Procedure: Deterministic, Replayable, Binary
Verification is mechanical. Evidence either reproduces exactly or fails. No sponsor cooperation is required for a pass/fail verification outcome.
Boundary Contract
We bind all causal variables influencing terminal state into declared inputs and enforce that closure at build and runtime boundaries through dependency isolation, canonicalization of representations, and reproducible execution.
Authoritative provenance is a trust-weighting attribute, not an availability guarantee. When required authoritative inputs are unavailable, Sovrient records INPUT_UNAVAILABLE, preserves acquisition evidence, and prevents release of artifacts whose required inputs are not verifiably bound.
ADMISSIBILITY CONTRACT: admissible(terminal_state) iff terminal_state = F(packet_bytes, spec_bytes, verifier_mode) AND F is total and deterministic AND no undeclared dependency is reachable.
SCOPE: INTEGRITY + INTERNAL CONSISTENCY VERIFICATION ONLY
Procedure
| Step | Action | Result |
|---|---|---|
| 01 | Fetch bundle artifacts and sidecars (.sha256, .sig). |
All required files present. |
| 02 | Validate file integrity (sha256sum -c). |
Digest equality true for all files. |
| 03 | Validate witness signatures (gpg --verify). |
Signature and key fingerprint match expected signer. |
| 04 | Recompute Merkle root from range lines and compare to declared root. | Root equality true. |
| 05 | Recompute day inclusion proofs for selected samples. | Inclusion path resolves to same root. |
| 06 | Replay deterministic run at declared params. | Replay hash equals published hash. |
Verifier Kit
Bundle verifier package and reproducibility scripts are treated as governed artifacts.
Crypto-agility telemetry: crypto_agility_latest.json