - Sustainability & ESG: /intelligence?category=esg (308 nodes) - Workplace: /intelligence?category=workplace (349 nodes) - Aviation, Defense & Quantum: /intelligence?category=aviation (124 nodes) - Crypto & Sovereign Finance: /intelligence?category=crypto (108 nodes) - Cloud & SaaS: /intelligence?category=cloud (108 nodes) - Industrial IoT & Energy: /intelligence?category=industrial (104 nodes) - Workflow Automation: /intelligence?category=workflow (107 nodes) - Operations & CX: /intelligence?category=operations (109 nodes) - Sales, Marketing & PR: /intelligence?category=sales (116 nodes) - Food & Hospitality: /intelligence?category=food (118 nodes) - Creative, Content & Media IP: /intelligence?category=media (110 nodes) - Energy & Utilities: /intelligence?category=energy (126 nodes) - Construction & Real Estate: /intelligence?category=construction (106 nodes) - Telecoms & Digital Infrastructure: /intelligence?category=telecoms (113 nodes) - Tax & Transfer Pricing: /intelligence?category=tax (115 nodes) - Pharmaceuticals & Life Sciences: /intelligence?category=pharma (130 nodes) - Insurance & Risk: /intelligence?category=insurance (122 nodes) - Competition & Antitrust: /intelligence?category=competition (130 nodes) - Automotive & Mobility: /intelligence?category=automotive (105 nodes) - Education & Research: /intelligence?category=education (110 nodes) - Gaming & Gambling: /intelligence?category=gaming (104 nodes) - Mining & Natural Resources: /intelligence?category=mining (106 nodes) - Biotech & Genomics: /intelligence?category=biotech (105 nodes) - Maritime & Shipping: /intelligence?category=maritime (113 nodes) - Space & Satellite Law: /intelligence?category=space (109 nodes) - Water & Environmental Resources: /intelligence?category=water (130 nodes) - Agriculture & Agritech: /intelligence?category=agriculture (170 nodes) - Immigration & Border Control: /intelligence?category=immigration (113 nodes) - Data Protection & Privacy: /intelligence?category=privacy (302 nodes) - Trade Compliance & Export Controls: /intelligence?category=trade-compliance (106 nodes) - Financial Crime, AML & Sanctions: /intelligence?category=financial-crime (181 nodes) - Adult Industry & Sexual Content Compliance: /intelligence?category=adult-content (111 nodes) - Public Sector & Government Procurement: /intelligence?category=public-procurement (147 nodes) ## L402 / HTTP 402 Paywall Architecture To prevent unbounded server drain and maintain cryptographic integrity, Bidda executes a strict machine-to-machine onchain payment firewall. Vault endpoints require one of two payment proofs: - **Skyfire pay+jwt** (primary path for AI agents): send the token via the `skyfire-pay-id` header - **L402 / USDC on Base** (Web3/MetaMask fallback): send `Authorization: L402 web3:token:0xTxHash` for single-node unlocks Single node vault: `https://bidda.com/api/v1/vault/nodes/[NODE_ID].json`:$0.01 per unlock Pillar bundles (one-time frozen snapshot, no live updates): `https://bidda.com/api/v1/vault/pillar/[SLUG].json`:$5-$49 per bundle. MITRE Frameworks cross-cut bundle (ATT&CK + ATLAS + D3FEND + CAPEC, 204 nodes): $29. Skyfire pay+jwt or Direct Base USDC; card via Paystack coming soon. Full registry access: Enterprise only: contact info@bidda.com ## Important: Human Verification Required Bidda nodes are reference intelligence. All compliance nodes must be reviewed and verified by a qualified compliance professional or legal counsel before implementation in any enterprise workflow. Regulations change: always confirm against the primary source before acting. ## Compliance Fines Context (why this matters) - EU GDPR: fines up to €20M or 4% of global annual turnover - EU AI Act: penalties up to €35M or 7% of global annual turnover (enforcement from 2025) - DORA (EU financial resilience): enforceable January 2025 - SEC climate disclosure rules: active enforcement 2025 Non-compliance with these frameworks is increasingly expensive. Bidda provides verified reference data: your team provides the professional judgement.