HATS Insurer Portal
LIVE
✓
Continuously Verified
Based on observed control coverage and real-time attestations across the portfolio.
79
Portfolio CRV
Verified: 186
Degraded: 53
Non-compliant: 8
Active exposure: 8 tenants
⚠
Actions to Maintain Portfolio Verification
3 items
●
8 tenants in non-compliant state — control deviations observed
●
53 tenants with degraded controls — verification confidence reduced
●
12 tenants approaching tier qualification threshold (28+ days)
Tier Distribution
Compliance Status
CRV Distribution
247 tenants
0-102030405060708090-100
Recent State Deviations
5 NEW
Top 10 Highest-Risk Accounts
| Tenant | CRV | Tier | Compliance | Sector | Days Since Fail |
|---|
Concentration Risk
Portfolio CRV Distribution Trend (30d)
Sector Breakdown
| Policy # | Tenant | CRV | Tier |
|---|
Policy Detail
Select a policy
✍
Select a policy from the list or click a tenant in any table
Query Verified System State
Cryptographically proven state at any point in time. Same inputs always produce the same output. This state can be independently verified.
Verified System State
--
Cryptographically Proven State @ Time T
--
CRV
--
Tier
--
Compliance State
Verified Control Vector @ Time T
Linked H33-74 State Artifacts
Reproducibility Guarantee
deterministic: true | replayable: true
model_version: 1.0.0
input_set_hash: --
proof_lineage: control_states → SHA3-256 → substrate(58B) → 3x PQ-sign → on-chain(32B)
This artifact can be independently verified. Same inputs at time T will always produce the same output.
Surrounding Events (±1 hour)
Recent State Artifact Queries
| Query ID | Tenant | Incident Time | Queried By | Queried At | Status |
|---|
Risk State Migration Model
Portfolio CRV Trajectory (12m)
Unverified-to-Verified-A Conversion
--
Mean CRV Delta
--
Fastest State Migrations
| Tenant | Sector | Starting Tier | Current Tier | Days to Migration | Score Delta |
|---|
Signal Stream
STREAMING
Signal Volume
0
Today
0
This Hour
0
Critical
Webhook Subscriptions
| Endpoint | Events | Status |
|---|---|---|
| https://cowbell.internal/hats-events | ALL | ● Active |
| https://claims.cowbell.io/webhook | CRITICAL | ● Active |
| https://soc.cowbell.io/ingest | WARN+ | ● Active |
| https://backup.cowbell.io/events | ALL | ● Inactive |
Model Transparency
Deterministic computation model. Same inputs always produce the same output. No black box.
Computed Risk Value (CRV) — Computation Model
DETERMINISTIC
// CRV = weighted sum of control verification states
CRV = f(MFA × 0.25, EDR × 0.20, Backup × 0.20, Patch × 0.10, Network × 0.10, DataProt × 0.15)
// where each control state maps to:
VERIFIED = 100 | DEGRADED = 60 | FAILED = 0 | UNKNOWN = 30
// staleness decay applied per control type:
MFA: 15min | EDR: 5min | Backup: 24h | Patch: 24h | Network: 1h | DataProt: 5min
// model version locked at computation time for audit replay
model_version: "1.0.0" | output_range: [0, 100] | deterministic: true
Control Weighting
| Control | Weight | Criticality | Staleness Threshold |
|---|---|---|---|
| MFA Enforcement | 0.25 | CRITICAL | 15 min |
| EDR / Endpoint | 0.20 | CRITICAL | 5 min |
| Encrypted Backups | 0.20 | CRITICAL | 24 hr |
| Patch Cadence | 0.10 | REQUIRED | 24 hr |
| Network Segmentation | 0.10 | REQUIRED | 1 hr |
| Data Protection (FHE) | 0.15 | ADVISORY | 5 min |
| Total | 1.00 |
Tier Classification Thresholds
| Tier | CRV Range | Compliance Req | Upgrade Qualification |
|---|---|---|---|
| VERIFIED A | 90 – 100 | COMPLIANT | 30 consecutive days |
| VERIFIED B | 70 – 89 | COMPLIANT | 30 consecutive days |
| STANDARD | 50 – 69 | Any | Immediate |
| UNVERIFIED | 0 – 49 | Any | Immediate (downgrade) |
Upgrades require sustained qualification. Downgrades are immediate.
Tier classification is deterministic at any point in time T.
Tier classification is deterministic at any point in time T.
State Artifact Architecture (H33-74)
POST-QUANTUM
58
bytes — signed substrate
VER + TYPE + SHA3-256 commitment + timestamp + nonce
32
bytes — on-chain hash
SHA3-256 of substrate, anchorable to Bitcoin/Ethereum/Solana
3
PQ signature families
ML-DSA-65 (lattice) + FALCON-512 (NTRU) + SLH-DSA (hash)
Every state artifact is cryptographically bound to its inputs. Tamper-evident. Externally verifiable. Court-admissible.
Input set hash = SHA3-256(control_states || timestamp || model_version) → commitment → 3 independent PQ signatures.
Input set hash = SHA3-256(control_states || timestamp || model_version) → commitment → 3 independent PQ signatures.
"We don't score risk. We compute and attest to system state.
The insurer decides what that means."
The insurer decides what that means."
HATS is a computation and attestation layer. Not a decision engine. Not a black box.
Deterministic. Replayable. Verifiable. Post-quantum signed.
Deterministic. Replayable. Verifiable. Post-quantum signed.