HATS Reliance Boundary and Liability Limitation

DRAFT -- Subject to revision by legal counsel

This document defines the reliance boundary for the H33 AI Trust Standard ("HATS"), version 1.0, as published and maintained by H33.ai, Inc. ("H33," "we," "us," or "our"). It establishes the limits of what any party may rely upon when evaluating, using, or making decisions based on a HATS certification, HATS verification output, or any artifact produced by a HATS-conformant verifier.

1. Purpose and Scope

1.1. This document applies to all parties that interact with HATS-certified systems, HATS verification outputs, or HATS certification marks, including but not limited to: certified organizations ("Certificate Holders"), their customers, regulators, auditors, insurance underwriters, investors, downstream service consumers, and independent verifier implementors.

1.2. Nothing in this document creates a contractual relationship between H33 and any third party absent a separately executed agreement. This document is a policy statement that governs the interpretation and permissible reliance on HATS artifacts.

2. Definitions

2.1. "HATS Certification" means a formal determination, issued by an authorized HATS certification body, that a system's governance graph satisfies the structural, cryptographic, and procedural requirements of HATS v1.0 at a specified tier level for a specified validity period.

2.2. "HATS Verification Output" means the JSON-structured result produced by a HATS-conformant verifier when evaluating a governance graph bundle, conforming to the schema defined in HATS-FP (Frozen Protocol), Section 1.

2.3. "Relying Party" means any natural person, legal entity, or automated system that consumes, evaluates, or makes decisions based upon HATS Certification status, HATS Verification Output, or a HATS certification mark.

2.4. "Certificate Holder" means the legal entity named in a HATS certificate as the operator of the certified system.

2.5. "Governance Graph" means the directed acyclic graph of governance nodes (route decisions, policy decisions, result attestations, state transitions, enforcement decisions) that constitutes the auditable record evaluated by a HATS verifier.

2.6. "Trust Assumptions" means the foundational assumptions enumerated in HATS GUARANTEES.md upon which HATS verification depends, including but not limited to collision resistance of SHA3-256, unforgeability of ML-DSA-65, deterministic canonical serialization, approximate clock correctness, and correct verifier implementation.

3. What HATS Certification Proves

3.1. A valid HATS certification provides evidence that, at the time of verification and within the scope of the submitted governance graph:

(a) The governance graph is acyclic, complete, isolated (no cross-tenant contamination), consistent in transcript version, and governed (state transitions have complete governance lineage comprising route, policy, result, and event nodes) (HATS GUARANTEES, Structural Integrity).

(b) Deterministic replay of the same graph at the same timestamp produces byte-identical frame hashes across any conformant implementation (HATS GUARANTEES, Deterministic Replay).

(c) Every receipt in the graph is hash-committed using SHA3-256 and, where signatures are present, bound to a specific signer key via ML-DSA-65 or another HATS-approved cryptographic profile (HATS GUARANTEES, Cryptographic Binding).

(d) The verification can be independently reproduced by any party possessing the governance graph bundle and public keys, without network access, API keys, or trust in H33 or any platform (HATS GUARANTEES, Independent Verification).

(e) Enforcement decisions within the governance chain are themselves governed nodes with verifiable receipts (HATS GUARANTEES, Enforcement Auditability).

3.2. HATS proves governance happened correctly. It does not prove the governed operation was correct.

4. Reliance Boundary -- What HATS Certification Does NOT Prove

4.1. No Guarantee Against Breach, Fraud, Compromise, or Operational Failure. No party may rely on HATS certification as a guarantee against breach, fraud, compromise, or operational failure. HATS certification is evidence of governance structure and process integrity. It is not a warranty of security outcomes, system availability, or resistance to attack.

4.2. No Content Correctness Guarantee. HATS verifies governance structure. It does not verify that: (a) any computation produced a correct mathematical result; (b) any policy was appropriate for the business, regulatory, or operational context; (c) any engine selection was optimal, only that it was deterministic and explainable within the governance framework; (d) any input data was accurate, complete, or free from manipulation prior to entry into the governed system.

4.3. No Legal or Regulatory Compliance Determination. HATS certification is a technical conformance assessment. It is not a determination of compliance with any law, regulation, standard, or contractual obligation, including but not limited to: GDPR, CCPA, HIPAA, SOC 2, PCI DSS, ISO 27001, FedRAMP, the EU AI Act, NIST AI RMF, or any other regulatory framework. Relying Parties must independently assess whether a Certificate Holder's practices satisfy applicable legal obligations.

4.4. No Model Correctness or Safety Assessment. HATS certification does not evaluate the correctness, safety, fairness, robustness, or fitness for purpose of any AI model, algorithm, or computational system governed by a HATS-certified governance framework. HATS governs the governance layer, not the governed layer.

4.5. No Cybersecurity Guarantee. HATS certification does not constitute a penetration test, vulnerability assessment, threat model validation, or security architecture review. HATS does not evaluate network security, access controls, encryption at rest, encryption in transit (except as it pertains to HATS-specific cryptographic bindings), intrusion detection, or incident response capability.

4.6. No Guarantee of Signer Key Security. As stated in HATS GUARANTEES, HATS tracks signer key lifecycle (active, revoked, expired) and rejects receipts from revoked keys. HATS does not guarantee that: (a) any private key was not compromised prior to revocation; (b) any key was generated using a secure random number generator or hardware security module; (c) any signer's claimed identity is authentic.

4.7. No Real-Time or Preventive Guarantee. HATS verification is batch-oriented. It does not guarantee real-time streaming verification, sub-millisecond verification latency, or prevention of invalid events before they occur. Enforcement within HATS handles prevention; verification is post-hoc.

4.8. No Byzantine Fault Tolerance Guarantee. HATS federation assumes honest-but-possibly-stale nodes. It detects equivocation but does not guarantee consensus under Byzantine conditions (greater than one-third malicious nodes), liveness when quorum is not met, or automatic recovery from partition without manual intervention.

5. Third-Party Reliance Limitations

5.1. Reliance at Own Risk. Any Relying Party that uses HATS certification status, HATS Verification Output, or HATS certification marks as an input to any decision does so at its own risk and must exercise its own independent judgment.

5.2. No Privity. H33 makes no representations or warranties to Relying Parties with whom it does not have a direct contractual relationship. HATS certification creates a relationship between H33 (or an authorized certification body) and the Certificate Holder. It does not create a duty of care, fiduciary relationship, or contractual obligation to any downstream Relying Party.

5.3. Downstream Decision Liability. H33 disclaims all liability for decisions made by any Relying Party based on HATS certification status, including but not limited to: (a) business decisions to enter into contracts with a Certificate Holder; (b) technology decisions to integrate with a Certificate Holder's systems; (c) risk assessment decisions; (d) hiring, contracting, or procurement decisions; (e) investment decisions.

5.4. No Obligation to Update Relying Parties. H33's obligation to publish certificate status changes extends to the HATS public certificate status registry. H33 has no obligation to individually notify Relying Parties of certificate suspensions, revocations, or expirations. Relying Parties are responsible for checking the public registry.

6. Insurance Underwriting Reliance Disclaimer

6.1. HATS certification is not designed, intended, or warranted for use as the sole basis for any insurance underwriting, risk modeling, premium calculation, or coverage determination. Insurance underwriters that consider HATS certification status as a factor in risk assessment must independently evaluate all relevant risk factors and must not treat HATS certification as a substitute for independent security assessment, actuarial analysis, or claims history review.

6.2. H33 expressly disclaims liability for any insurance underwriting loss, premium inadequacy, or claims expense that any insurer or reinsurer attributes to reliance on HATS certification status.

6.3. Nothing in this section prohibits an insurer from considering HATS certification as one factor among many in a risk assessment, provided the insurer acknowledges in its own policies and procedures that HATS certification is subject to the reliance boundary described in this document.

7. Distinction Between Technical Evidence and Legal Compliance

7.1. HATS Verification Output constitutes technical evidence of governance graph integrity. It is structured, deterministic, machine-readable, and independently reproducible.

7.2. Technical evidence is not equivalent to legal compliance. A governance graph that passes all HATS verification checks with zero violations may still be associated with a system that violates applicable law, fails to meet contractual obligations, or causes harm.

7.3. Conversely, a governance graph that produces HATS violations does not necessarily indicate legal non-compliance. HATS violations indicate departures from the HATS governance specification, not from law.

7.4. Relying Parties, regulators, and courts should treat HATS Verification Output as one input to a broader compliance or risk assessment, not as a dispositive determination of compliance or non-compliance with any legal obligation.

8. Limitation of Liability

8.1. Exclusion of Consequential Damages. To the maximum extent permitted by applicable law, H33 shall not be liable to any Certificate Holder, Relying Party, or any other person or entity for any indirect, incidental, special, consequential, punitive, or exemplary damages arising out of or related to HATS certification, HATS Verification Output, or the use or inability to use any HATS artifact, regardless of whether such damages are based on breach of contract, tort (including negligence), strict liability, or any other legal theory, and regardless of whether H33 has been advised of the possibility of such damages.

8.2. Aggregate Liability Cap. To the maximum extent permitted by applicable law, H33's aggregate liability arising out of or related to HATS certification, in any twelve-month period, shall not exceed the total fees actually paid by the Certificate Holder to H33 for HATS certification services during that twelve-month period.

8.3. Carve-Out for Willful Misconduct. The limitations in Sections 8.1 and 8.2 do not apply to liability arising from H33's willful misconduct, gross negligence, or intentional fraud in the issuance or administration of HATS certifications. For the avoidance of doubt, a good-faith error in a HATS verifier implementation, a failure to detect a novel attack vector, or an incorrect verification result caused by a defect in reference implementation code does not constitute willful misconduct.

8.4. Carve-Out for Intellectual Property Infringement. The limitations in Sections 8.1 and 8.2 do not apply to H33's indemnification obligations, if any, under a separately executed intellectual property indemnification agreement.

9. Trust Assumptions and Failure Modes

9.1. HATS verification depends on the trust assumptions enumerated in HATS GUARANTEES.md. If any trust assumption is invalidated, the scope of HATS guarantees may narrow or be suspended. Specifically:

(a) If SHA3-256 is found to be collision-vulnerable, the Cryptographic Profile migration process (HATS-FP-004) defines the transition path. During transition, existing certifications may be suspended pending re-verification under the replacement hash function.

(b) If ML-DSA-65 is found to be forgeable, signature-dependent guarantees (Cryptographic Binding, Enforcement Auditability for signed receipts) are invalidated, but hash-only structural integrity guarantees remain in effect under proof profile HATS-PROOF-HASH-ONLY-v1.

(c) If a verifier implementation contains a bug, the guarantee of Independent Verification is impaired for that implementation only. The specification and canonical test vectors remain authoritative.

9.2. H33 will publish security advisories for any known impairment of trust assumptions through the HATS public registry and the standard@h33.ai communication channel.

10. Relationship to Contractual Terms

10.1. This Reliance Boundary document supplements but does not replace any Master Service Agreement, Terms of Service, Certification Agreement, or other contractual instrument between H33 and a Certificate Holder.

10.2. In the event of a conflict between this document and a separately executed agreement, the separately executed agreement controls as between the contracting parties. This Reliance Boundary document controls as to all third-party Relying Parties.

10.3. Certificate Holders are responsible for communicating the reliance boundary described in this document to their own customers and downstream Relying Parties. Certificate Holders must not make representations about HATS certification that exceed the scope described in Section 3.

11. Governing Law and Dispute Resolution

11.1. This document and any disputes arising from the interpretation of the HATS reliance boundary shall be governed by the laws of the State of Delaware, United States, without regard to conflict of laws principles.

11.2. Any dispute arising under this document shall be resolved through binding arbitration administered by JAMS under its Comprehensive Arbitration Rules and Procedures, with the arbitration seated in Wilmington, Delaware.

12. Amendments

12.1. H33 reserves the right to amend this document. Material amendments will be published to the HATS public registry with at least 90 days' notice before taking effect.

12.2. Amendments apply prospectively. They do not affect the reliance boundary applicable to certifications issued prior to the amendment effective date.

HATS Reliance Boundary and Liability Limitation v1.0 -- H33.ai, Inc.