01The money quote
Verified ≠ True.
Three NIST-final post-quantum signature families agree on every event. The canonical signing message matches the canonical event hash byte-for-byte. None of that is a verdict. The proof does NOT establish that the signer was authorized, that the data was correct, that the policy was wise, or that the human at the keyboard meant what the key signed. Verification proves integrity. Correctness, fairness, legality, and judgment remain where they belong — with auditors, regulators, courts, and competent counsel. This proof is integrity, not judgment.
02The pattern — four money quotes, one corpus
The corpus pattern is now four lines deep, and unmistakable to an auditor.
Each proof's deepest claim arrives with its own honest limit. The pattern says, unambiguously: H33 produces evidence — not verdicts.
03The two tenants — one verified, one honestly not
Built fresh with persistent PQ keys. 3 events. 3 archive rows. Keyring registered. ML-DSA-65 + FALCON-512 + SLH-DSA-SHA2-128f all pass for every event. Signing messages match canonical hashes. fully_verified = true.
The home of #15, #184, #174, #167. 12 events. 0 archive rows. 12 events honestly reported as "pre-L9.1 unsigned: structurally replayable, cryptographically unverifiable." State_ids untouched. The honesty is part of the proof.
Those state_ids are now sacred.
"Never mutate the canonical continuity tenant. Never re-sign history. Never regenerate evidence. Never change state_ids. Your honesty is one of the strongest parts of the corpus. Leave the old events as structurally replayable / cryptographically unverifiable. And say it openly."
04The verification primitive — what runs per event
verify_event_signature_record(rec) {
// Step 1 — recompute the canonical signing message and confirm it
// matches the supplied bytes (catches event tampering + sidecar mismatch).
let recomputed = canonical_signing_message(rec.event);
if recomputed != rec.signing_message { return SigningMessageMismatch }
// Step 2 — ML-DSA-65 verification (NIST FIPS 204, Level 3).
mldsa65::verify_detached_signature(rec.dilithium_sig, rec.signing_message, rec.dilithium_pk)?
// Step 3 — FALCON-512 verification (NIST FIPS 206, Level 1, NTRU lattice).
falcon512::verify_detached_signature(rec.falcon_sig, rec.signing_message, rec.falcon_pk)?
// Step 4 — SLH-DSA-SHA2-128f verification (NIST FIPS 205, hash-based, Level 1).
sphincssha2128fsimple::verify_detached_signature(rec.sphincs_sig, rec.signing_message, rec.sphincs_pk)?
return Verified
}
All three NIST-finalist PQ families must agree. The 3-of-3 composite gives lattice + NTRU-lattice + hash-based independence — if one family falls to a future quantum break, the other two still hold.
05The schema (Eric Q1 LOCKED Option D — hybrid storage)
tenant_pq_keyrings (tenant_id, keyring_id, active_from_ms, revoked_at_ms)
principal_pq_keys (tenant_id, keyring_id, principal_id,
dilithium_pk, falcon_pk, sphincs_pk,
dilithium_pk_fp, falcon_pk_fp, sphincs_pk_fp)
canonical_auth_event_pq_signatures (canonical_event_id → canonical_auth_events.id,
tenant_id, keyring_id, principal_id,
signing_message (32 bytes),
dilithium_sig, falcon_sig, sphincs_sig)
Append-only. FK-linked to canonical_auth_events and to principal_pq_keys. The evidence-package arm exports identical content as public_keys.json and signatures.json — identical shape, identical verification result.
06What this proof IS and IS NOT
The close of the Phase E lock that has appeared as an honest-limit on every prior proof page since L9. The trustless verification feature Eric named in the meta-lock. The 3-PQ verification primitive shared by both the DB-backed and the evidence-package-backed paths. The hardening pass that follows the vision expansion of #174 + #167. The substrate on which the next decade of independent-3rd-party H33 audits run.
A cryptography feature (Eric explicitly named this rejection). A new axis of the corpus. A claim about signer identity — proving the human or agent IS who the principal claims is Phase F, out of scope here. A claim that a verified chain contains true content. Authentication (continuity-axis territory). A substitute for auditors, regulators, courts, or competent counsel. Verified ≠ True.
07Honest limits (5)
- Signature verification ≠ signer identity. L9.1 proves a key signed; it does not prove the signer IS who they claim. PKI / signer-identity verification is Phase F.
- Key compromise breaks verification going forward, not history. A future-stolen key does not retroactively invalidate prior signatures under the original valid key. Bounded-window compromises remain Phase F territory.
- Algorithm agility. ML-DSA-65 / FALCON-512 / SLH-DSA-SHA2-128f are NIST-final today. Future quantum or mathematical breakthroughs against any one would force migration. The 3-of-3 composite gives resilience, not infinity.
- Pre-L9.1 events on the canonical continuity tenant. Signed but key-unknown. Verifier reports honestly. State_ids untouched.
- Verified ≠ True. The money quote.
08Where this proof sits
L9.1 is not on the continuity ladder. It is not on the computation axis. It is a hardening pass — it closes the open lock referenced on every prior proof page, raising Replay Confidence for new tenants from 72/100 to 100/100 while honestly reporting older tenants where the L9.1 sidecar wasn't yet written.
| Phase | Status | Notes |
|---|---|---|
| Phase A — H33-74 substrate | locked | core post-quantum receipt format |
| Phase B — canonical event log | locked | canonical_auth_events table + canonical event signing |
| Phase C — replay engine | locked | replay_until + AuthorityStateSnapshot |
| Phase D — independent replay (L9) | locked | structural reconstruction without DB or vendor |
| Phase E — per-event signature verification | CLOSED HERE (L9.1) | trustless verification primitive + hybrid storage |
| Phase F — signer identity verification | open | PKI / human-IS-who-they-claim — out of scope for L9.1 |
09Evidence appendix
| Field | Value |
|---|---|
| L9.1 tenant | tenant_l91_verified_first_44962d9b-25f5-5622-bd9a-98d5580bb8a2 |
| L9.1 tenant root | princ_root_l91_verified_44962d9b-25f5-5622-bd9a-98d5580bb8a2 |
| Keyring | keyring_l91_first_2026_06_03 |
| L9.1 events total | 3 |
| L9.1 archive rows | 3 |
| L9.1 verified | 3 / 3 (100%) — fully_verified = true |
| L9.1 failed | 0 |
| Canonical continuity tenant | tenant_insurance_claim_44962d9b-25f5-5622-bd9a-98d5580bb8a2 |
| Canonical continuity tenant events | 12 (untouched — state_ids sacred) |
| Canonical continuity tenant archive rows | 0 (pre-L9.1, no sidecar) |
| Canonical continuity tenant verified | 0 / 12 (honest) |
| Migration | migrations/V016__pq_signature_archive.sql |
| Verification module | src/h33_auth/canonical_event_verification.rs |
| Archive module | src/h33_auth/canonical_event_archive.rs |
| Reconstruction artifact | reconstruction.json |
| Harness — DB arm | tests/independent_replay_verification_001.rs |
| Harness — Evidence-package arm | tests/independent_replay_verification_002_evidence_package.rs (scif-backend @ d782b91cc) |
| Binary · verification flags | h33-independent-canonical-replay --verify-signatures --public-keys-file --signatures-file |
| Evidence-package arm result | 3/3 verified · binary & DB paths produce IDENTICAL output (symmetry exercised end-to-end) |
10Readiness determination
First Independent Replay Verification: PROVEN IN OPERATION. The Phase E lock that has appeared as an honest-limit on every prior proof page since L9 is now closed. A new L9.1 tenant verifies 3-of-3 with all three NIST-final PQ families. The canonical continuity tenant remains untouched and its pre-L9.1 status is reported honestly. Either the DB or the evidence package independently produces the same verification result — trustless symmetry holds.
What this unlocks: an independent 3rd-party auditor can now run the verifier against either path and arrive at the same verification verdict — without the DB, without the vendor, without trusting H33 at all. The category Eric named: trustless verification.
What this does not unlock: signer identity verification (Phase F), correctness claims, fairness verdicts, or judgments of any kind. Verified ≠ True.
Issued by H33, Inc. · Eric Beans, CEO · 2026-06-03
Independently reconstructable. Inputs: scif-backend @ 7626a5e93 · tests/independent_replay_verification_001.rs · migration V016__pq_signature_archive.sql · reconstruction.json.