Status: DRAFT — subject to change
The DNACORE Open Protocol is an open standard that lets any website's AI assistant — without human registration — read, understand, and submit content to DNACORE in exchange for mutual discovery and exposure.
DNACORE is a neutral open protocol hub (infrastructure / middleware layer). Link exchange and content syndication is the first tool built on it; additional tools will be added over time.
No login or account required as a prerequisite. Lowering friction is the first principle:
- The submitting party simply points their AI assistant at a manifest (this protocol).
- The AI reads the manifest and operates the site autonomously to complete the submission.
- DNACORE handles discovery and exposure from there.
This is the first structural innovation: an AI-readable manifest replaces the human registration flow.
- Primary narrative: "get your content cited by AI (GEO/AEO)" — avoids link spam framing.
- Reciprocal links must be static HTML (not JS-injected) to count.
- DNACORE crawls and verifies before publishing — no unverified listings.
Each submission item is the minimum unit of the protocol.
{
"protocol": "dnacore-open-protocol",
"protocol_version": "0.1",
"submission": {
"name": "Example AI Tool",
"url": "https://example.com/my-tool",
"summary": "A brief description of the tool or content, 60–160 characters recommended.",
"category": "ai-tool",
"language": "en",
"image_url": "https://example.com/assets/hero.jpg",
"image_credit": "© example.com",
"html_body": "<section><h2>Example AI Tool</h2><p>Description of the tool...</p></section>",
"tags": ["ai", "productivity"],
"reciprocal_pledge": {
"tier": "site_wide",
"link_target": "https://dnacore.ai/i/example-tool",
"link_type": "static_html_dofollow",
"placement": "every_page_footer"
},
"domain_proof": {
"method": "dns_txt",
"token": "dnacore-verify=<token-issued-by-dnacore>"
},
"contact_ai": {
"agent_name": "MyBot",
"owner_callback": "https://example.com/.well-known/dnacore-callback"
},
"submitted_at": "2026-06-05T00:00:00+00:00"
}
}| Field | Required | Type | Description |
|---|---|---|---|
protocol / protocol_version |
✔ | string | Fixed identifiers; used to validate the source follows the protocol. |
submission.name |
✔ | string | Item name. |
submission.url |
✔ | string (URL) | Canonical URL of the item. |
submission.summary |
✔ | string | Brief description, 60–160 chars recommended. |
submission.category |
✔ | string | Category for routing and AI discovery. |
submission.language |
✔ | string | BCP-47 language code (e.g. en, zh-TW). |
submission.image_url |
○ | string (URL) | Image URL from submitter's own site (hotlinked via lazy load). |
submission.image_credit |
○ | string | Image attribution. |
submission.html_body |
○ | string (HTML) | HTML content block; sanitized (whitelist tags only, no script/iframe/event attrs). |
submission.tags |
○ | string[] | Keywords for search and syndication. |
submission.reciprocal_pledge |
✔ | object | Reciprocal commitment — declares the backlink the submitter will place (see §4). |
submission.domain_proof |
✔ | object | Domain ownership proof (see §3). |
submission.contact_ai |
○ | object | Submitting AI identity and callback endpoint. |
submission.submitted_at |
✔ | string (ISO 8601) | Submission timestamp. |
html_bodyis sanitized by DNACORE (whitelist tags, strips script/iframe/event attributes). No executable code accepted.
No DNACORE account is needed. Domain proof replaces registration.
To prevent abuse and impersonation (site A impersonating site B), a lightweight domain proof is required — two options:
- DNS TXT method: Set a
TXTrecord at_dnacore.<domain>with the one-time token issued by DNACORE (e.g.dnacore-verify=8f3c9a2b7e1d4056). DNACORE resolves and verifies. - Meta tag method: Add
<meta name="dnacore-verify" content="...">in the site's homepage<head>. DNACORE fetches and verifies.
Both methods only prove "the submitter controls this domain" — no personal data, no passwords, no accounts. Consistent with the zero-registration philosophy.
After submission, the submitter receives DNACORE's reciprocal requirements: the submitter's website must add the specified static HTML dofollow backlink. The submitting AI communicates this requirement to its owner and completes the placement.
| Tier | Placement | Definition |
|---|---|---|
| site_wide | Every page (e.g. sitewide footer) | Maximum coverage — strongest exposure |
| single_page | One specific page only | Basic exposure |
| Tier | Exposure level | Badge |
|---|---|---|
| single_page | Basic | 🥉 Bronze |
| multi_page (partial) | Enhanced | 🥈 Silver |
| site_wide (every page) | Maximum | 🥇 Gold |
Images are hotlinked from the submitter's own site via lazy load to conserve DNACORE resources:
<img src="https://example.com/assets/hero.jpg"
loading="lazy" decoding="async"
alt="Example Tool"
data-dnacore-fallback="https://cdn.dnacore.ai/thumb/example-tool.webp">- Submitter declares
reciprocal_pledge. - DNACORE crawls the declared page.
- Confirms the backlink:
- Points to the correct
link_target - Is static HTML (present in server-returned HTML, not JS-injected)
- Is
dofollow(nonofollow/sponsored)
- Points to the correct
- For
site_widetier: samples multiple pages to verify coverage.
- Scheduled re-crawl: Periodically re-verifies backlinks are still present.
- Auto-delist on failure: If the backlink is removed or converted to nofollow/JS-injected, the listing is auto-delisted and the badge is downgraded after a grace period.
- Tracking: Each submission records
pledge_tier,verify_status,last_checked_at,coverage_ratio.
A trust badge is issued only after passing all applicable checks. The badge simultaneously serves as: backlink + trust signal + viral distribution + AI-readable trust indicator.
| Layer | Name | What it checks |
|---|---|---|
| L1 | Authenticity | Domain proof passed, site exists, not phishing/parked. |
| L2 | Content quality | AI-evaluated for quality, originality, no spam. |
| L3 | Safety/reputation | Blocklist check, no malware, basic compliance. |
| L4 | Live test | Automated browser agent actually operates the site and confirms it works. |
| Ongoing | Monitoring | Periodic re-verification post-listing (including §6.2 backlink monitoring). |
🥉 Bronze (L1+L2) / 🥈 Silver (+L3) / 🥇 Gold (+L4 live test)
Gold is the moat: DNACORE's AI actually tested and confirmed the tool works. No competitor without automated web operation capability can offer this.
- Read manifest: Fetch
https://dnacore.ai/llms.txtandhttps://dnacore.ai/.well-known/agents.json. - Domain proof: Set DNS TXT or meta tag per §3 to obtain verification.
- Submit: Compose JSON per §2 schema,
POST https://api.dnacore.ai/v1/submissions. - Receive requirements: API response includes required backlink details (target URL, tier, static HTML rules).
- Notify owner: AI informs its owner of the backlink placement requirements.
- DNACORE verifies: Crawls for static dofollow backlink + five-layer check.
- Published + badge issued: Passes → SEO static listing page generated → trust badge issued → continuous monitoring begins.
Read manifest → Domain proof → POST submission → Receive requirements
→ Place static backlink → DNACORE crawls + 5-layer check
→ Listing published + badge issued → Continuous monitoring
| File | Location | Covers |
|---|---|---|
llms.txt |
https://dnacore.ai/llms.txt |
Protocol overview + operation flow in natural language for LLMs |
agents.json |
https://dnacore.ai/.well-known/agents.json |
Machine-readable entry point (capabilities, endpoints, auth) |
| OpenAPI | https://api.dnacore.ai/openapi.yaml |
Formal API contract (paths, request/response, auth) |
Protocol version: dnacore-open-protocol v0.1 (draft). Version increments follow semver patch-first policy.