{ "$schema": "http://json-schema.org/draft-07/schema#", "$id": "https://h33.ai/standards/post-quantum-verified/h33-self-attestation/bundles/schema/pq-verified-artifact-v1.schema.json", "schema_version": "h33-pq-verified-artifact/v1", "title": "PQ-Verified Artifact v1", "description": "One package, one verifier command, one outcome. Self-contained .h33pqv.json file carrying the artifact manifest plus all five pillar attestations inline plus triple-family PQ signatures. The customer-facing surface for H33-PQ Verified. Pillars are for auditors; the artifact is for customers.", "type": "object", "required": [ "schema_version", "artifact_id", "cycle_id", "issued_at", "issuer", "subject", "human_summary", "attestations", "manifest_hash", "signatures", "verifier_command", "publishing_rule" ], "properties": { "schema_version": { "const": "h33-pq-verified-artifact/v1" }, "artifact_id": { "type": "string", "pattern": "^h33pqv-[0-9]{4}-Q[1-4]-[0-9]{3}-[0-9a-f]{16}$" }, "cycle_id": { "type": "string", "pattern": "^[0-9]{4}-Q[1-4]-[0-9]{3}$" }, "issued_at": { "type": "string", "format": "date-time" }, "issuer": { "type": "object", "required": ["name", "principal"], "properties": { "name": { "const": "H33.ai, Inc." }, "principal": { "type": "string" } } }, "human_summary": { "type": "object", "description": "Answers one human question in the first 5 seconds. Rendered by every verifier UI BEFORE technical detail (hashes, schema versions). Most people don't care about hashes until after they trust the verdict.", "required": ["claim", "verdict", "evidence_summary"], "properties": { "claim": { "type": "string", "description": "One sentence stating what the artifact attests to. E.g., 'AI classification decision followed approved policy.'" }, "verdict": { "type": "string", "enum": ["VERIFIED", "VERIFIED_PENDING_SIGNATURES", "PENDING", "FAILED"] }, "evidence_summary": { "type": "string", "description": "One sentence summarizing which attestations carry the claim. E.g., 'Governance, Privacy, and Verification attestations validated.'" }, "load_bearing_pillars": { "type": "array", "items": { "type": "string", "enum": ["cryptography", "evidence", "governance", "privacy", "verification"] }, "description": "Which pillars are LOAD-BEARING for this specific claim. Other pillars still present, just background." }, "additional_assurances": { "type": "array", "items": { "type": "string" }, "description": "Optional supporting one-liners (privacy, governance, etc.)" } } }, "subject": { "type": "object", "required": ["name", "category"], "properties": { "name": { "type": "string", "description": "Customer-facing subject of this artifact (e.g., 'H33 Self-Attestation', 'Solana Privacy Demo', 'Customer Onboarding')" }, "description": { "type": "string" }, "category": { "type": "string", "enum": ["self_attestation", "demo", "release", "customer_attestation", "regulatory_submission", "audit_evidence"] }, "product": { "type": "string", "description": "Optional H33 product associated with this artifact (e.g., 'HATS', 'Agent Zero', 'Governance Replay')" } } }, "attestations": { "type": "object", "required": [ "cryptography_attestation", "evidence_attestation", "governance_attestation", "privacy_attestation", "verification_attestation" ], "properties": { "cryptography_attestation": { "type": "object", "description": "Full Pillar 1 Cryptography bundle inline" }, "evidence_attestation": { "type": "object", "description": "Full Pillar 2 Evidence bundle inline" }, "governance_attestation": { "type": "object", "description": "Full Pillar 3 Governance bundle inline" }, "privacy_attestation": { "type": "object", "description": "Full Pillar 4 Privacy bundle inline" }, "verification_attestation": { "type": "object", "description": "Full Pillar 5 Verification bundle inline" } } }, "attestation_hashes": { "type": "object", "description": "SHA3-384 over each embedded attestation's canonical JSON. Verifier recomputes and matches.", "required": [ "cryptography_sha3_384", "evidence_sha3_384", "governance_sha3_384", "privacy_sha3_384", "verification_sha3_384" ], "properties": { "cryptography_sha3_384": { "type": "string", "pattern": "^[0-9a-f]{96}$" }, "evidence_sha3_384": { "type": "string", "pattern": "^[0-9a-f]{96}$" }, "governance_sha3_384": { "type": "string", "pattern": "^[0-9a-f]{96}$" }, "privacy_sha3_384": { "type": "string", "pattern": "^[0-9a-f]{96}$" }, "verification_sha3_384": { "type": "string", "pattern": "^[0-9a-f]{96}$" } } }, "manifest_hash": { "type": "string", "pattern": "^[0-9a-f]{96}$", "description": "SHA3-384 over canonical encoding of (cycle_id, issuer, subject, attestation_hashes). The signatures cover this hash." }, "signatures": { "type": "object", "required": ["ml_dsa_87", "slh_dsa_256s", "falcon_1024"], "properties": { "ml_dsa_87": { "type": "string", "description": "ML-DSA-87 signature over manifest_hash (base64) — or PENDING marker pre-ceremony" }, "slh_dsa_256s": { "type": "string", "description": "SLH-DSA-256s signature (base64) — or PENDING" }, "falcon_1024": { "type": "string", "description": "FALCON-1024 signature (base64) — or PENDING" } } }, "verifier_command": { "const": "h33-pq-verify artifact --file " }, "verifier_url": { "type": "string", "format": "uri" }, "publishing_rule": { "const": "One package. One verifier command. One outcome. The artifact carries every per-pillar attestation inline plus the manifest hash plus the signatures over that hash. Any third party verifies the entire artifact offline with `h33-pq-verify artifact --file `. Tampering with any embedded attestation invalidates the manifest hash; tampering with the manifest hash invalidates the signatures. Customer-facing format; pillars are still individually inspectable but never need to be downloaded separately." } } }