H33
Evidence Cases/{{case_id}}·auto-generated
Trustless Submission Status · Phase C
Package Integrity
Independent Replay
{{sig_verdict_mark}} Signature Verification {{sig_verdict_note}}
Evidence Package Included
Responsibility Chain Present
Lineage Present
Vendor Independence
Verdict{{submission_verdict}}
A regulator should never need to understand H33 to verify H33 evidence. The verdict above answers one question: can I trust this package? Drill into findings + raw evidence below — see [ Findings ] · [ Verifier runbook ].
Regulator workflow · the four steps
  1. 1Open submissionsubmission.tar.gz · 8 files including the embedded evidence package
  2. 2Verify packageRun h33-independent-canonical-replay — confirm state_id byte-identical
  3. 3Review findingsfinding_report.json — the assertion the regulator is investigating, with evidence_refs
  4. 4Drill into evidenceWalk decision/asset/loss/claim lineage from the canonical event log
{{case_cover_label}}
{{headline_question}}

{{case_title}}

Investigation type{{case_type_label}}·Primary buyer{{case_buyer}}
{{case_cover_fields}}
Binder Tabs · click to drill in
Tab 1
Verify evidence
Verified ≠ True
Tab 2
Show decision lineage
What happened, in causal order
Tab 3
Show responsibility chain
Responsibility ≠ Liability
Tab 4
Show asset lineage
Asset ≠ Responsibility
Tab 5
Show model influence
Influence ≠ Causation
Tab 6
Reproduce decision
Reproducibility ≠ Justification
Tab 7
Show reality gaps
Policy ≠ Reality
Tab 8
Export evidence package
Institutional Memory ≠ Legal Truth
Tab 9 · Phase C
Review findings
What the evidence demonstrates
Tab 10 · Phase C
If H33 disappears mid-review
Package still verifies. Without us.
Tab 11 · Showcase
Ask The Evidence
Natural-language queries over signed evidence
Three Confidence Scores · honest, not aspirational
Reconstruction Confidence
{{reconstruction_pct}} / 100
Verification Confidence
{{verif_label}}{{verif_sublabel}}
Reproducibility Confidence
{{reproducibility_pct}} / 100
About this case

{{about_paragraph}}

{{inherited_risk_panel}}
Tab 1 · Verify evidence

Verify the evidence — independently, without H33

Replay at target T produces state_id {{state_id}} byte-identically. Confirm by running the verifier binary against the exported package (see Tab 8).

state_id at T{{state_id}}
Replay verdictValid
Replay confidence{{reconstruction_pct}} / 100
Verification confidence{{verif_label}} · {{verif_sublabel}}
Verified ≠ True.Verification proves integrity. Not correctness.
Tab 2 · Show decision lineage

Decision lineage — what happened, in causal order

{{decision_lines}}
Lineage shows what happened, not whether it was right.
Tab 3 · Show responsibility chain

Responsibility chain — bound at decision time

Chain on the primary decision ({{primary_decision_id}}):

{{responsibility_rows}}
Responsibility ≠ Liability.Naming a principal in the chain establishes a structural role at decision time; liability is a court / regulator determination.
Tab 4 · Show asset lineage

Asset lineage — Asset → Decisions → Loss → Claim

{{asset_lines}}
Asset ≠ Responsibility.The walk shows what touched the asset. Ownership is a legal status; responsibility is structural fact.
Tab 5 · Show model influence

Model influence — why the model produced the score it produced

{{model_influence}}
Influence ≠ Causation.The chain establishes that the model's score depended on these features; it does NOT establish that those were the right features or that the threshold was fair.
Tab 6 · Reproduce decision

Reproduce decision — measured confidence, not aspirational

Reproducibility confidence: {{reproducibility_pct}} / 100. Five components × 20 points each. See #167 Decision Reproducibility for the rubric.

Reproducibility ≠ Justification.The chain runs again the same way. That's not the same as saying it should have.
Tab 7 · Show reality gaps

Reality gaps — what changed without authorization?

{{gap_panel}}
Policy ≠ Reality.The report names structural disagreements between policy and recorded reality. It does NOT name fault, intent, or correctness.
Tab 8 · Export evidence package

Export the evidence package — and verify it without H33

The evidence package bundles the canonical event log, the case summary, and a verification runbook. No H33 access required at any step.

events.jsonThe signed canonical AuthEvent log for this tenant
manifest.jsontenant_id · tenant_root · target T · expected state_id · expected verdict
public_keys.jsonPer-principal PQ public-key bundles (L9.1; empty for pre-L9.1 cases)
signatures.jsonPer-event full PQ signature archive (L9.1; empty for pre-L9.1 cases)
case_summary.jsonThree-confidence scores at export time + case metadata
verifier_runbook.mdStep-by-step runbook for independent verification
How to verify independently (regulator runbook)
  1. Download the evidence package (button below).
  2. Build the verifier: cargo build --release --bin h33-independent-canonical-replay from the open-source scif-backend repo.
  3. Extract the tarball, then run: 
    h33-independent-canonical-replay \
    --events-file events.json \
    --manifest-file manifest.json \
    --verbose
  4. Confirm the binary's reported state_id matches {{state_id}}.
  5. For cases under L9.1, add --public-keys-file public_keys.json --signatures-file signatures.json --verify-signatures. Pre-L9.1 cases (verification = Not Applicable) skip this step.
⬇ Download submission.tar.gz ({{submission_label}}) · the canonical Phase C artifact · 8 entries including the embedded evidence_package.tar.gz
⬇ Or download evidence-package.tar.gz alone ({{tarball_label}}) — the component, not the full submission
Phase C submission carries 8 entries: case_summary · verification_report · reconstruction_report · lineage_report · responsibility_report · finding_report · evidence_package.tar.gz · verifier_runbook. The submission is what a regulator opens; the evidence package is the substrate it cites.
Institutional Memory ≠ Legal Truth.The package preserves structural memory. Legal truth — verdicts, judgments, damages — remains the courts' determination.
Findings · what the evidence demonstrates

Findings — not raw evidence, the assertions the evidence supports

Regulators investigate FINDINGS — not raw evidence. Each finding below carries a claim, the evidence that supports it, the responsibility chain it implicates, the lineage it walks, and a status (open / investigating / substantiated / dismissed).

{{findings_html}}
Asset ≠ Responsibility. Responsibility ≠ Liability. A finding's status is structural — what the evidence demonstrates — not a legal verdict. Liability is determined by courts and regulators.
Killer demo · the package was already in your possession

What happens if H33 disappears before you finish reviewing?

Imagine: this submission was delivered to your office. You begin review. Mid-review, H33 disappears — vendor failure, dissolution, sanctions, supply-chain compromise, whatever. The reviewing regulator has no live H33 channel, no support phone, no auth endpoint. The package on disk is all that remains.

  1. Package still verifies.
    h33-independent-canonical-replay is a standalone binary built from the open-source scif-backend repo. No DB. No SCIF. No network. The reported state_id matches {{state_id}} byte-identically.
  2. Responsibility still reconstructs.
    responsibility_report.json was derived from canonical events and ships inside submission.tar.gz. The chain at decision time is permanently recoverable.
  3. Lineage still reconstructs.
    lineage_report.json walks Decision → Asset → Loss → Claim directly on the events. Reproducible without any vendor surface.
  4. Verdict still reproducible.
    finding_report.json carries the claim + evidence_refs + responsibility_refs + lineage_refs. Every reference walks back to a signed canonical event in the embedded package.
Distinct from #12 (vendor dies) and #184 (customer dies) — here the package was already in the regulator's possession when H33 disappeared, and the entire review still completes. The category claim Phase C earns: a regulator can consume H33 evidence without H33.
Tab 11 · Ask The Evidence · showcase

Ask The Evidence — natural-language queries over signed evidence

The search architecture that ties the corpus together: Ask The Evidence → Search Twin → Replay Engine.

ask> Who approved this?
→ Look in responsibility_chain.approving_authority on the primary decision.
ask> Who could have approved this?
→ Filter active_grants at decision T by the required capability.
ask> What policy governed this?
→ Decision.policy_version_ref. Amendments after-the-fact don't apply.
ask> What changed after approval?
→ Walk the event timeline post-decision: PolicyAmend, ModelRegister, Loss, Claim, Consequence, Dissolution.
ask> Who retained responsibility?
→ Decision.responsibility_chain — recorded at decision time, permanently recoverable.
ask> Were there reality gaps?
→ show_reality_gap_report(tenant) returns the four-class breakdown (Shadow Authority / Undocumented Delegation / Policy Bypass / Responsibility Drift).
ask> What evidence survives?
→ The canonical event log. Replayable byte-identically without H33 and without the dissolved firm.
Ask The Evidence is a translator. The verifier is the truth.The LLM never decides authority / responsibility / verification — those come from replay and signed indexes.
The honest-limit pattern that runs the whole corpus
Institutional Memory Legal Truth. Influence Causation. Reproducibility Justification. Verified True. Policy Reality. Asset Responsibility. Responsibility Liability.
Page generated by h33-evidence-case-generator from case_descriptor.json. Reproducible: same descriptor + same database state = same case file.