Five concrete patterns. Copy the notice, ship the metadata, you’re compliant with Section 5.
Three things travel with the Work, side by side, at the same level of accessibility:
NOTICE declaring QGPL v3.0 and pointing recipients to the license..qgpl.json manifest.A measurement table or computed dataset released under copyleft, with a sidecar manifest carrying the post-quantum signature.
results-2026-05-24.csv # the artifact (the Result)
results-2026-05-24.csv.qgpl.json # Section 5 metadata
NOTICE # QGPL notice
LICENSE # copy of QGPL v3.0OBSERVATION DATA / WORK NOTICE
This Work (Result: results-2026-05-24.csv) is released under the Quantum General Public
License (QGPL) v3.0 — Quantum-Safe Edition.
You may use, modify, and distribute this Work under the terms of QGPL v3.0
(see LICENSE).
Quantum-Safe Distribution Metadata is provided in results-2026-05-24.csv.qgpl.json.
Author: Dr. Šarūnas Grigaliūnas
Date: 2026-05-24
Contact: info@qgpl.org{
"qgpl_spec": "1.0",
"license": "QGPL-3.0",
"artifact": {
"name": "results-2026-05-24.csv",
"size": 1048576,
"hash": { "alg": "SHA-256", "value": "b94d27b99…" },
"license_spdx": "QGPL-3.0"
},
"signature": { "alg": "ML-DSA-65", "value": "<base64>", "signed_at": "2026-05-24T12:00:00Z" },
"public_key": { "alg": "ML-DSA-65", "fingerprint": "sha256:1a2b3c…" }
}Generated by qgpl sign results-2026-05-24.csv. Recipients verify with qgpl verify results-2026-05-24.csv.
A model checkpoint and the outputs it generates are Results under QGPL. The checkpoint, the inference code (Apparatus Code), and the outputs all travel under QGPL v3.0.
model-v1.safetensors # the trained weights (Apparatus Code under QGPL)
inference.py # Apparatus Code
generations/ # model outputs (Results)
└── prompt-001.json
MANIFEST.qgpl.json # multi-file Section 5 metadata
NOTICE
LICENSEThis model and the outputs it produces (the "Results") are released under the
Quantum General Public License (QGPL) v3.0 — Quantum-Safe Edition.
Downstream use:
- Outputs you generate from this model are Modified Works derived from a QGPL Work.
- When you Distribute those outputs, you must license them under QGPL v3.0 and
ship Quantum-Safe Distribution Metadata (Section 5.1).
- You must not misrepresent the origin of generated content (Section 3.3).
No security claims are made about model behavior (Section 5.4).Note on derived outputs. Generations from a QGPL model are derivative Results. If you re-publish them at scale, they remain QGPL — that is what “Entangled Freedom” means.
Observation outputs from a quantum device, classical simulator, or hybrid run. The numbers belong to the universe; only the act of curating, recording, and transporting them is covered by copyright and database rights.
OBSERVATION DATA / WORK NOTICE
This Work contains Observation Outputs ("Results") from a quantum simulation
run on <backend> (e.g., IBM Heron r2 / classical state-vector simulator).
Apparatus: <backend identifier, software stack, version>
Phenomenon: <circuit ID / Hamiltonian / problem description>
Observation: shots = 8192, calibration = <calibration record hash>
Released under QGPL v3.0 — Quantum-Safe Edition. Section 5 metadata in
<artifact>.qgpl.json.
Modifications (post-selection, error mitigation, normalization) are recorded
in CHANGELOG (per Section 3.3, Provenance integrity).A repo that holds both code (Apparatus Code) and the Results it produces. QGPL covers the whole bundle — including the code under (d) of the Work definition.
/
├── LICENSE # QGPL v3.0
├── NOTICE
├── README.md
├── src/ # Apparatus Code (under QGPL)
├── data/raw/ # inputs (their own upstream licenses respected)
├── data/results/ # Results (QGPL)
│ └── *.qgpl.json # Section 5 metadata, one per artifact
└── .github/workflows/
└── release.yml # invokes `qgpl sign` & uploads metadata## License
This repository is released under the **Quantum General Public License (QGPL) v3.0
— Quantum-Safe Edition**. See [`LICENSE`](./LICENSE).
Every published Result under `data/results/` ships a `.qgpl.json` manifest
containing a post-quantum signature (ML-DSA-65 by default). Verify with:
qgpl verify data/results/example.csvIf the project also distributes code under GPL, dual-licensing is fine — code under GPL, Results under QGPL. The two copyleft regimes do not collide.
Sign on tag, attach manifest to the release, verify in CI. This is what Section 5.1 looks like as a one-line job step.
name: release
on:
push:
tags: ['v*']
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- name: Install qgpl
run: pipx install qgpl
- name: Sign release artifact
env:
QGPL_SIGNING_KEY: ${{ secrets.QGPL_SIGNING_KEY }}
run: |
qgpl sign dist/results-${{ github.ref_name }}.tar.gz \
--issuer https://qgpl.example.org/.well-known/qgpl/keys.json
- name: Upload artifact and Section 5 metadata
uses: softprops/action-gh-release@v2
with:
files: |
dist/results-${{ github.ref_name }}.tar.gz
dist/results-${{ github.ref_name }}.tar.gz.qgpl.json
dist/results-${{ github.ref_name }}.tar.gz.qgpl.sig
- name: Self-verify (sanity check)
run: qgpl verify dist/results-${{ github.ref_name }}.tar.gzThat is full Section 5.1 compliance. Hash, ML-DSA-65 signature, public key, and algorithm identifier, attached to the release at the same level of accessibility as the artifact.
For a Zenodo / arXiv / institutional repository upload of dataset and analysis code that backs a paper.
OBSERVATION DATA / WORK NOTICE
Supplementary materials for "<paper title>" (<arXiv:XXXX.XXXXX>).
Released under the Quantum General Public License (QGPL) v3.0 — Quantum-Safe Edition.
Includes:
- data/ — Results (datasets, measurements, model outputs)
- code/ — Apparatus Code used to produce/process the Results
- MANIFEST.qgpl.json — Section 5 metadata (ML-DSA-65) over the full bundle
Citing institutions / archives MAY rely on the embedded post-quantum signature
to verify integrity at any future date independent of TLS-era assumptions.If you can answer “what is the Result?” and “what file should the recipient verify?”, the rest follows. Run qgpl init in a project directory to scaffold LICENSE, NOTICE, and QGPL.toml automatically.