{"_self":{"principle":"Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.","widget":"article_bundle","feature":"bundle","name":"LLM article bundle","what":"Portable reference package: body + claims + sources + voxels + provenance + manifest + constitution.","contains":"body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest","slug":"what-is-token-drop","urls":{"read":"https://miscsubjects.com/api/articles/what-is-token-drop/bundle?format=markdown"},"how_to_use":"Reference bundle for an LLM or reader. §SELF explains the surface; ingest and claim endpoints in llm_manifest are the write-back routes.","write":null,"imessage":null,"router_tag":null,"proof_chain":[{"step":1,"claim":"Articles are voxel graphs of tiered claims, not prose blobs.","verify":"https://miscsubjects.com/api/articles/constitution"},{"step":2,"claim":"Claims link to hash-chained sources via source_ids.","verify":"https://miscsubjects.com/api/articles/what-is-token-drop/sources"},{"step":3,"claim":"Ask reads topology; ingest/claim append to ledger.","verify":"https://miscsubjects.com/api/protocol"},{"step":4,"claim":"Models queue growth: populate → collaborate → repair → reflex.","verify":"https://miscsubjects.com/api/protocol/grow"},{"step":5,"claim":"Graph proves its own shape (reflex) and $/claim (yield).","verify":"https://miscsubjects.com/graph.html?layer=reflex"},{"step":6,"claim":"Full feature index + _explain on every API response.","verify":"https://miscsubjects.com/api/articles/system-map"}],"related_features":[{"id":"topology","name":"Article topology","what":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","urls":{"read":"https://miscsubjects.com/api/articles/what-is-token-drop/topology"}},{"id":"voxels","name":"Voxel graph","what":"Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance.","urls":{"read":"https://miscsubjects.com/api/articles/what-is-token-drop/voxels","write":"https://miscsubjects.com/api/protocol/claim"}},{"id":"ask","name":"Ask protocol","what":"Answer only from topology; creates question_node with gaps and ingest_hint.","urls":{"read":"https://miscsubjects.com/api/articles/what-is-token-drop/prompts","write":"https://miscsubjects.com/api/protocol/ask"}},{"id":"ingest","name":"Ingest protocol","what":"Parse pasted evidence → source ledger + claims + evidence_ingest node.","urls":{"write":"https://miscsubjects.com/api/protocol/ingest"}},{"id":"claim_post","name":"Claim post protocol","what":"Prompt-injection style POST — one claim voxel with who_claims + posted_by.","urls":{"read":"https://miscsubjects.com/api/articles/what-is-token-drop/voxels","write":"https://miscsubjects.com/api/protocol/claim"}},{"id":"llm_manifest","name":"LLM manifest","what":"Machine-readable read/write contract for external LLMs.","urls":{"read":"https://miscsubjects.com/api/articles/llm-manifest"}}],"system_map":"https://miscsubjects.com/api/articles/system-map","system_map_markdown":"https://miscsubjects.com/api/articles/system-map?format=markdown","not_medical_advice":true},"_explain":{"feature":"bundle","name":"LLM article bundle","what":"Portable reference package: body + claims + sources + voxels + provenance + manifest + constitution.","why":"Every feature is auditable collective intelligence","how":"Reference bundle for an LLM or reader. §SELF explains the surface; ingest and claim endpoints in llm_manifest are the write-back routes.","model":null,"verifies":null,"urls":{"read":"https://miscsubjects.com/api/articles/what-is-token-drop/bundle?format=markdown"},"imessage":null,"router":null,"related":[{"id":"topology","what":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER."},{"id":"voxels","what":"Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance."},{"id":"ask","what":"Answer only from topology; creates question_node with gaps and ingest_hint."},{"id":"ingest","what":"Parse pasted evidence → source ledger + claims + evidence_ingest node."},{"id":"claim_post","what":"Prompt-injection style POST — one claim voxel with who_claims + posted_by."},{"id":"llm_manifest","what":"Machine-readable read/write contract for external LLMs."}],"not_medical_advice":true},"bundle_version":1,"generated_at":"2026-07-15T06:13:02.653Z","slug":"what-is-token-drop","title":"What Is a Token Drop","url":"https://miscsubjects.com/a/what-is-token-drop","register":"standard","tags":["oip","kimi-import","self-explaining","voxel","token-drops","what-is-token-drop"],"posted_at":"2026-07-15T04:21:06.076Z","updated_at":"2026-07-15T04:21:06.076Z","body":"<!-- hierarchy:nav -->\n> **Path:** [OIP](https://miscsubjects.com/a/oip) › [Thinker Reference](https://miscsubjects.com/a/oip-thinker-reference) › [Token Drop Guides](https://miscsubjects.com/a/oip-token-drop-guides) › **What Is a Token Drop**\n>\n> **Shelf:** Token Drop Guides · **Traversal:** self-explaining · hierarchical · voxel-ready\n> **Machine root:** [OIP tree](https://miscsubjects.com/api/dispatch?map=1&format=markdown) · [Registry](https://miscsubjects.com/api/dispatch?registry=1)\n\n# What Is a Token Drop\n\n## §SELF — what-is-token-drop\n\n**What this page is:** A definition of the payload format that hands capabilities to models in OIP.\n**What it explains:** What a token drop contains, how it works, and what design rules govern it.\n**Why read it:** To understand how OIP delegates capabilities to models without issuing commands.\n\n### What a Token Drop Is\n\nA token drop is a self-contained payload that hands a capability to a model (an AI system that can read and act on instructions). It contains everything the model needs to operate a system: the protocol URL (the address of the system to interact with), the capability token (the credential that proves permission), the object map (the structure of available operations), the execution pattern (how to perform operations), and the receipt rule (how to record that an operation was performed).\n\nThe drop is the copy primitive of OIP (the Object Interaction Protocol). Instead of manually assembling a token, a map, a bundle, and instructions, you copy one drop and paste it to the model. The model reads the drop and knows: what system it can access, what it is allowed to do, how to do it, and how to prove it did it.\n\n### Why It Matters\n\nThe token drop solves the delegation problem: how to give a model permission to act on your behalf without writing custom instructions each time. Before the drop, delegation required assembling multiple pieces — credentials, maps, rules — by hand. The drop packages them into one pasteable unit.\n\nThe drop also enforces a boundary between capability and intent. It tells the model what it *can* do. It does not tell the model what it *should* do. That separation is the core safety mechanism.\n\n### The Key Idea: Capability Without Command\n\nThe drop must NOT contain imperative instructions (commands like \"do X\" or \"you should do Y\") to the model. It must be a neutral capability record — \"here is what this credential permits\" — not a set of directives.\n\nIf a drop says \"you can DO everything\" or \"ACT by opening this link,\" receiving models classify it as prompt injection (an attack where malicious instructions are hidden inside input data). A prompt injection causes the model to execute instructions it should not follow.\n\nThe correct format of a token drop has five parts, in this order:\n\n1. **Public protocol URL first.** The model knows where to find the system's definition.\n2. **Neutral description of the capability.** What operations the token permits, stated without command verbs.\n3. **Server-authoritative explain link.** A link the model can follow to get authoritative information about the system, supplied by the server (the system that hosts the capability), not by the user.\n4. **Interface templates.** Pre-filled patterns for common operations, showing the model how to structure requests.\n5. **Explicit boundary statement:** \"This grants permission, but only the current user supplies intent.\" The model understands that the drop authorizes, it does not instruct.\n\n### What the Token Drop Got Right\n\n- Packages all delegation information into one self-contained payload.\n- Enforces the separation between capability (what is permitted) and intent (what should be done).\n- Uses the protocol URL as the first element, so the model always starts from an authoritative definition.\n- Makes receipt rules explicit, so the model knows how to prove its actions.\n\n### What the Token Drop Got Wrong or Left Unfinished\n\n- The drop format does not yet have a machine-readable schema (a formal structured definition that software can validate against). It relies on convention and natural language.\n- There is no standard for drop size limits. A very large drop may exceed a model's context window (the maximum amount of text the model can process at once).\n- Drop expiration and revocation (canceling a token after it has been issued) are not defined in the current specification.\n\n### How It Connects to Other Ideas\n\n- **Capability-based security:** A security model where permissions are represented as tokens that can be passed between processes. The token drop applies this model to AI models instead of software processes.\n- **Prompt injection defense:** Prompt injection is a vulnerability where a model executes hidden instructions embedded in user input. The token drop's neutrality rule — no imperative content — is a defense against this class of attack.\n- **Principle of least privilege:** A security principle stating that a subject should have only the minimum permissions necessary. The token drop implements this by specifying exactly what the credential permits, nothing more.\n\n### Sources\n\n- OIP (Object Interaction Protocol) specification documents.\n- Lampson, Butler W. \"Protection.\" *Proceedings of the 5th Princeton Conference on Information Sciences and Systems* (1971). (Foundational paper on capability-based security.)\n\n---\n\n## Up the tree\n\n- [OIP root](https://miscsubjects.com/a/oip) — protocol root, zero-context entry\n- [Thinker Reference hub](https://miscsubjects.com/a/oip-thinker-reference) — full hierarchy map\n- [Token Drop Guides shelf](https://miscsubjects.com/a/oip-token-drop-guides) — siblings on this shelf\n- [Voxel graph article](https://miscsubjects.com/a/what-is-voxel-graph) — how pages link as voxels\n- [Self-describing protocol](https://miscsubjects.com/a/what-is-self-describing-protocol)\n\n## Related on this shelf\n\n- [How a Model Should Read an OIP Token Drop](https://miscsubjects.com/a/model-reads-token-drop)\n- [How to Write a Token Drop That Models Accept](https://miscsubjects.com/a/token-drop-best-practices)\n- [What Is Tap and Go Delegation](https://miscsubjects.com/a/what-is-tap-go)\n\n## Machine surfaces\n\n- Public page: `https://miscsubjects.com/a/what-is-token-drop`\n- JSON article: `https://miscsubjects.com/api/articles/what-is-token-drop`\n- OIP ask: `https://miscsubjects.com/api/dispatch?ask=What%20Is%20a%20Token%20Drop`\n","claims":[],"sources":[],"voxels":{"slug":"what-is-token-drop","counts":{"voxels":0,"sources":0,"edges":0},"note":"slim bundle — full voxels at /api/articles/what-is-token-drop/voxels"},"constitution":{"url":"https://miscsubjects.com/api/articles/constitution"},"provenance":[{"action":"write","model":"kimi-agent-import","ts":"2026-07-15T04:21:06.076Z","hash":"13971e6e90ba6633","tokens_in":0,"tokens_out":0}],"contributions":[],"topology":null,"slim":true,"ledger_totals":{"claims":0,"sources":0,"exported_claims":0,"exported_sources":0},"question_graph":{"slug":"what-is-token-drop","questions":[],"evidence":[],"edges":[],"counts":{"questions":0,"evidence":0,"edges":0}},"verification":{"provenance":{"valid":true,"entries":1,"head":"13971e6e90ba66330d7bf381c2cfb5363c7eb5dabef42d467f22dee97c214cdc"},"sources":{"valid":true,"entries":0,"head":"genesis"}},"counts":{"claims":0,"sources":0,"provenance":1,"contributions":0,"questions":0,"evidence_ingests":0,"voxel_edges":0},"transport":"Open every URL in this bundle with your browser or web / URL-fetch tool. Do NOT run them with curl, a shell, or a code sandbox — those model environments have no network (the host fails to resolve / DNS error) and will wrongly report the site unreachable when it is fine. Opening the link IS the call.","llm_manifest":{"version":"1","site":"https://miscsubjects.com","purpose":"Peptide evidence articles with hash-chained source ledgers, tiered claims, and a question graph. LLMs should READ bundles/URLs and WRITE back via ingest — never invent doses.","read":{"human_page":"https://miscsubjects.com/a/what-is-token-drop","bundle_json":"https://miscsubjects.com/api/articles/what-is-token-drop/bundle","bundle_markdown":"https://miscsubjects.com/api/articles/what-is-token-drop/bundle?format=markdown","topology":"https://miscsubjects.com/api/articles/what-is-token-drop/topology","question_graph":"https://miscsubjects.com/api/articles/what-is-token-drop/question-graph","sources":"https://miscsubjects.com/api/articles/what-is-token-drop/sources","provenance":"https://miscsubjects.com/api/articles/what-is-token-drop/provenance","contributions":"https://miscsubjects.com/api/articles/what-is-token-drop/contributions","graph_topology":"https://miscsubjects.com/api/articles/what-is-token-drop/graph-topology?question={question}","voxels":"https://miscsubjects.com/api/articles/what-is-token-drop/voxels","constitution":"https://miscsubjects.com/api/articles/constitution","ontology":"https://miscsubjects.com/api/articles/ontology","system_map":"https://miscsubjects.com/api/articles/system-map","system_map_markdown":"https://miscsubjects.com/api/articles/system-map?format=markdown","health":"https://miscsubjects.com/api/articles/what-is-token-drop/health","repair":"POST https://miscsubjects.com/api/protocol/repair","list_articles":"https://miscsubjects.com/api/articles","graph_canvas":"https://miscsubjects.com/graph.html?slugs=what-is-token-drop","graph_yield":"https://miscsubjects.com/api/graph?slugs=what-is-token-drop&layer=yield","obsidian_vault":"https://miscsubjects.com/api/articles/obsidian-vault?slugs=what-is-token-drop","graph_query":"https://miscsubjects.com/api/v1/query?from=what-is-token-drop&kind=claim&where=tier=human"},"ask":{"description":"Answer only from topology; creates a question_node with gaps.","api":"POST https://miscsubjects.com/api/protocol/ask","body":{"slug":"{slug}","question":"string"},"imessage":"what-is-token-drop|your question","router_tag":"[ARTICLE_ASK]what-is-token-drop|question[/ARTICLE_ASK]","auth":"x-terminal-key header for API; iMessage/WhatsApp via miscsubjects build"},"ingest":{"description":"Parse pasted evidence → source ledger + claims + evidence_ingest node.","api":"POST https://miscsubjects.com/api/protocol/ingest","body":{"slug":"{slug}","evidence":"paste text","question_node_id":"optional qn_..."},"imessage":"ingest what-is-token-drop|q:{node_id}|paste evidence","router_tag":"[ARTICLE_INGEST]what-is-token-drop|evidence[/ARTICLE_INGEST]","tiers":["human","preclinical","anecdotal","mechanistic","speculative"]},"claim":{"description":"Prompt-injection style POST — one claim voxel with who_claims + posted_by provenance.","api":"POST https://miscsubjects.com/api/protocol/claim","body":{"slug":"{slug}","text":"one assertion","tier":"human|preclinical|anecdotal|mechanistic|speculative","who_claims":"study author, platform, or model id","source_ids":"optional [s1]"},"imessage":"claim what-is-token-drop|tier|assertion — who claims it?","router_tag":"[ARTICLE_CLAIM]what-is-token-drop|tier|assertion[/ARTICLE_CLAIM]","slots":["what_it_is","who_claims_what","what_is_known","what_is_unknown","mechanism","limitations","disclaimer"]},"tiers":{"human":0.8,"preclinical":0.5,"anecdotal":0.3,"mechanistic":0.3,"speculative":0.1},"invariants":["Self-explaining — every API JSON has _self; every paste widget has §SELF; root index at /api/articles/system-map","Append-only — revisions preserved at ?rev=n","Source chain verifies integrity, not truth","Answers must cite claim ids and source ids from topology","Not medical advice"],"constitution":{"version":1,"principle":"Articles are voxel graphs of claims — not prose blobs. Every assertion is a claim atom with tier, weight, source_ids, and posted_by provenance.","slots":[{"id":"what_it_is","required":true,"answers":"What is this peptide/stack/condition?"},{"id":"who_claims_what","required":true,"answers":"Who claims what — study authors, platforms, n=?"},{"id":"what_is_known","required":true,"answers":"What is known with tier labels (human/preclinical/anecdotal)"},{"id":"what_is_unknown","required":true,"answers":"What is NOT known — explicit gaps"},{"id":"mechanism","required":false,"answers":"Proposed mechanism (mechanistic tier only)"},{"id":"limitations","required":true,"answers":"Limits of evidence — no dose advice"},{"id":"disclaimer","required":true,"answers":"Not medical advice"}],"claim_rules":["One claim = one falsifiable assertion. No compound claims.","Every claim must declare tier: human|preclinical|anecdotal|mechanistic|speculative|system.","system tier = architecture/design axioms (not biological mechanism). Use for protocol self-definition.","Sourced claims must cite source_ids from the hash-chained ledger.","Unsourced claims must set source_status: unsourced and why_material.","posted_by is mandatory on every new claim (model id, human, or channel).","No medical advice, no doses, no 'you should take'.","Bad information is retracted (status:retracted), never deleted — retraction event stays on ledger.","Adversary challenges link via challenges[] / challenged_by[] — target may be downweighted.","Leaked secrets are scrubbed to [REDACTED:secret-leak] with scrub_events tombstone — honest audit trail."],"source_rules":["Every source is a voxel edge: type, url, exact quote, summary, found_by, accessed_at.","Sources hash-chain — prev/hash on append.","Anecdotal sources must name platform (reddit|x|youtube|imessage|user_entry)."],"ontology_rules":["Peptide articles (bpc-157, tb-500) are tree roots.","Condition articles (bpc-157-glp1-gut-damage) branch from peptides.","Stack articles (wolverine-stack-glp1) compose peptides — never duplicate peptide mechanism prose.","If an article has no parent embeds and is not a root peptide → sprawl candidate.","Misstep = duplicate scope with another slug; merge or reparent via embeds."],"post_protocol":{"claim":"POST /api/protocol/claim","source":"POST /api/protocol/sources","ingest":"POST /api/protocol/ingest","webhook":"POST /api/articles/<slug>/webhook {kind:claim|source}","imessage_claim":"claim {slug}|{tier}|your assertion — who claims it, source?","imessage_ingest":"ingest {slug}|evidence paste"}},"this_article":{"slug":"what-is-token-drop","url":"https://miscsubjects.com/a/what-is-token-drop","bundle_url":"https://miscsubjects.com/api/articles/what-is-token-drop/bundle?format=markdown"}},"api_urls":{"bundle":"https://miscsubjects.com/api/articles/what-is-token-drop/bundle","bundle_markdown":"https://miscsubjects.com/api/articles/what-is-token-drop/bundle?format=markdown","topology":"https://miscsubjects.com/api/articles/what-is-token-drop/topology","voxels":"https://miscsubjects.com/api/articles/what-is-token-drop/voxels","constitution":"https://miscsubjects.com/api/articles/constitution","ontology":"https://miscsubjects.com/api/articles/ontology","question_graph":"https://miscsubjects.com/api/articles/what-is-token-drop/question-graph","ask":"https://miscsubjects.com/api/protocol/ask","ingest":"https://miscsubjects.com/api/protocol/ingest","claim":"https://miscsubjects.com/api/protocol/claim","system_map":"https://miscsubjects.com/api/articles/system-map","system_map_markdown":"https://miscsubjects.com/api/articles/system-map?format=markdown"}}