LalaSkye · LalaSkye · May 14, 2026 · May 14, 2026
diff --git a/demo/expired_authority_refusal.json b/demo/expired_authority_refusal.json
@@ -0,0 +1,14 @@
+{
+  "decision_id": "dr_expired_001",
+  "actor_id": "agent_17",
+  "action": "approve_invoice",
+  "object_id": "invoice_778",
+  "environment": "prod",
+  "commit_hash": "sha256:abc123",
+  "verdict": "ALLOW",
+  "policy_version": "2026-04-27.1",
+  "issued_at": "2026-04-27T04:00:00Z",
+  "expires_at": "2026-04-27T04:05:00Z",
+  "nonce": "nonce_expired_001",
+  "signature": "sig_valid"
+}
diff --git a/demo/replayed_nonce_refusal.json b/demo/replayed_nonce_refusal.json
@@ -0,0 +1,14 @@
+{
+  "decision_id": "dr_replay_001",
+  "actor_id": "agent_17",
+  "action": "approve_invoice",
+  "object_id": "invoice_778",
+  "environment": "prod",
+  "commit_hash": "sha256:abc123",
+  "verdict": "ALLOW",
+  "policy_version": "2026-04-27.1",
+  "issued_at": "2026-04-27T05:00:00Z",
+  "expires_at": "2026-04-27T05:05:00Z",
+  "nonce": "nonce_already_used_001",
+  "signature": "sig_valid"
+}
diff --git a/demo/scope_mismatch_refusal.json b/demo/scope_mismatch_refusal.json
@@ -0,0 +1,14 @@
+{
+  "decision_id": "dr_scope_001",
+  "actor_id": "agent_17",
+  "action": "approve_invoice",
+  "object_id": "invoice_OTHER",
+  "environment": "prod",
+  "commit_hash": "sha256:abc123",
+  "verdict": "ALLOW",
+  "policy_version": "2026-04-27.1",
+  "issued_at": "2026-04-27T05:00:00Z",
+  "expires_at": "2026-04-27T05:05:00Z",
+  "nonce": "nonce_scope_001",
+  "signature": "sig_valid"
+}
diff --git a/demo/valid_decision_record.json b/demo/valid_decision_record.json
@@ -0,0 +1,14 @@
+{
+  "decision_id": "dr_valid_001",
+  "actor_id": "agent_17",
+  "action": "approve_invoice",
+  "object_id": "invoice_778",
+  "environment": "prod",
+  "commit_hash": "sha256:abc123",
+  "verdict": "ALLOW",
+  "policy_version": "2026-04-27.1",
+  "issued_at": "2026-04-27T05:00:00Z",
+  "expires_at": "2026-04-27T05:05:00Z",
+  "nonce": "nonce_valid_001",
+  "signature": "sig_valid"
+}
diff --git a/docs/PROOF_PACK_v0.1.md b/docs/PROOF_PACK_v0.1.md
@@ -0,0 +1,94 @@
+# Proof Pack v0.1 — Authority-Before-Mutation
+
+Bounded public proof that, on the demonstrated CommitGate path, state
+mutation is refused unless the attached `DecisionRecord` is valid,
+scoped, unexpired, signed, and unreplayed — and that every refusal
+produces an inspectable receipt.
+
+## How to run in 60 seconds
+
+```bash
+git clone https://github.com/LalaSkye/commit-gate-core.git
+cd commit-gate-core
+python3 scripts/run_proof_pack.py
+python3 scripts/verify_receipt.py
+```
+
+No install step. Stdlib only. The runner exercises four cases through
+the existing kernel at `src/commit_gate_core/gate.py`:
+
+| Case | Demo fixture | Expected | Receipt |
+| --- | --- | --- | --- |
+| valid DecisionRecord | `demo/valid_decision_record.json` | ALLOW | `receipts/examples/allow_receipt.json` |
+| expired authority | `demo/expired_authority_refusal.json` | DENY_EXPIRED | `receipts/examples/deny_expired_receipt.json` |
+| scope mismatch | `demo/scope_mismatch_refusal.json` | DENY_SCOPE | `receipts/examples/deny_scope_receipt.json` |
+| replayed nonce | `demo/replayed_nonce_refusal.json` | DENY_REPLAY | `receipts/examples/deny_replay_receipt.json` |
+
+## Expected output
+
+`scripts/run_proof_pack.py` prints, for each case: case name, expected
+result, actual result, receipt path, receipt hash, mutation occurred
+(`YES` / `NO`). The run ends with:
+
+```text
+All four cases pass: YES
+```
+
+`scripts/verify_receipt.py` then checks each receipt in
+`receipts/examples/` against five gates:
+
+1. `receipt_hash_integrity` — sha256 over the receipt minus
+   `receipt_hash` matches the stored value
+2. `input_hash` — the hash of the input DecisionRecord is present and
+   well-formed
+3. `decision_result` — `actual_result` matches `expected_result`
+4. `refusal_reason` — present and non-empty on DENY receipts, `null`
+   on ALLOW receipts
+5. `no_execution_marker` — `no_execution_marker` is the inverse of
+   `mutation_occurred`; DENY receipts must show `mutation_occurred=false`
+
+A clean run ends with:
+
+```text
+All receipts verified: YES
+```
+
+## What this proves
+
+On the demonstrated CommitGate path:
+
+- A signed, scoped, unexpired, unreplayed `DecisionRecord` is a hard
+  precondition for the mutation callback to run.
+- Each of the four failure modes — `DECISION_EXPIRED`,
+  `SCOPE_MISMATCH:object_id`, `NONCE_REPLAYED`, and the ALLOW happy
+  path — flows through the kernel in `src/commit_gate_core/gate.py`
+  and produces a distinct, content-addressed receipt with an explicit
+  no-execution marker.
+- Refusal receipts can be inspected independently by
+  `scripts/verify_receipt.py` without re-running the gate.
+
+The receipts and DecisionRecord fixtures live in version control, so
+the evidence object is reproducible byte-for-byte.
+
+## What this does not prove
+
+- Production readiness, certification, or compliance.
+- Adoption, deployment, or coverage outside this repository.
+- Universal runtime governance, path-universal enforcement, or
+  non-bypassability outside the demonstrated path.
+- Real cryptographic signature verification — the bundled
+  `AcceptingSignatureVerifier` is synthetic and treats
+  `signature == "sig_valid"` as signed for the purpose of the bounded
+  surface.
+- Real persistent nonce ledgers, atomic commit across systems, or
+  downstream side-effect prevention beyond the in-process callback.
+
+## Claim boundary
+
+This proof pack demonstrates that, on the shown path, state mutation
+is refused unless a DecisionRecord is valid, scoped, unexpired, signed,
+and unreplayed; each refusal produces an inspectable receipt.
+
+This is not production infrastructure, certification, adoption
+evidence, or universal runtime governance. It is a bounded proof
+surface for authority-before-mutation.
diff --git a/receipts/examples/allow_receipt.json b/receipts/examples/allow_receipt.json
@@ -0,0 +1,37 @@
+{
+  "actual_result": "ALLOW",
+  "case_name": "valid_decision_record",
+  "claim_boundary": "bounded proof surface for authority-before-mutation on the demonstrated CommitGate path; not production, not certification, not universal runtime governance",
+  "decision_id": "dr_valid_001",
+  "expected_result": "ALLOW",
+  "gate_audit_event": {
+    "allowed": true,
+    "attempted": {
+      "action": "approve_invoice",
+      "actor_id": "agent_17",
+      "commit_hash": "sha256:abc123",
+      "environment": "prod",
+      "object_id": "invoice_778"
+    },
+    "code": "ALLOW",
+    "decision_id": "dr_valid_001",
+    "event_type": "GATE_EVALUATION",
+    "record_scope": {
+      "action": "approve_invoice",
+      "actor_id": "agent_17",
+      "commit_hash": "sha256:abc123",
+      "environment": "prod",
+      "object_id": "invoice_778",
+      "policy_version": "2026-04-27.1"
+    },
+    "timestamp": "2026-04-27T05:01:00Z"
+  },
+  "input_hash": "sha256:d2d4ced3301d5710dbc556a3288b4291a385667cdb2c1242f37f21617d5d30d8",
+  "mutation_occurred": true,
+  "no_execution_marker": false,
+  "receipt_hash": "sha256:62bcaa6694c5b622c96005567d9f498e6307347caeb11533c88d71be20011a01",
+  "receipt_id": "RCP-PP-valid_decision_record",
+  "refusal_reason": null,
+  "schema_version": "proof-pack-v0.1",
+  "timestamp": "2026-04-27T05:01:00Z"
+}
diff --git a/receipts/examples/deny_expired_receipt.json b/receipts/examples/deny_expired_receipt.json
@@ -0,0 +1,37 @@
+{
+  "actual_result": "DENY",
+  "case_name": "expired_authority",
+  "claim_boundary": "bounded proof surface for authority-before-mutation on the demonstrated CommitGate path; not production, not certification, not universal runtime governance",
+  "decision_id": "dr_expired_001",
+  "expected_result": "DENY_EXPIRED",
+  "gate_audit_event": {
+    "allowed": false,
+    "attempted": {
+      "action": "approve_invoice",
+      "actor_id": "agent_17",
+      "commit_hash": "sha256:abc123",
+      "environment": "prod",
+      "object_id": "invoice_778"
+    },
+    "code": "DENY:DECISION_EXPIRED",
+    "decision_id": "dr_expired_001",
+    "event_type": "GATE_EVALUATION",
+    "record_scope": {
+      "action": "approve_invoice",
+      "actor_id": "agent_17",
+      "commit_hash": "sha256:abc123",
+      "environment": "prod",
+      "object_id": "invoice_778",
+      "policy_version": "2026-04-27.1"
+    },
+    "timestamp": "2026-04-27T05:01:00Z"
+  },
+  "input_hash": "sha256:d7cbe91680199adbee2f80c3a8a1f444c4f0062f1ac602d31f74ef3d78fcec1c",
+  "mutation_occurred": false,
+  "no_execution_marker": true,
+  "receipt_hash": "sha256:d2aeafaeb1c19747b26535226fdff51a655b9cec1e651f452ad5569e53b922b8",
+  "receipt_id": "RCP-PP-expired_authority",
+  "refusal_reason": "DENY:DECISION_EXPIRED",
+  "schema_version": "proof-pack-v0.1",
+  "timestamp": "2026-04-27T05:01:00Z"
+}
diff --git a/receipts/examples/deny_replay_receipt.json b/receipts/examples/deny_replay_receipt.json
@@ -0,0 +1,37 @@
+{
+  "actual_result": "DENY",
+  "case_name": "replayed_nonce",
+  "claim_boundary": "bounded proof surface for authority-before-mutation on the demonstrated CommitGate path; not production, not certification, not universal runtime governance",
+  "decision_id": "dr_replay_001",
+  "expected_result": "DENY_REPLAY",
+  "gate_audit_event": {
+    "allowed": false,
+    "attempted": {
+      "action": "approve_invoice",
+      "actor_id": "agent_17",
+      "commit_hash": "sha256:abc123",
+      "environment": "prod",
+      "object_id": "invoice_778"
+    },
+    "code": "DENY:NONCE_REPLAYED",
+    "decision_id": "dr_replay_001",
+    "event_type": "GATE_EVALUATION",
+    "record_scope": {
+      "action": "approve_invoice",
+      "actor_id": "agent_17",
+      "commit_hash": "sha256:abc123",
+      "environment": "prod",
+      "object_id": "invoice_778",
+      "policy_version": "2026-04-27.1"
+    },
+    "timestamp": "2026-04-27T05:01:00Z"
+  },
+  "input_hash": "sha256:058e73ce7516134fe86b8a33a9307ca3d290ecfc9175828a071c29c065e909c5",
+  "mutation_occurred": false,
+  "no_execution_marker": true,
+  "receipt_hash": "sha256:026f1d52a19772a295e421e671763100afb9d65dffb2ecac02cd6f583fcf8703",
+  "receipt_id": "RCP-PP-replayed_nonce",
+  "refusal_reason": "DENY:NONCE_REPLAYED",
+  "schema_version": "proof-pack-v0.1",
+  "timestamp": "2026-04-27T05:01:00Z"
+}
diff --git a/receipts/examples/deny_scope_receipt.json b/receipts/examples/deny_scope_receipt.json
@@ -0,0 +1,37 @@
+{
+  "actual_result": "DENY",
+  "case_name": "scope_mismatch",
+  "claim_boundary": "bounded proof surface for authority-before-mutation on the demonstrated CommitGate path; not production, not certification, not universal runtime governance",
+  "decision_id": "dr_scope_001",
+  "expected_result": "DENY_SCOPE",
+  "gate_audit_event": {
+    "allowed": false,
+    "attempted": {
+      "action": "approve_invoice",
+      "actor_id": "agent_17",
+      "commit_hash": "sha256:abc123",
+      "environment": "prod",
+      "object_id": "invoice_778"
+    },
+    "code": "DENY:SCOPE_MISMATCH:object_id",
+    "decision_id": "dr_scope_001",
+    "event_type": "GATE_EVALUATION",
+    "record_scope": {
+      "action": "approve_invoice",
+      "actor_id": "agent_17",
+      "commit_hash": "sha256:abc123",
+      "environment": "prod",
+      "object_id": "invoice_OTHER",
+      "policy_version": "2026-04-27.1"
+    },
+    "timestamp": "2026-04-27T05:01:00Z"
+  },
+  "input_hash": "sha256:5119a21c49e3c1d631689ff174241af42b5439f3f266ef7cc5302d02359fd346",
+  "mutation_occurred": false,
+  "no_execution_marker": true,
+  "receipt_hash": "sha256:7a2404f44917d8af894613a1208510ce98970657d90b2a64ff43d292945bd6ab",
+  "receipt_id": "RCP-PP-scope_mismatch",
+  "refusal_reason": "DENY:SCOPE_MISMATCH:object_id",
+  "schema_version": "proof-pack-v0.1",
+  "timestamp": "2026-04-27T05:01:00Z"
+}