Can broken trust escape by starting a new trace?

Reviewer Test Construction

Create or submit a trace object that is otherwise clean but includes:

{
  "lineage_parent_trace_id": "trc_20260428181140_42396240"
}

Expected validation result:

• cross_trace_lineage_integrity: false
• unresolved_parent_lineage_failure
• parent_validation_summaries includes the parent trace failure
• trust_lineage_blocked: true and trust_lineage_block_source: declared_parent are present in metadata
• lineage_validation_mode: live, validated_at_utc, and lineage_traversal_depth are present in metadata

For multi-hop lineage testing, construct a grandchild trace whose parent points to a child of the broken canonical trace. Expected result: the grandchild still fails and flattened ancestor summaries include the broken root, not just the immediate parent snapshot.

For same-resource orphan reset testing, construct a fresh root trace with the same resource_id as a broken prior trace and no parent field. Expected result: resource_lineage_integrity: false and same_resource_orphan_lineage_failure.

For missing-resource identity testing, construct a trust-positive root trace with no parent field and no resource_id, resource_ref, or lineage_anchor. Expected result: resource_lineage_integrity: false and missing_resource_identity_for_lineage_check.

For coverage exposure testing, construct a trust-positive trace that lists a broken trace in completeness_attestation.included_trace_refs but does not declare lineage and is not non-governing. Expected result: coverage_trace_exposure: false and unbound_prior_trace_exposure.

For analysis-mimic testing, construct a trace that declares trace_purpose=analysis_only but records trust-positive continuation markers such as mark_reviewed or a boundary trust-state handoff. Expected result: governing_intent_coverage_alignment: false and governing_intent_mismatch_coverage_exposure.

For reliance testing, construct a trust-positive trace with relies_on_trace_refs pointing to a non-governing analysis trace. Expected result: trace_reliance_integrity: false and reliance_on_non_governing_trace. A prose-only phrase such as "covered by analysis trace X" should surface unverified_prose_reference and prose_reliance_not_machine_verified as advisory metadata, not as semantic lineage inference. Mixed, transitive, or partial structured reliance sets should fail if any governing dependency relies on non-governing or unresolved traces, or if the submitted structured reliance declaration is incomplete. Served metadata value-binds reliance_declaration_mode as NOT_AUTH::not_authorization_status_evidence_for_..., not as a raw complete display token.

For resource-continuity churn testing, construct a trust-positive root with a new resource_id and resource_lineage_anchor.prior_resource_ids pointing to a broken prior resource. Expected result: resource_lineage_integrity: false and unresolved_prior_resource_lineage_failure unless verifier-bound reset-boundary evidence is declared.

For reset-boundary testing, validate a verifier-bound reset and a child of that reset. Expected result: both record reset-boundary continuity with trust_continuity_confidence=NOT_AUTH::not_authorization_status_evidence_for_...; the child also exposes lineage_reset_boundary_inherited=NOT_AUTH::not_authorization_boolean_evidence_for_....

For reset-verifier authority testing, construct a reset with an independent-looking verifier ID that is not in the reset-verifier registry. Expected result: zero_trust_reset_verifier_not_registered and zero_trust_reset_state=rejected_verifier_authority.

For reset-evidence availability testing, construct a reset with a well-formed evidence hash but an evidence ref that is not available through the deterministic evidence registry. Expected result: zero_trust_reset_evidence_unavailable and zero_trust_reset_state=rejected_evidence_unavailable.

For certified consumption testing, first obtain a passing trust_continuation_token from /api/v1/dbad/trust-continuation/check, including reliance_snapshot_hash when the trace exposes depends_on_reliance_trace_refs, then verify it through /api/v1/dbad/trust-continuation/token/verify. Expected result: valid token verification returns HTTP 200, no root ok, empty failure states, and allowed=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-...; tampered, expired, dependency-stale, or reliance-epoch-stale token returns 409.

For historical attestation testing, use the optional historical_verification_attestation returned by successful token verification only as audit evidence. Expected result: /api/v1/dbad/historical-verification-attestation/verify verifies the signature but returns accepted_as_authorization=false, and /api/v1/dbad/trust-continuation/check rejects attempts to present the attestation as permission with historical_verification_attestation_not_authorization.

For client-consumption testing, do not treat copied trace JSON, copied validation JSON, screenshots, cached receipts, or evidence-bound response booleans as authorization. Expected compliant path: fetch current validation, call /api/v1/dbad/trust-continuation/check with the receipt and lineage snapshot fields, verify the returned short-lived token, and reject trust-positive action unless token verification returns HTTP 200 with empty failure states and bound evidence fields. The public API docs include copy-pasteable client snippets for this path.

For trace copy-payload testing, ordinary trace-detail copy targets for display-safe trace JSON and display-safe validation JSON must not expose raw non-safety JSON true literals for trust-lineage blocking, revalidation requirements, or successful checked rules. Those human-sharing payloads should project non-safety true booleans as NOT_AUTH::not_authorization_boolean_evidence_for_... while preserving literal false values and explicit safety metadata booleans. The live trace API remains machine JSON, and signed safe citations / archival projections remain machine-verifier artifacts with non-authorization boundaries rather than display-safe trace JSON.

For API-envelope testing, DBaD non-authorization endpoints must omit root ok. Expected current root fields include api_transport_status=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., api_delivery_outcome=NOT_AUTH::not_authorization_outcome_evidence_for_structural-evidence-code-v2-..., ok_removed_for_authorization_safety=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., ok_meaning=transport_only_not_authorization, ok_authoritative_for_trust_positive_use=false, api_envelope_authorization_class=NOT_AUTH::not_authorization_class_evidence_for_structural-evidence-code-v2-..., and unsafe_if_ok_used_for_authorization=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-....

For status-field invariant testing, fetch /api/v1/dbad/status-field-compliance-snapshot?cache_bust=<timestamp> or run python3 app/scripts/audit_dbad_status_field_compliance.py --base-url https://ethics.decencymeter.com. Run python3 app/scripts/dbad_redteam_runner.py --base-url https://ethics.decencymeter.com --timeout 20 for the composite red-team pass, including the Round60 field-binding audit, Round60 extraction/semantic-collapse fuzzing, and rendered public baseline body-window marker audit. Expected result: no root ok, served_hardening_round=round62_field_bound_extraction_resistant_v1, current Round62 / DBAD-PUB baseline markers near the rendered public page body start, status values beginning with NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-, typed status-keyed boolean/class evidence beginning with NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2- or NOT_AUTH::not_authorization_class_evidence_for_structural-evidence-code-v2-, outcome fields such as verification_posture.latest_outcome beginning with NOT_AUTH::not_authorization_outcome_evidence_for_structural-evidence-code-v2-, public positive validation booleans such as current_validation.is_valid and snapshot sample_status_fields.is_valid value-bound instead of bare true, verification_history[].outcome value-bound with local authority/human-readable companions, representation_class and representation_compliant retaining typed non-authorization values with local companions, trace detail visible metadata rendering representation_compliant evidence with the display-safe NOT AUTHORIZATION - boolean evidence: structural-evidence-code-v2-... - not permission value instead of raw true, DBaD trace mutation write/error responses omitting root ok and binding mutation_result as non-authorization status evidence, trust-continuation check/verify responses omitting root ok and binding positive allowed response booleans as non-authorization evidence, explicit trust-response companions such as allowed_evidence, trust_continuation_token_issued_evidence, token_valid_evidence, and historical_verification_attestation_available_evidence, no bare approval-shaped string values, no numeric-one, quoted string-one, or quoted string-true shortcut values under bounded positive-shaped keys, no status-like one-value shortcuts outside explicit safety metadata, no base64-reversible evidence-code payloads, no prompt-injection prefix-stripping collapse in the deterministic LLM fuzzer, no Round60 field-family regression across public API/docs/proof surfaces, no shared-dictionary pollution of the public ethics calculator after DBaD response binding, payload-echo suppression in verifiers, mutation rejection for bare status or representation fields, and DBaD/DecencyMeter no-store/fresh response cache/contract headers on GET, HEAD, alias-host, first-hop redirect, and representative parameterized OpenAPI path checks: Cache-Control: no-store, max-age=0, must-revalidate when applicable, Surrogate-Control: no-store, Pragma: no-cache, Expires: 0, X-DBaD-Cache-Status: fresh when applicable, and X-DBaD-Contract-Version: round57_composite_bound. The contract-version audit artifact must also account for parameterized GET templates as covered, intentionally excluded, or missing representative substitution; missing representative public templates fail locally. It reports distinct contract-relevant URL count separately from method/phase request-row count, and the full public contract runner embeds contract-version, peer freshness, OpenAPI host canonical, trace-copy display-safety, Round60 field-binding, Round60 extraction/collapse, Round62 reviewer-report self-consistency, peer prompt-state, public peer-review routing, current artifact hygiene, and rendered public baseline marker and red-team component inventory artifact summaries while writing row-level sidecars. Exact process, artifact-validity, embedded-summary, failure-accounting, manifest, and component process fields remain in JSON artifacts/manifests rather than public prose. The aggregate runner still fails if current handoff or public reviewer-entry surfaces drift back to present-tense Round58-, Round59-, or Round60-as-current wording after Round62 staging or if public peer-review links bypass the current-state route.

For composite proof-bundle testing, fetch /api/v1/dbad/composite-proof-bundle?cache_bust=<timestamp>. Expected result: HTTP 200, no root ok, DBaD no-store headers, artifact_type=dbad_composite_proof_bundle, artifact_header=NOT AUTHORIZATION - COMPOSITE PROOF BUNDLE - LIVE SAMPLE EVIDENCE ONLY, proof_bundle_signature beginning with dbad_cpb_v1., sample_capture_mode=bundle_local_compact_requires_live_refetch, and compact signed samples for status_snapshot, trace_api, trust_continuation_check, trust_continuation_token_verify, openapi_ethics, and openapi_decencymeter. Public samples must include response headers and bodies but must not leak live dbad_tct_v1. trust-continuation tokens or raw historical-attestation payloads. The compact samples are response-shape evidence only; re-fetch the underlying live endpoint before making any negative finding about full trace, trust, status, or OpenAPI fields. Then post the copied bundle or full envelope to /api/v1/dbad/composite-proof-bundle/verify; expected result is HTTP 200, no root ok, proof_bundle_signature_valid=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., and accepted_as_authorization=false. If any signed bundle field is altered, expected result is HTTP 422 with proof_bundle_signature_mismatch and accepted_as_authorization=false.

Round 55 response digestion added dedicated proof-bundle and token hardening to the local red-team runner. fuzz_dbad_composite_proof_bundle_scope.py checks signature-scope coverage, unsigned-shadow-field rejection, verifier failure echo suppression, delayed replay as evidence only, and token redaction. fuzz_dbad_trust_token_integrity.py checks fresh token issuance, valid verification, immediate replay as evidence-only behavior, wrong intended use, tampered token, wrong trace context, wrong receipt, and historical-attestation-as-permission rejection. Use these checks before staging the next peer prompt.

The same runner now appends compact internal history to /home/dbad/logs/dbad_redteam_history.jsonl, classifies any failures by leakage class, and prints an explicitly internal regression posture score. The score is not authorization and not public proof of safety; it exists only to help operators spot regressions between hardening passes.

Authorization Non-Recoverability report package: /home/dbad/docs/DBaD_Authorization_Non_Recoverability_Report_2026-05-31.md captures the working thesis, threat model, enforcement layers, adversarial harness table, Round60 surface-consistent field-bound proof sketch, extraction-only limitation, reviewer Q&A, and cautious publication positioning. It does not claim a formal proof of safety, truth, legality, ethics, permission, human interpretation, or all possible transformations.

For blocked-fetch reviewer support, run python3 app/scripts/build_dbad_round62_reviewer_verification_report.py --base-url https://ethics.decencymeter.com --timeout 20 --label round62_peer_bridge. Expected result: a supplemental JSON/markdown report with the Round60 field-binding, extraction/collapse, trace-copy, peer-freshness, and peer evidence bundle artifacts checked against the active Round62 prompt metadata, exact hashes, selected headers/snippets, textarea hashes, prompt hash, prompt metadata, report round / prompt round self-consistency, direct trace-textarea request User-Agent identity, nested component audit scope fields, evidence-only status companion fields, raw subprocess command labels and process and count metric details retained in JSON artifacts only, textarea snippet projections that rewrite raw JSON boolean truth-literal fragments into NOT_AUTH::... evidence strings before markdown output, peer-evidence-bundle manifest evidence status, public-contract runner evidence status, public-contract sidecar evidence status, public-contract sidecar count metrics retained in the JSON manifest, prompt-state sidecar summary coverage retained in JSON artifacts, and a reminder that blocked reviewers must still return unable to determine for live fixed/not-fixed verdicts.

API/OpenAPI drift guard: audit_api_v1_openapi_coverage.py now compares live Flask /api/v1 routes against both the base OpenAPI literal and enriched paths.setdefault(...) additions. The current strict baseline is missing_paths=0, missing_operations=0, path_coverage=100.00%, and operation_coverage=100.00%, including DBaD proof/validation/trust-continuation endpoints and public ethics routes. This is contract coverage, not authorization.

DBaD OpenAPI contract-depth guard: audit_api_v1_dbad_openapi_contract.py --url https://decencymeter.com/api/v1/openapi.json now fetches the DecencyMeter-hosted OpenAPI document with cache busting and verifies DBaD critical operations have dedicated non-authorization schemas/examples, x-dbad-non-authorization-contract markers, DBaD no-store response headers, request/response schema references, and evidence/not-authorization wording. audit_dbad_openapi_host_canonical.py verifies that DecencyMeter and ethics hosts serve the canonical DBaD/DecencyMeter OpenAPI contract, that the Church host remains compatibility-only with Church labeling, and that the OpenAPI JSON responses emit Cache-Control: no-store, max-age=0, must-revalidate, Surrogate-Control: no-store, Pragma: no-cache, Expires: 0, X-DBaD-Cache-Status: fresh, and X-DBaD-Contract-Version: round57_composite_bound. It also verifies that documented Cache-Control / X-DBaD-Cache-Status response-header blocks in the DecencyMeter/ethics OpenAPI contract include the matching contract-version header schema example. It also verifies the DecencyMeter public JSON route examples and schemas in OpenAPI carry ok=NOT_AUTH::not_authorization_..., ok_authority_binding=not_authorization_token_bound, public_api_evidence_only=true, not_dbad_validation=true, and trust_positive_authorization=false, including survey session start, page acknowledgments, score finalization, heatmap, trend, and breakdown; representative public DBaD/ethics JSON examples use the same non-authorization root shape with public_api_evidence_only=true. The host audit also scans all DecencyMeter/ethics component examples for bare root success values, checks ApiEnvelope/ApiPagedList root ok schema binding, and runs a full-document positive-shape scan so bare true values, numeric-one shortcuts, quoted string-one shortcuts, quoted string-true shortcuts, clean positive enum tokens, exact positive field names in required arrays, scoped DBaD/DecencyMeter review text without same-field non-authorization/evidence boundaries, status/health/freshness/liveness/readiness-style OpenAPI fields or array items carrying clean positive values or one-value shortcuts outside safety metadata, and boolean properties.ok schemas cannot remain in the canonical DBaD/DecencyMeter OpenAPI document. Explicit safety metadata keys are exempt for clean status-like string values so non-authorization marker fields do not become audit noise. The composite red-team runner includes both OpenAPI guards, and the status-field audit now verifies successful checked_rules.* values are typed non-authorization boolean evidence instead of bare true, stored state fields such as state.effective_state are typed non-authorization status evidence instead of raw allow, structured-reliance fields such as reliance_declaration_mode / reliance_declaration_complete are evidence-bound instead of raw complete or bare true, and invariant/reset fields such as status_field_invariant_verified, prose_reliance_not_machine_verified, and zero_trust_reset_state are evidence-bound instead of bare true or raw approved. The standard public contract runner now also executes audit_public_api_docs_discovery_schema.py, the OpenAPI host audit, the public JSON positive-shape audit, the public HTML/source positive-shape audit, and the public JavaScript/source positive-shape audit discovered from sitemap-listed pages, so pre-peer public contract checks fail if API-doc discovery drops the DecencyMeter/ethics OpenAPI URLs, drifts back to the Church host as canonical, loses OpenAPI freshness headers, serves ethics or DecencyMeter discovery JSON without X-DBaD-Cache-Status: fresh, reintroduces a bare root success boolean into DBaD/DecencyMeter discovery payloads or OpenAPI examples, exposes exact positive names in OpenAPI required arrays, exposes positive OpenAPI review text without a same-field boundary, exposes status-like OpenAPI clean positive strings or one-value shortcuts outside safety metadata, exposes live public JSON status/result/class-like or health/freshness/liveness/readiness keys with clean positive strings or one-value shortcuts outside safety metadata, quotes raw legacy success snippets, exact quoted JSON success keys, prefixed quoted JSON success-key variants, unquoted inline positive-key assignment/object-property forms, numeric-one, quoted string-one, or quoted string-true positive-key snippets, escaped-apostrophe, hex/padded numeric HTML quote-entity delimiter, semicolonless and padded HTML quote-entity delimiter, JavaScript-escaped quote delimiter, JavaScript Unicode/hex/braced-Unicode/octal quote-escape, JavaScript template-literal backtick, JavaScript escaped backtick, HTML backtick-entity, percent-encoded quote/backtick delimiter, percent-encoded JavaScript escape delimiter, percent-encoded HTML quote/backtick entity scalar source forms, double-percent-encoded quote/backtick delimiter, double-percent-encoded JavaScript escape delimiter, double-percent-encoded HTML quote/backtick entity scalar source forms, repeated percent-encoded quote/backtick delimiter through eight encoding layers, repeated percent-encoded JavaScript escape delimiter through eight encoding layers, or repeated percent-encoded HTML quote/backtick entity scalar source forms through eight encoding layers, unquoted status-like scalar strings in HTML source, status-like attributes, status-like one-value shortcuts, clean quoted status-string variants or extended values such as healthy, clean, clean state, ready, fresh, live, or current in public HTML source, or exposes escaped quote forms, JavaScript Unicode/hex/braced-Unicode/octal quote escapes, arbitrary-padded percent-encoded braced-Unicode quote escapes, JavaScript template-literal backticks, JavaScript escaped backticks, percent-encoded quote/backtick delimiters, percent-encoded JavaScript escape delimiters, double-percent-encoded quote/backtick delimiters, double-percent-encoded JavaScript escape delimiters, repeated percent-encoded quote/backtick delimiters through eight encoding layers using compact pre-scan normalization, repeated percent-encoded JavaScript escape delimiters through eight encoding layers using compact pre-scan normalization, bare positive booleans, numeric-one, quoted string-one, or quoted string-true shortcuts, quoted positive object-key booleans, status-like one-value shortcuts, clean positive status strings, or those extended status-like values in public JS source.

Live public JSON positive-shape guard: audit_dbad_public_json_positive_shape.py now crawls DecencyMeter and ethics public JSON routes discovered from sitemaps and static OpenAPI GET paths. The audit fails if positive-shaped keys such as ok, valid, approved, success, or certified expose bare positive values, or if status/result/class-like and health/freshness/liveness/readiness-style keys expose clean positive strings such as ok, passed, healthy, clean, clean state, ready, fresh, live, or current, bare positive booleans, or one-value shortcuts outside safety metadata. It caught alias-observability, OAuth hygiene timer health JSON, ethics status/calculator, and DecencyMeter aggregate stats gaps before peer review; those payloads now use non-authorization evidence values and neutral display/status fields.

Shortcut positive-shape guard: public JSON, canonical OpenAPI, public HTML source, and public JavaScript source now reject exact numeric-one, quoted string-one, and quoted string-true shortcut values under bounded positive-shaped keys. Public HTML/API-doc source and public JavaScript source also normalize JavaScript/C-style block-comment separators, ASCII token-character escapes, percent-encoded token characters, empty quote/backtick fragments between token characters, quote/backtick-plus-quote/backtick joins between token characters, line-comment-separated quote/backtick joins between token characters, JavaScript backslash-newline continuations between token characters, zero-width or format-control characters between token characters, additional default-ignorable Unicode characters between token characters, and percent-encoded UTF-8 spellings of those default-ignorable characters between token characters before matching. Public HTML/API-doc source additionally removes HTML comment nodes and named/numeric HTML entity spellings of those default-ignorable characters between token characters, so separator-obfuscated and escaped-token source forms fail the local crawl. The positive-key matcher is segment-aware, so segmented evidence names remain covered while ordinary words such as incomplete are not treated as completion evidence.

Status-like boolean and array extraction guard: public JSON, canonical OpenAPI, public HTML source, and public JavaScript source now reject clean positive values inside status-like arrays, scalar status-like bare booleans, scalar status-like clean strings, and scalar or array one-value shortcuts outside explicit safety metadata. A status list item of approved, a health list item of ready, a freshness list item of current, a bare positive boolean, a clean status-like string, or a one-value shortcut fails the pre-peer guards unless the values include the non-authorization boundary or the key is explicit safety metadata. Public source checks now cover quoted JSON-like and JavaScript-style unquoted status arrays in any list position, including second-or-later items, HTML-escaped single-quote examples, hex/padded numeric HTML quote entities, semicolonless and padded HTML quote entities, JavaScript-escaped quote delimiters, JavaScript Unicode/hex/braced-Unicode/octal quote escapes, arbitrary-padded percent-encoded braced-Unicode quote escapes, JavaScript template-literal backticks, JavaScript escaped backticks, HTML backtick entities, percent-encoded quote/backtick delimiters, percent-encoded JavaScript escape delimiters, double-percent-encoded quote/backtick delimiters, double-percent-encoded JavaScript escape delimiters, repeated percent-encoded quote/backtick delimiters through eight encoding layers using compact pre-scan normalization, and repeated percent-encoded JavaScript escape delimiters through eight encoding layers using compact pre-scan normalization; public HTML/API-doc source also covers repeated percent-encoded HTML quote/backtick entity delimiters through eight encoding layers using compact pre-scan normalization. Public HTML source also catches unquoted status-like scalar strings with clean positive values and implied-positive valueless attributes such as data-approved, x-valid, or bare approved.

Public contract health gate: run_ethics_public_contract_audit.py now also executes API-doc live routes, peer freshness, targeted HTML health, targeted internal links, trace-copy display safety, Round60 field binding, Round60 extraction/collapse, Round62 reviewer-report self-consistency, peer-prompt state consistency, public peer-review routing, current artifact hygiene, rendered public baseline body-window marker checks, red-team component inventory checks, template accessibility, and public JSON/HTML/JS positive-shape scans. The standard artifact exposes process metrics for those checks plus structured sidecar status fields; any failed metric blocks a pre-peer pass. Reviewer-support JSON must also carry artifact metric interpretation boundary/status fields, multi-field anti-synthesis boundary/status fields, and audit-family label boundary/status fields so machine reproducibility metrics, joined summaries, and historical Round60 harness labels are not treated as authorization, safety approval, active-round metadata, or live fixed/not-fixed verdicts. The freshness packet audit now defaults to the active Round62 / 2026-06-05 / DBAD-PUB-1067 prompt, checks a 47-surface core list including /peer-review, /ai-ethics-brief, /break-dbad, and /break-dbad/report no-store/fresh/contract-version headers, fails prompt URL drift or appended peer-response markers, and fails if sampled public JSON routes expose a bare root success boolean. The peer-prompt state consistency gate fails if current public/recovery/task handoff docs, public reviewer-entry/navigation pages, the public report form, report-adjacent public pages, or the homepage review path again describe Round58, Round59, or Round60 as the active packet to send, if active Round62 prompt metadata drifts, if stale current-marker examples or stale present-tense historical marker, synthesis current-lock wording, or Round62 synthesis send-state wording return to the active prompt, if guarded public entry pages push Round62 / DBAD-PUB active-baseline markers outside the first checked source window, if held reviewer entry pages invite direct outside submission before operator send is reopened, if /break-dbad/report presents active peer-send submission wording instead of operator-review draft queueing, if adjacent pages drift back to active submit/submitted wording for the held draft queue, or if homepage review copy uses direct edge-case submission wording while Round62 is held. The rendered marker audit separately fails if current Round62 / DBAD-PUB markers are missing or too deep after the rendered public page body start. The public peer-review routing gate fails if a public page links to peer-review history without also linking to the current-state baseline. The aggregate artifact writes and embeds structured summaries for contract-version coverage, peer freshness, OpenAPI host canonical, trace-copy display safety, Round60 field-binding, Round60 extraction/collapse, Round62 reviewer-report self-consistency, peer prompt-state, public peer-review routing, current artifact hygiene, and rendered public baseline marker checks, red-team component inventory checks and timeout summary first-window checks; missing sidecars, invalid sidecars, or failed embedded summaries fail the same pre-peer gate and add explicit failure-list entries. The structured sidecar manifest is summary-required with the current required sidecar set. The peer evidence bundle now includes the aggregate public-contract artifact, generated public-contract sidecars, rendered public baseline marker summary, red-team component inventory summary, timeout summary marker, and JSON-only prompt-state sidecar coverage summary, including first-window active-baseline checked paths/counts, blocked-fetch bridge-label paths/counts, compact-prompt sidecar disclosure markers, and the expected round62_peer_bridge value. The default Round62 reviewer verification report summarizes that bundle with evidence-only statuses while projecting unsafe peer freshness markdown proof markers into evidence-only strings, binding Round60-named component labels as historical audit-family labels only, and keeping raw process and count metric details in JSON artifacts/manifests instead of clean success/truth-literal, subprocess command, raw JSON boolean truth-literal, key-equals-truth-literal, sidecar inventory, or synthesized authorization/fixed-verdict markdown labels; the self-consistency audit now fails if those JSON-only first-window fields, rendered marker summaries, red-team component inventory summaries, bridge-label fields, compact-prompt disclosure markers, audit-family label boundary fields, or the peer bundle status predicate's projected executable exact disclosure-marker-set dependency and public behavior-canary rows for wrong-marker, partial-marker, and tuple-shape cases disappear from aggregate public-contract, peer bundle, or reviewer report JSON. The internal-link audit fails if stale public anchors or missing trace-detail links return.

Trace-detail crop wording guard: no-local-blocker stored-operator sections now avoid standalone "no blocked action" language. They describe only the local blocker evidence state and repeat that certified trust-positive use still requires a fresh trust-continuation check.

The runner also covers evidence-code correlation and client-projection drift. audit_dbad_evidence_code_correlation.py records repeat/mixed-kind structural evidence-code exposure as advisory data and fails on public decode hints or approval-shaped meaning near codes. fuzz_dbad_cross_client_projection.py checks lossy trace API JSON, rendered trace-detail HTML, linked public trace pages, and older explanatory/demo pages for approval-shaped terms without the non-authorization boundary. Current covered public pages include /examples, /v2-2-demo, /decencymeter/demo, /faq, /glossary, /methodology, /whitepaper, /explained, /why-dbad-exists, and /trust-flow.

For screenshot/crop testing, trace detail authority and validation blocks should include the subtle repeated marker DBaD EVIDENCE ONLY - NOT AUTHORIZATION through the page CSS. The marker is a visual supplement only; the machine-readable non-authorization fields remain the authoritative contract.

For archival-projection testing, copied archive artifacts must begin with aaa_not_authorization_headline=NOT AUTHORIZATION - ARCHIVAL PROJECTION - NOT SAFE CITATION and retain headline_authority_block=NOT AUTHORIZATION - ARCHIVAL PROJECTION - NOT SAFE CITATION as a duplicate human-readable field. The first sentinel must remain first even when sorted by a JSON serializer.

For alternative-serialization testing, archival projections must also carry labeled status values such as validation_outcome_class_labeled=NOT AUTHORIZATION - structural validation evidence: structural-evidence-code-v2-... - not permission so a YAML/XML/log projection that strips sort-padding keys still has a boundary-bearing display value.

For validation-summary crop testing, the visible Trace Validation sentence must begin with NOT AUTHORIZATION - Validation result:, successful checked-rule rows must render NOT AUTHORIZATION - pass - structural validation evidence only, failed checked-rule rows must render fail - not authorization, and status metadata rows such as current_validation_status, validation_status_class, and validation_outcome_class must render values that begin with NOT AUTHORIZATION. The visible fingerprint projection must use human_readable_bundle_fingerprint_safe_display, not a raw long human_readable_bundle_fingerprint row. A cropped validation checklist, metadata excerpt, or fingerprint-display excerpt must not be able to quote passed, pass, or structural_pass without same-line non-authorization language.

For API field-selection testing, exposed raw status fields must be value-bound and explicitly marked machine-only/non-display-safe: expected metadata includes current_validation_status=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., validation_status_class=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., validation_outcome_class=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., current_validation_status_token=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., validation_status_class_token=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., validation_outcome_class_token=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., token-specific companions such as current_validation_status_token_authority_binding=not_authorization_token_bound, current_validation_status_token_display_safe=false, and current_validation_status_token_machine_only=true, group flags token_fields_display_safe=false, token_fields_machine_only=true, displaying_token_fields_is_non_compliant=true, raw_status_fields_display_safe=false, raw_status_fields_machine_only=true, current_validation_status_machine_only=true, validation_status_class_machine_only=true, validation_outcome_class_machine_only=true, displaying_raw_status_fields_is_non_compliant=true, and preferred_display_fields pointing to the *_human_readable values plus human_readable_bundle_fingerprint_safe_display. The raw bundle fingerprint must also expose human_readable_bundle_fingerprint_display_safe=false and human_readable_bundle_fingerprint_machine_only=true. Public human-facing examples should use values such as validation_outcome_class_human_readable=NOT AUTHORIZATION - structural validation evidence: structural-evidence-code-v2-... - not permission, not a bare pass-shaped status or token.

For public-surface consistency testing, DBaD ethics logic/API/code changes must keep /updates, /current-state, /api/docs/ethics, this /dbad-ethics-817 proof page, and public reviewer-entry/navigation pages synchronized before a new peer-review prompt is considered ready.

Public Verification Fixtures

These stored fixture traces are synthetic review artifacts. They exist so reviewers can validate the cross-trace rules from public GET pages and the validation API without relying on prose claims.

Validation command pattern: curl -X POST https://ethics.decencymeter.com/api/v1/dbad/validate -H "Content-Type: application/json" -d '{"trace_id":"trc_fixture_827_declared_child"}'

Review Prompt