# [PROOF TITLE] — Production Readiness Proof **Subject:** [one-sentence subject — e.g., First anchored V101 Content Bundle for princ_customer_9] **Date:** YYYY-MM-DD **Determination:** PROVEN IN OPERATION (scope: one customer / one transaction / one boundary) --- > **Strict-wording reminder.** Every H33 proof page MUST hold the same wording discipline: a proof is "proven in operation" for the scope it covers. It is NOT "shipped," NOT "production-ready at scale," NOT "deployed for all customers." Every next customer earns the same proof. Every next surface earns it again. --- ## 01 · Problem > **What was the operational question this proof answers?** > Write 2–3 sentences in customer language. No internal jargon. Imagine a CFO, CISO, or regulator reading it for the first time. The reader should be able to repeat the problem back in their own words after one read. [e.g., "Can a customer's authority to take a regulated action be reconstructed at any later time from independently verifiable evidence, without trusting the platform that recorded it?"] --- ## 02 · Environment > **Where did this proof run?** > List the deployed surfaces involved, the runtime versions, and the credentials used. Everything in this section should be checkable by an external auditor with read-only access. - **API surface:** [host + endpoint + deployed commit SHA] - **Auth surface:** [auth host + deployed commit SHA + active kid] - **Storage / event log:** [DB or store + relevant table / collection] - **Secrets used:** [name + version, never values] - **Client / caller:** [V101 / partner / SDK + version] --- ## 03 · Identity > **Who acted?** > The canonical principal that authorized the operation. Show the JWT claims or equivalent credential payload. Never paste the secret-side material; show only what the receiver could see and verify. ``` sub = princ_customer_ iss = https://auth.h33.ai aud = kid = jti = iat = exp = ``` **Verification path:** any independent party with JWKS at `` can recompute the signing input and verify the signature. --- ## 04 · Authority > **What authority backed this?** > Trace the principal → authority_id → grant → policy chain. Every link must reference a signed canonical event. No "the system says it's allowed" — show the events. - `authority_id`: [auth_…] - Source `grant` event: [signed; signature length = 148 hex] - `granted_by`: [tenant root principal] - `granted_to`: [the acting principal] - `policy_basis`: [pol_…] - Source `policy_register` event: [signed; signature length = 148 hex] --- ## 05 · Replay > **How was the authority reconstructed?** > Document the replay input (event log, replay-until timestamp) and the snapshot output. The reader should be able to recompute the snapshot from the same inputs and get bit-identical results. - **Input:** `events_for(tenant_id)` over `canonical_auth_events` for tenant `` at `t = ` - **Snapshot verdict:** `Valid` - **Active grants:** [list — each entry: authority_id, granted_to, granted_by] - **Determinism note:** same events + same `t` → bit-identical `state_id` across implementations. --- ## 06 · Receipt > **What decision was recorded?** > The Issued Receipt is a fixed data structure that binds: the decision, the authority that backed it, the policy that justified it, the principal that exercised it, the audience it is scoped to, the issuance time, and the bearer's jti. - `decision`: [customer-facing description of what was authorized] - `authority_principal`: [princ_…] - `authority_id`: [auth_…] - `policy_basis`: [pol_…] - `audience`: [substrate-receipts / attestations / anchors] - `issued_at_ms`: [unix ms] - `source_jti`: [from the Bearer] --- ## 07 · Anchor > **How is the receipt cryptographically bound?** > Document the commitment (SHA3-256 of canonical-JSON of the IssuedReceipt), the anchor chain identifier, and the 148-hex `tx_reference`. - `chain`: [h33-substrate-v1 / polygon-zkevm-cardona / …] - `commitment_hex`: [64 hex = SHA3-256(canonical_JSON(receipt))] - `tx_reference`: [148 hex = 32-byte commitment ‖ 42-byte CompactReceipt OR chain-specific tx hash] - `submitted_at_ms`: [unix ms] **Verification path:** anyone with the three substrate public keys (or the relevant chain explorer) can confirm the anchor binds the commitment to the production signing material. --- ## 08 · Result > **What artifact was returned to the caller?** > The caller receives a concrete object. Show its identifier and link it directly. - `bundle_id` / `transfer_id` / `decision_id`: [uuid] - Retrievable at: `GET ` - Persisted by: [V101 / customer service / H33 storage] --- ## 09 · Evidence > **What does an independent third party need to reconstruct this proof?** > List the public artifacts. The acid test: someone with only this list should be able to verify the chain themselves. - JWKS: `https://auth.h33.ai/.well-known/jwks.json` (or relevant issuer) - Bundle / artifact URL: [as above] - Standards reference: `https://h33.ai/standards/` - Substrate public key fingerprints: [SHA3-256 of each pk, first 16 hex] - Markdown source of this report: [link to REPORT.md] - Downloadable PDF: [link to report.pdf] --- ## Commit SHAs | Component | SHA | Subject | |---|---|---| | scif-backend | [SHA] | [subject] | | auth1 / cachee-auth | [SHA] | [subject] | | caller (V101 / partner) | [SHA] | [subject] | --- ## Three claims (the 10-second read) 1. **[Claim 1]** — typically "identity can be mapped to authority" for the simplest proofs. 2. **[Claim 2]** — typically "authority can be replayed from canonical history." 3. **[Claim 3]** — typically "evidence can be independently reconstructed." > Replace these as appropriate for the specific proof. For example, "first regulator replay" might claim: (1) a regulator can pin a moment in time, (2) the platform can reconstruct authority state at that moment, (3) the reconstruction is bit-identical to the platform's internal record. --- ## Known limitations (brutally honest) > List every gap, every shortcut, every "this works but isn't ideal." A proof that hides limitations is not a proof. Limitations stay visible. They're how the next proof gets earned. 1. [limitation] 2. [limitation] 3. [limitation] --- ## Readiness determination > **PROVEN IN OPERATION** for [explicit scope]. [2-3 sentence summary of what this proof unlocks and what it does NOT unlock.] --- *Issued by H33, Inc. — [Author], [Title]. Independently reconstructable from public artifacts listed in Section 09.*