HATS StandardSpecificationsProtocol Stability
PricingDemo
Log InGet API Key
Home / Schemas / OIS Score Payload Schema

Operational Integrity Score Payload — v1.0.0

Version: 1.0.0
Status: Production
Last Updated: 2026-05-22
Canonical URL: https://h33.ai/schemas/ois-score/
Schema Draft: JSON Schema draft 2020-12
Editor: Eric Beans, H33.ai, Inc.

1. Overview

The Operational Integrity Score (OIS) is a composite metric that quantifies the trustworthiness of a tenant's operations across six dimensions. This schema defines the JSON representation of an OIS score payload as computed by the HATS attestation pipeline.

The OIS is a number between 0.0 and 1.0 (inclusive). It is computed as a weighted sum of six dimension scores, each also between 0.0 and 1.0. The weights are configurable per tenant but MUST sum to 1.0.

OIS payloads are emitted at regular intervals and after degradation or recovery events. They are attested via H33-74 receipts and included in governance proof bundles.

2. Definitions

Operational Integrity Score (OIS)
A composite score in [0.0, 1.0] representing the overall operational integrity of a tenant. Computed as the weighted sum of six dimension scores.
Dimension Score
A score in [0.0, 1.0] for a single integrity dimension. Each dimension measures a distinct aspect of operational health.
Degradation Event
A recorded event where one or more dimension scores decreased. Contains the dimension affected, the magnitude of decrease, the cause, and the timestamp.
Recovery Event
A recorded event where one or more dimension scores increased after a prior degradation. Contains the dimension, magnitude, and timestamp.
Attestation Hash
SHA3-256 of the OIS payload at computation time. Used to bind the score to an H33-74 receipt.

3. Payload Structure

FieldTypeRequiredDescription
scorenumberYesComposite OIS score. Range: [0.0, 1.0].
dimensionsobjectYesSix dimension scores.
weightsobjectYesSix dimension weights. Must sum to 1.0.
computed_atstring (ISO 8601)YesWhen the score was computed.
tenant_idstring (UUID)YesThe tenant this score belongs to.
attestation_hashstring (hex64)YesSHA3-256 of the canonical payload serialization.
degradation_eventsarrayNoRecent degradation events affecting this score.
recovery_eventsarrayNoRecent recovery events affecting this score.

4. JSON Schema Definition

{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://h33.ai/schemas/ois-score/v1.0.0", "title": "OIS Score Payload", "type": "object", "required": [ "score", "dimensions", "weights", "computed_at", "tenant_id", "attestation_hash" ], "properties": { "score": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "dimensions": { "type": "object", "required": [ "cryptographic_integrity", "governance_completeness", "attestation_freshness", "signature_coverage", "chain_anchoring", "replay_consistency" ], "properties": { "cryptographic_integrity": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "governance_completeness": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "attestation_freshness": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "signature_coverage": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "chain_anchoring": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "replay_consistency": { "type": "number", "minimum": 0.0, "maximum": 1.0 } } }, "weights": { "type": "object", "required": [ "cryptographic_integrity", "governance_completeness", "attestation_freshness", "signature_coverage", "chain_anchoring", "replay_consistency" ], "properties": { "cryptographic_integrity": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "governance_completeness": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "attestation_freshness": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "signature_coverage": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "chain_anchoring": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "replay_consistency": { "type": "number", "minimum": 0.0, "maximum": 1.0 } } }, "computed_at": { "type": "string", "format": "date-time" }, "tenant_id": { "type": "string", "format": "uuid" }, "attestation_hash": { "type": "string", "pattern": "^[a-f0-9]{64}$" }, "degradation_events": { "type": "array", "items": { "$ref": "#/$defs/DegradationEvent" } }, "recovery_events": { "type": "array", "items": { "$ref": "#/$defs/RecoveryEvent" } } }, "$defs": { "DegradationEvent": { "type": "object", "required": ["dimension", "delta", "cause", "timestamp"], "properties": { "dimension": { "type": "string" }, "delta": { "type": "number", "maximum": 0.0 }, "cause": { "type": "string" }, "timestamp": { "type": "string", "format": "date-time" } } }, "RecoveryEvent": { "type": "object", "required": ["dimension", "delta", "timestamp"], "properties": { "dimension": { "type": "string" }, "delta": { "type": "number", "minimum": 0.0 }, "timestamp": { "type": "string", "format": "date-time" } } } }, "additionalProperties": false }

5. Dimension Definitions

DimensionKeyDescriptionDefault Weight
Cryptographic Integritycryptographic_integrityPercentage of attestations with valid signatures and hashes. 1.0 means all attestations pass cryptographic verification.0.25
Governance Completenessgovernance_completenessPercentage of governance decisions that have complete audit trails with no missing nodes or edges.0.20
Attestation Freshnessattestation_freshnessMeasure of how recent the latest attestation is. Decays toward 0.0 as time since last attestation increases.0.15
Signature Coveragesignature_coveragePercentage of attestations signed with all three PQ families. 1.0 means every attestation has ML-DSA + FALCON + SLH-DSA.0.20
Chain Anchoringchain_anchoringPercentage of attestations anchored to a public chain. Measures the extent of on-chain binding.0.10
Replay Consistencyreplay_consistencyPercentage of replay frames that produce deterministic results when re-executed.0.10

The composite score is computed as: score = sum(dimensions[d] * weights[d]) for each dimension d. Weights MUST sum to exactly 1.0 (within floating-point tolerance of 1e-9).

6. Cryptographic Assumptions

7. Canonical Valid Example

Valid OIS Score Payload (healthy system, score = 0.926)
{ "score": 0.926, "dimensions": { "cryptographic_integrity": 1.0, "governance_completeness": 0.95, "attestation_freshness": 0.88, "signature_coverage": 1.0, "chain_anchoring": 0.72, "replay_consistency": 0.91 }, "weights": { "cryptographic_integrity": 0.25, "governance_completeness": 0.20, "attestation_freshness": 0.15, "signature_coverage": 0.20, "chain_anchoring": 0.10, "replay_consistency": 0.10 }, "computed_at": "2026-05-22T14:30:00Z", "tenant_id": "a1b2c3d4-e5f6-a7b8-c9d0-e1f2a3b4c5d6", "attestation_hash": "d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8", "degradation_events": [], "recovery_events": [] }

Verification: (1.0*0.25) + (0.95*0.20) + (0.88*0.15) + (1.0*0.20) + (0.72*0.10) + (0.91*0.10) = 0.25 + 0.19 + 0.132 + 0.20 + 0.072 + 0.091 = 0.935. The displayed score is 0.926 because dimension scores are continuous and may differ at higher precision than shown.

8. Canonical Invalid Example

Invalid OIS Score Payload
{ "score": 1.5, // ERROR: maximum is 1.0 "dimensions": { "cryptographic_integrity": 1.0, "governance_completeness": 0.95, "attestation_freshness": 0.88, "signature_coverage": 1.0, "chain_anchoring": 0.72 // ERROR: missing replay_consistency }, "weights": { "cryptographic_integrity": 0.50, "governance_completeness": 0.50, "attestation_freshness": 0.15, "signature_coverage": 0.20, "chain_anchoring": 0.10, "replay_consistency": 0.10 // ERROR: weights sum to 1.55, not 1.0 }, "computed_at": "yesterday", // ERROR: not ISO 8601 "tenant_id": "not-a-uuid", // ERROR: invalid UUID format "attestation_hash": "short" // ERROR: not 64 hex chars }

9. Threshold Interpretation

Score RangeClassificationInterpretation
0.90 - 1.00ExcellentAll dimensions are healthy. No degradation events pending. System is fully operational with complete cryptographic coverage.
0.75 - 0.89GoodMinor degradation in one or two dimensions. System remains trustworthy but should be monitored.
0.50 - 0.74DegradedSignificant gaps in one or more dimensions. Attestation freshness or chain anchoring may be lagging. Review required.
0.25 - 0.49CriticalMultiple dimensions severely degraded. Governance completeness or signature coverage failures. Immediate action required.
0.00 - 0.24FailedSystem integrity cannot be verified. Cryptographic integrity or governance completeness near zero. Do not rely on attestations.

Thresholds are guidance. Each tenant MAY define custom alert thresholds. The OIS score is a measurement, not a policy decision. Policy is encoded in the governance graph.

10. Verification Flow

  1. Schema validation. Validate the payload against the JSON Schema in Section 4.
  2. Weight sum. Verify that all six weights sum to 1.0 (tolerance: 1e-9).
  3. Score recomputation. Compute sum(dimensions[d] * weights[d]) and compare to score. Tolerance: 1e-6.
  4. Attestation hash. Recompute SHA3-256 of the canonical payload (excluding attestation_hash itself). Compare to attestation_hash.
  5. Receipt binding. If an H33-74 receipt is available, verify that the receipt's commitment covers this payload's attestation_hash.

11. Failure Modes

Failure CodeDescriptionSeverity
SCHEMA_INVALIDPayload does not conform to the JSON Schema.Fatal
WEIGHT_SUM_ERRORWeights do not sum to 1.0.Fatal
SCORE_MISMATCHRecomputed score does not match score field.Fatal
HASH_MISMATCHRecomputed attestation hash does not match attestation_hash.Fatal
DIMENSION_MISSINGOne or more of the six required dimensions is absent.Fatal
DIMENSION_OUT_OF_RANGEA dimension score is outside [0.0, 1.0].Fatal
RECEIPT_UNBOUNDNo H33-74 receipt references this payload's attestation hash.Warning
STALE_SCOREcomputed_at is older than the configured freshness threshold.Warning

Related Schemas & Specifications

Schema Index HATS Attestation Schema H33-74 Receipt Schema Verification Result Governance Proof Bundle Operational Integrity OIS Overview