# Independent Replay — Verification Instructions

This evidence package can be replayed independently of H33 infrastructure.
You do not need a database, the SCIF backend, or any network connection.

## What's in this package

- `events.json` — the canonical event log for tenant_time_travel_44962d9b-25f5-5622-bd9a-98d5580bb8a2 (11 events: 1 policy_register, 2 model_register, 2 policy_amend, 2 grants, 4 decisions).
- `manifests/manifest_T5.json` through `manifest_TInf.json` — one manifest per time-travel snapshot, each with the expected state_id from the L5 published proof.
- `report_T5.json` ... `report_TInf.json` — the actual reports produced by running the verifier in this package.

## To reproduce yourself

1. Clone scif-backend at commit SHA recorded in this package's parent proof page.
2. Build:

```bash
cargo build --bin h33-independent-canonical-replay
```

Expected verifier binary SHA-256:

```
fb8e2be10d844cad5067e93fb29a7a286ee8ef30ab9dacd5464a16da1898bcfe
```

(The exact bytes will differ across compilers; what matters is the source SHA from scif-backend matches the published proof.)

3. Run the verifier on each manifest:

```bash
target/debug/h33-independent-canonical-replay \
  --events-file events.json \
  --manifest-file manifests/manifest_T10.json \
  --verbose
```

Expected exit code: 0 (PASS).

## What you've verified

If all five runs PASS, you have independently confirmed:

1. The canonical event log replays to byte-identical state_ids at each of five distinct T values.
2. The replay is deterministic — same input, same output.
3. The reconstructed snapshots include the time-travel collections (policy versions, model versions, decisions with lineage).
4. No database. No SCIF. No network. The verifier was a standalone binary reading two local files.

## Honest scope (what v1 does NOT verify)

The 148-hex signature on each event provides a binding commitment, not a recoverable signature. v1 verifies structural integrity (all signatures non-empty, all canonical-form). Full ML-DSA-65 + FALCON-512 + SLH-DSA-128f verification requires a parallel full-signature archive (L9.1 follow-up). When that ships, the same verifier will close the only failing check in the Replay Confidence Score.