# H33 Portability Verifier v0.1.0

The independent canonical replay verifier — the load-bearing object of the
Trustless Decision Attestation category.

> *"H33 issued the attestation. H33 is not required to verify the attestation."*

This release lets a third party — a carrier, an auditor, a regulator, a
PE partner, a CISO — independently confirm that an H33 enterprise bundle
replays to its SACRED state_id without any contact with H33.

## What this release contains

| File | Purpose |
|---|---|
| `h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin` | The verifier binary (macOS Apple Silicon) |
| `h33-verifier-source-v0.1.0.tar.gz` | The exact source tree the binary was built from |
| `release_manifest.json` | All hashes, build environment, capabilities |
| `example-output-claim-84711.json` | What the verifier output looks like — captured against the canonical-continuity-tenant case |
| `README.md` | This file |

## Quick start — verify a shipped enterprise bundle

The three enterprise bundles published at
`https://h33.ai/workspace/portability/bundles/` are the verifier's
canonical fixtures. Anyone can grab one and replay it.

```bash
# 1. Download the Portability Verifier + an enterprise bundle
curl -O https://h33.ai/verifier/v0.1.0/h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin
curl -O https://h33.ai/workspace/portability/bundles/tenant_insurance_claim_44962d9b-25f5-5622-bd9a-98d5580bb8a2_enterprise_bundle.tar.gz

# 2. Confirm the binary's SHA3-256 matches the manifest
python3 -c "import hashlib; print(hashlib.sha3_256(open('h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin','rb').read()).hexdigest())"
# Expected: 4b7e3576b3756f54990853abc418b2473640a521d3541bb8b5dc9b180c194361

# 3. Make the binary executable
chmod +x h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin

# 4. Walk the three-layer extraction the enterprise bundle uses
mkdir work && cd work
tar -xzf ../tenant_insurance_claim_*_enterprise_bundle.tar.gz
tar -xzf cases/claim-84711/submission.tar.gz -C cases/claim-84711/
tar -xzf cases/claim-84711/evidence_package.tar.gz -C cases/claim-84711/

# 5. Run the Portability Verifier
../h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin \
    --events-file cases/claim-84711/events.json \
    --manifest-file cases/claim-84711/manifest.json
```

The verifier prints a structured JSON report. The two load-bearing fields:

- `"overall_pass": true` — the case replays to its SACRED state_id
- `"determination": "PASS — H33 was removed from the process and the organization replayed identically."`

If you see those two, you have just verified the case independently. **You
did not contact H33 at any step.** That is the property the entire
Trustless Decision Attestation category rests on.

## Quick start — verify the source matches the binary

This release is hash-anchored. If you don't trust the published binary,
build your own from source and confirm the SHA3-256 matches.

```bash
# 1. Confirm the source tarball's SHA3-256 matches the manifest
python3 -c "import hashlib; print(hashlib.sha3_256(open('h33-verifier-source-v0.1.0.tar.gz','rb').read()).hexdigest())"
# Expected: 98d4ce874bbace0b7e6fc04ef4d321a4730cbcc4eba252da36a8ecf6c89647a5

# 2. Build from source
tar -xzf h33-verifier-source-v0.1.0.tar.gz
cd scif-backend
cargo build --release --bin h33-independent-canonical-replay

# 3. Confirm your binary's SHA3-256 matches the published binary
python3 -c "import hashlib; print(hashlib.sha3_256(open('target/release/h33-independent-canonical-replay','rb').read()).hexdigest())"
# Should match: 4b7e3576b3756f54990853abc418b2473640a521d3541bb8b5dc9b180c194361
```

**Honest v0.1 caveat:** bit-for-bit reproducibility across machines
requires the same Rust toolchain + the same target triple. The
`build_environment` block in `release_manifest.json` documents the exact
toolchain used. v0.2 will use a containerized deterministic toolchain so
the binary is reproducible byte-for-byte regardless of the building
machine. v0.1 documents the build; v0.2 guarantees it.

## What the Portability Verifier verifies

**Structural replay** — given a canonical event log and a manifest pinning the
expected SACRED state_id, the verifier:

1. Walks the events deterministically through the replay engine
2. Computes the resulting state_id
3. Confirms it matches the expected value byte-identically
4. Performs five structural checks on the resulting snapshot:
   - `policy_version_ref_resolves` — every decision's policy reference points to a registered policy
   - `model_version_ref_resolves` — every decision's model reference points to a registered model
   - `decision_lineage_resolves` — every decision's parent IDs point to earlier decisions
   - `decisions_during_active_authority` — every decision was made while the actor's authority was live
5. Emits a JSON report with `overall_pass` boolean and the `determination` string

With the `--verify-signatures` flag plus signature files, it also performs
per-event PQ signature verification (ML-DSA-65 + FALCON-512 + SLH-DSA-128f).
That is the L9.1 trustless verification path.

## What the Portability Verifier does NOT verify (Q0.5)

> *"The decision owner always remains the decision owner. H33 attests to
> the structure, lineage, authority, replayability, and defensibility of
> the decision. H33 never becomes the decision maker."*

The verifier surfaces structural replay verdicts. It does not — and will
never — surface judgments about whether a decision was:

- Wise
- Correct
- Fair
- Lawful
- Compliant with any specific regulation
- Likely to hold up in court

Those judgments belong to carriers, auditors, regulators, and acquirers.
The verifier provides the substrate; the judgment is theirs.

## What the Portability Verifier does NOT verify yet (v0.2)

- Attestation document signatures (the `tda_v1` JSON format) — lands when
  attestations exist
- Bundle hash anchoring against an attestation — same
- Signer identity for canonical events (Phase F) — out of scope for both
  v0.1 and v0.2; documented honestly

## Two engineering invariants H33 owns for this release (Q0)

Eric LOCKED June 4 2026 verbatim:

> *"H33 bears attestation accuracy + verifier correctness — and nothing else."*

That maps to two and only two commitments:

1. **Attestation accuracy** — every reading H33 publishes in a future
   attestation is a deterministic function of the bundle; no subjective
   field.
2. **Verifier correctness** — this binary is deterministic; same input →
   same output, byte-identically, regardless of who runs it.

This release is the first physical artifact of commitment #2.

## License + provenance

The verifier is open-source under the scif-backend license. The source
tarball is the exact tree the v0.1.0 binary was built from. The binary's
runtime behavior is determined by that source and that source alone.

## Versioning policy

`vMAJOR.MINOR.PATCH`. Format-incompatible verifier upgrades bump MINOR.
Output-affecting bug fixes bump PATCH. Source-changing additions bump
MAJOR.

## Hashes (for the lazy)

```
binary  sha3-256  4b7e3576b3756f54990853abc418b2473640a521d3541bb8b5dc9b180c194361
binary  sha256    3fb0886638dc495b56de765782cbc545c28b56439f61e800f05ed2c6f20b584e
source  sha3-256  98d4ce874bbace0b7e6fc04ef4d321a4730cbcc4eba252da36a8ecf6c89647a5
source  sha256    bfda4425451f890c0a9ca51ee77c60bfc7bbfe85caf3456e4e0d71bb79b4c1fa
```

— H33 Portability Verifier v0.1.0 · 2026-06-04