{ "$schema": "http://json-schema.org/draft-07/schema#", "$id": "https://h33.ai/standards/post-quantum-verified/h33-self-attestation/bundles/schema/pillar3-privacy-release-readiness.schema.json", "schema_version": "h33-pq-verified/pillar3-privacy-release-readiness/v1.0", "title": "H33 Pillar 3 — Privacy Preservation / Release Readiness Scoring", "description": "Encrypted-in-use release readiness scoring under H33 FHE-IQ. Publishing rule: ciphertext hashes, computation manifest, and attested output classification are published; underlying input values and exact numeric scores are never exposed. Demonstrates encrypted input → encrypted processing → attested output → decision recorded as a complete governance loop, not a crypto demo.", "type": "object", "required": ["schema_version", "cycle_id", "workflow", "computation_engine", "data_access_mode", "encrypted_inputs", "fhe_computation", "attested_output", "fhe_iq_attestation", "signatures", "verification_record", "publishing_rule"], "properties": { "schema_version": { "const": "h33-pq-verified/pillar3-privacy-release-readiness/v1.0" }, "cycle_id": { "type": "string", "pattern": "^[0-9]{4}-Q[1-4]-[0-9]{3}$", "example": "2026-Q2-001" }, "workflow": { "const": "Release Readiness Scoring" }, "computation_engine": { "type": "object", "required": ["name", "backend", "fingerprint"], "properties": { "name": { "const": "H33 FHE-IQ" }, "backend": { "type": "string", "enum": ["CKKS", "TFHE", "TFHE-Bootstrap"] }, "fingerprint": { "type": "string", "pattern": "^[0-9a-f]{96}$", "description": "SHA3-384 of the FHE-IQ engine binary version used" } } }, "data_access_mode": { "const": "encrypted", "description": "Declared per the H33-Root substrate. Independent FHE verifier confirms no plaintext access occurred." }, "encrypted_inputs": { "type": "array", "minItems": 5, "description": "The five release-readiness input dimensions, each present as a ciphertext only.", "items": { "type": "object", "required": ["name", "ciphertext_sha3_384", "schema_hash"], "properties": { "name": { "type": "string", "enum": ["test_pass_rate", "conformance_status", "security_checks", "dependency_health", "performance_thresholds"] }, "ciphertext_sha3_384": { "type": "string", "pattern": "^[0-9a-f]{96}$", "description": "SHA3-384 of the encrypted input ciphertext. Plaintext input value never exposed." }, "schema_hash": { "type": "string", "pattern": "^[0-9a-f]{96}$", "description": "SHA3-384 of the input schema (defines what dimension means without exposing the value)" } } } }, "fhe_computation": { "type": "object", "required": ["circuit_hash", "circuit_depth", "operations", "execution_proof_sha3_384"], "properties": { "circuit_hash": { "type": "string", "pattern": "^[0-9a-f]{96}$", "description": "SHA3-384 of the FHE circuit specification" }, "circuit_depth": { "type": "integer", "minimum": 1, "description": "Multiplicative depth of the circuit" }, "operations": { "type": "array", "items": { "type": "string", "enum": ["weighted_sum", "threshold_comparison", "polynomial_eval", "comparison_chain"] } }, "execution_proof_sha3_384": { "type": "string", "pattern": "^[0-9a-f]{96}$", "description": "SHA3-384 of the execution proof — covers the encrypted-domain computation transcript" } } }, "attested_output": { "type": "object", "required": ["decision_class", "output_ciphertext_sha3_384"], "properties": { "decision_class": { "type": "string", "enum": ["ship", "hold", "conditional_release"], "description": "PUBLIC. The decision class is published; the exact numeric score and threshold are not." }, "output_ciphertext_sha3_384": { "type": "string", "pattern": "^[0-9a-f]{96}$", "description": "SHA3-384 of the encrypted output ciphertext" }, "score_range_hash": { "type": "string", "pattern": "^[0-9a-f]{96}$", "description": "Optional. SHA3-384 of the score-range bin the result fell in. Bin definition published separately; exact score not exposed." } } }, "fhe_iq_attestation": { "type": "object", "required": ["no_plaintext_access_verified", "data_access_mode_honored", "verifier_signature"], "properties": { "no_plaintext_access_verified": { "type": "boolean", "description": "True iff independent FHE verifier confirms no plaintext access occurred during the computation" }, "data_access_mode_honored": { "type": "boolean", "description": "True iff the declared data_access_mode (encrypted) was honored end-to-end" }, "verifier_signature": { "type": "object", "required": ["ml_dsa_87"], "properties": { "ml_dsa_87": { "type": "string", "contentEncoding": "base64" } } } } }, "signatures": { "type": "object", "description": "Triple-family PQ signatures by H33 release principal over the manifest of (cycle_id, encrypted_inputs hashes, fhe_computation hashes, attested_output)", "required": ["ml_dsa_87", "slh_dsa_256s", "falcon_1024"], "properties": { "ml_dsa_87": { "type": "string", "contentEncoding": "base64" }, "slh_dsa_256s": { "type": "string", "contentEncoding": "base64" }, "falcon_1024": { "type": "string", "contentEncoding": "base64" } } }, "verification_record": { "type": "object", "required": ["verifier_version", "verifier_fingerprint"], "properties": { "verifier_version": { "type": "string", "example": "h33-verifier 0.1.0" }, "verifier_fingerprint": { "type": "string", "pattern": "^[0-9a-f]{96}$" }, "result": { "type": "string", "enum": ["PASS", "FAIL", "PENDING"] } } }, "publishing_rule": { "const": "Encrypted-input hashes + computation manifest + attested output classification ONLY. Underlying input values and exact numeric scores are never exposed. Encrypted-in-use throughout. The substrate demonstrates the H33 product principle of verifying integrity without exposing data — recursively, against H33's own release governance loop." } } }