Precise cryptographic guarantees. No overclaims. Every assumption documented. Every limitation explicit.
Five cryptographic guarantees backed by deterministic verification, post-quantum signatures, and canonical test vectors.
Honest limitations. No overclaims. These are boundaries, not failures.
Every cryptographic system rests on assumptions. These are ours, stated explicitly.
| Assumption | What It Means |
|---|---|
| Hash collision resistance | SHA3-256 produces unique outputs |
| Signature unforgeability | ML-DSA-65 cannot be forged |
| Canonical determinism | Same content → same bytes → same hash |
| Clock approximate correctness | Timestamps within 5s for federation |
| Signer honesty or detectability | Revocation catches compromised signers |
| Verifier correctness | Reference implementation correctly implements spec |
What happens when things go wrong. Detection mechanisms and response protocols for each scenario.
| Scenario | Detection | Response |
|---|---|---|
| Compromised signer | Revocation + timestamp check | Reject all receipts from revoked key |
| Clock manipulation | Monotonic verifier | WARNING: rollback/replay detected |
| Network partition | Quorum check | DEGRADED/FAILED federation status |
| Hash collision (theoretical) | Cryptographic profile migration | Transition to new hash function |
| Specification bug | Conformance test failure | Patch spec, increment version |
The cryptographic hot path does not depend on JavaScript or browser runtimes. No scripting layer participates in proving, verification, transcript construction, field arithmetic, challenge derivation, or security-critical execution.
JSON artifacts are used only as portable conformance vectors. The proving and verification path is fully deterministic and implemented in Rust.
Run the reference verifier. Inspect the test vectors. Validate the claims against the specification.