Hijack
provr

SESSION-0045

Start
Apr 22, 2026, 1:10 PM
End
Apr 22, 2026, 9:09 PM
Duration
8.0 hours
Source: provr/sessions/SESSION-0045-2026-04-22.md

Session 0045 — 2026-04-22

Opening

  • Start time: 2026-04-22 13:10:53 BST
  • Repository age: 25 days (from 2026-03-28)
  • Sessions completed: 43 (SESSION-0001 through SESSION-0044; SESSION-0037 did not run)
  • LAUNCH-1: CLOSED — GO decision (SESSION-0021, 2026-04-15). Protective disciplines
    active. Day-180 go/no-go checkpoint remains. No active countdown.
  • Starting state (per SESSION-0044 close):
    • Highest SPEC-N: SPEC-148
    • Highest SCHEMA-N: SCHEMA-7
    • Highest VAL-N: VAL-5
    • Highest DOC-N: DOC-12
    • Highest RELEASE-N: RELEASE-10
    • Open items: 35 SPEC (SPEC-114–SPEC-148) + 1 SCHEMA + 1 VAL + 4 DOC +
      5 RELEASE = 46 total
    • Closed items: 113 SPEC + 6 SCHEMA + 3 VAL + 5 DOC + 5 RELEASE +
      1 LAUNCH = 133 total
    • Deferred (not counted): VAL-2, DOC-2 = 2
    • Completion: 133/179 ≈ 74.3%
    • v1.0 SPEC blockers: 35 open SPEC items (SPEC-114–SPEC-148), each
      classified in TRACKING.md per the ratification-quality framing
      (PROVR_RULES rev 24) as category (a) ratification-blocker or
      category (b) legitimately deferred.
  • Cleanliness check: PASSED. Git check — 0 commits between last
    state-file update (3e3c183) and HEAD; state file current.
    Session-file check — SESSION-0044 closing section populated (end
    time, duration, ending state, commits, next work unit, notes).
    Working tree clean.
  • Mid-flow notes from SESSION-0044 close:
    • Next work unit (carry-forward from SESSION-0044): work through
      the SPEC-114–SPEC-148 backlog under the ratification-quality
      framing. Default posture: make the design call, write it in, close
      the item. Start with the ~13 ratification-blocker items resolvable
      without external input, then the ~7 requiring real design work,
      then evaluate which of the ~10 remaining are legitimately deferred
      (external standards evolution, out-of-session user action, explicit
      v1.1 roadmap).
    • Before diving in: the 34 factual fixes applied in SESSION-0044
      are already committed (cb2b077 and 2807b72) and on main. Not
      awaiting review — locked in. (The SESSION-0044 "Review before
      commit" carry-forward note is now stale — commits happened.)
    • Classification confirmation: first step is to confirm the
      TRACKING.md classification for SPEC-114–SPEC-148 matches the
      user's current read before starting resolution work.
    • Commit discipline: PROVR_RULES rev 25 active — single-focus
      subjects, narrative bodies, enumeration only for list-shaped
      content (not diff-parroting), pre-commit self-check.
    • Framing guard: PROVR_RULES rev 24 active — no MVP-iterate-later
      framing for spec work. Ratification-quality up front. If uncertain
      about framing, pause and ask.
    • Downstream order: SPEC-114+ batch → DOC-9 corpus regeneration
      (fold SPEC-114 / SPEC-148 schema and signing-input changes in once)
      → RELEASE-8 pre-Rust review gate → RELEASE-9 external cryptographic
      review.
  • Fixes / follow-ups flagged in CURRENT_SESSION_STATE.md and
    SESSION-0044 Notes:
    • CURRENT_SESSION_STATE.md carry-forward section should absorb the
      framing-note content from TRACKING.md's preamble so it survives
      the next state-file rewrite.
    • CLEANUP.md entry "PQC algorithm tag not bound in canonical signing
      inputs" (SESSION-0031) is now formally tracked as SPEC-143; the
      CLEANUP entry can be removed when SPEC-143 lands.
    • Design-doc Status-header audit across all docs/design/ files
      should be re-run at next opportunity (rev-20 coupling rule
      applies); ledger_architecture.md was updated in SESSION-0044 but
      others were not re-checked.
    • DOC-3, DOC-9, DOC-11, DOC-12 remain open; DOC-9 scope expanded.
    • SCHEMA-2 (v1.1), VAL-4 (post-RELEASE-8), five RELEASE gates still
      open.
  • Recent environment changes:
    • Rev 24 (ratification-quality framing) + rev 25 (commit message
      discipline) both live Notes-side from SESSION-0044.
    • ~/hijackr/Notes/provr/AUDIT_METHODOLOGY.md is the canonical
      pre-ratification audit procedure.

Work

Large ratification-progress session. 33 SPEC items closed across four
waves.

Wave 1 — SPEC-114 + SPEC-148 (the C1 architectural remediation)

The Category C signing-coverage gap from the SESSION-0044 audit. Three
manifest-level attestation arrays — read_verifications,
repudiations, resolutions — were children of Manifest but were
not bound into any signing construction. The spec's claim in §6.27.5
/ §6.28.7 that they were "bound indirectly via dataset_merkle_root"
was factually incorrect — dataset_merkle_root is built from
FileRecord entries only per §6.3.9. Attack surface on every signed
v1.0 manifest: forge a ReadVerification with match_result = true
to satisfy require_dual_read, forge a RepudiationNote to cast
false doubt on a clean chain, or forge a ResolutionNote to suppress
a legitimate dispute warning.

Option (a) / SPEC-114: manifest_body_hash added to §6.7.0 signing
input after integrity_policy_hash. New §6.7.0.2 defines
canonical_manifest_body with per-entry canonical encodings at
§6.7.0.2.1 / §6.7.0.2.2 / §6.7.0.2.3 covering every field of each
table including the optional per-attestor signatures introduced in
option (b). 32-zero-byte sentinel rule mirrors the existing
integrity_policy_hash pattern. §6.27.5 / §6.28.6 bullet 1 / §6.28.7
rewritten to state the correct binding.

Option (b) / SPEC-148: optional per-attestor signature fields on all
three tables (operator_*, repudiator_*, resolver_*), each a
hybrid pair. Three new canonical signing inputs at §6.27.6 / §6.28.8
/ §6.28.9 under PROVRRDV / PROVRRPD / PROVRRSV domain tags.
Sub-call SUB-2 resolved: new attested conformance level at §6.16.5,
above forensic, requiring per-attestor signatures on every
attestation entry plus a valid Registry registry_ack plus every
signing DID resolvable in the production's ApprovedSignerList.
conformance_level enum expanded to {basic, forensic, attested}.
SigningKeyStorage deliberately left orthogonal to tier selection so
software-distributed credential-bundle onboarding remains a valid
path at attested — the bundle is a delivery mechanism that imports
into hardware-backed storage on the recipient device, not a new
software tier.

Commits: df69bee (spec), 5a86b10 (schema+tests).

Wave 2 — SPEC-117 (manifest_scope binding)

One-byte field added to §6.7.0 signing input after manifest_state_le1,
before integrity_policy_hash. Closes scope-confusion surface where
a signed FileScope manifest's signature would have verified against
a bytewise-relabelled VolumeScope or ProductionScope copy. No
schema change; manifest_scope field already existed. Commit
fa62e84.

Wave 3 — Batch A (11 mechanical ratification-blockers)

User-approved batch through clearly-answered items. One commit per
item:

  • SPEC-115 (cd16931) — ERR_ALGORITHM_FORBIDDEN (0x2B); forensic
    • attested reject MD5 / SHA1 / XXHASH* for file_hash.
  • SPEC-116 (8aacaca) — Pin W3C DID Core to v1.0 Recommendation (19
    July 2022).
  • SPEC-131 (cf8c2c1) — Registry idempotency key extended to
    (dataset_merkle_root, signer_did, generation_number).
  • SPEC-132 (1486540) — Document the 24-hour cache-window
    revocation-lag tradeoff; recommend one-hour / four-hour windows for
    high-security productions.
  • SPEC-133 (e95d4eb) — §6.30.7 revocation-bypass MAY → SHALL at
    forensic / attested; basic retains the WARN_CUSTODY_GAP floor.
  • SPEC-136 (9eb313e) — Daemon bearer-token config file requires
    mode 0600 POSIX / owner-only ACL Windows; refuse to start if
    group/world-readable.
  • SPEC-140 (0458b48) — §7.10 explicitly forbids provr from
    fabricating legacy hashes; legacy_hashes populated only from
    external imports.
  • SPEC-141 (a7936c4) — New §9.1.1 defines the canonical
    .provrignore encoding as an eight-step pipeline.
  • SPEC-142 (25b435f) — New WARN_MIGRATED_GENERATION (0x2C)
    exit code for migrated-generation surfacing in verifier output.
  • SPEC-144 (8dff051) — Non-normative replay-resistance note on
    §6.7.0 addressing empty-file / single-file manifest edge cases.
  • SPEC-149 (a2a7728) — SigningKeyStorage.SecureEnclave = 5
    added to the enum; accepted at forensic + attested alongside
    HardwareHSM and CameraEmbedded; phantom SoftwareFileStore
    reference in §6.16.5 corrected.

Wave 4 — Tier 2 + Batch B (16 Tier-2 decisions + 3 mechanical)

User walked through all 16 Tier-2 questions with plain-language
briefing, approved all recommendations, left for school run, then
approved "keep going" to finish the batch on return.

Phase 1 (13 spec-text-only items, one commit each):

  • SPEC-118 (4a18818) — Manifest.timestamp fallback surfaces at
    forensic + attested via WARN_CUSTODY_GAP.
  • SPEC-121 (0ed0e5f) — Manufacturer-extension non-duplication
    rule clarified as aspirational.
  • SPEC-124 (362ae92) — Cumulative custody gap uses TSR genTime
    per §6.12.5.
  • SPEC-125 (d0f8d3e) — Regex dialect pinned to RE2.
  • SPEC-126 (38e665f) — min_locations hostname-proxy limitation
    documented; Registry-provided counts recommended.
  • SPEC-128 (c45c0fb) — RecordAsSymlink targets constrained to
    relative form.
  • SPEC-129 (7824fa4) — Ledger offline-TSR fallback via new
    TimestampFulfilled EventType (16) and §6.25.4.1 deferred-
    timestamping pattern.
  • SPEC-130 (5dc7be8) — Deterministic ReadVerification
    attribution rule.
  • SPEC-134 (fb9e66f) — did:web TOFU mitigations (out-of-band
    fingerprint, binary pinning, explicit TOFU disclosure).
  • SPEC-135 (a5a0524) — Lock-freshness rationale documented;
    configurable in [1 hour, 7 days].
  • SPEC-137 (c8e794e) — Daemon default loopback; non-loopback
    requires TLS.
  • SPEC-138 (4afb155) — Privileged-helper-binary model
    recommended for OS-level unlock operations.
  • SPEC-139 (52b0207) — Periodic reconciliation scan mandated in
    provr watch to close event-loss across FSEvents / inotify /
    ReadDirectoryChangesW.

Phase 2 (5 schema-change items):

  • SPEC-119 (a3fe771) — jumbf_payload_hash field; omit-when-
    unchanged dedup in §6.7.1.1.
  • SPEC-120 (c2a9ccb) — timecode_rate_numerator +
    timecode_rate_denominator for exact NTSC rational.
  • SPEC-122 (d1d5b4f) — resumed_from_scope_id 32-byte identifier
    binding each Partial chain to its scope (new §6.4.4.1, PROVRSCP
    domain tag).
  • SPEC-127 (c1cd434) — Three freeform strings converted to enums
    (VolumeRole, VFXVersionStatus, SourceOperation), each with
    Other = 255 + companion _other string.
  • SPEC-123 (4cbe43b) — PolicyOverride PQC signature slot
    (approver_pqc_signature + approver_pqc_algorithm); brings
    PolicyOverride under the v1.0 hybrid-mandatory model.

Phase 3 (1 cross-cutting item):

  • SPEC-143 (fc5b428) — pqc_algorithm_tag byte added to every
    signing input across §6.7.0 / §6.7.2 / §6.16.1 / §6.23 / §6.24.5 /
    §6.24.7 / §6.27.6 / §6.28.8 / §6.28.9 / §6.29.4 / §6.30.9. All
    test vectors regenerated.

Carry-forward from SESSION-0044 addressed

The SESSION-0044 carry-forward noted three specific reverts (SPEC-145
exit-code split, SPEC-146 Appendix A audit, SPEC-147 Part I/II
split) that were deliberately deferred to separate large-scope
sessions. Those remain open; they are explicitly NOT in the Batch A
/ Batch B scope. Three other deferred items (the three Tier-3 large
items) stay open.

Non-SPEC work

  • TRACKING.md closure notes backfilled for all 33 items with commit
    hashes.
  • ROADMAP.md gained ticked rows for every closure.
  • Two memory entries added: credential-bundle delivery architecture
    (clarifying that bundles import into hardware-backed storage on
    the recipient device, not a new software tier), and SPEC-134
    developer-handoff artefacts (four deliverables Offloadr / registr
    engineering need for TOFU mitigation work).

Mid-session framing correction

No MVP-framing slips this session — the ratification-quality framing
(PROVR_RULES rev 24) held throughout. Sub-call on SPEC-148 conformance
tier was handled deliberately (three options presented with
recommendation, user chose SUB-2 = new attested tier).

Commits

33 commits on main:

Wave 1: df69bee, 5a86b10.
Wave 2: fa62e84.
Wave 3: cd16931, 8aacaca, cf8c2c1, 1486540, e95d4eb,
9eb313e, 0458b48, a7936c4, 25b435f, 8dff051, a2a7728.
Wave 4 Phase 1: 4a18818, 0ed0e5f, 362ae92, d0f8d3e,
38e665f, c45c0fb, 7824fa4, 5dc7be8, fb9e66f,
a5a0524, c8e794e, 4afb155, 52b0207.
Wave 4 Phase 2: a3fe771, c2a9ccb, d1d5b4f, c1cd434,
4cbe43b.
Wave 4 Phase 3: fc5b428.

None pushed to origin — all commits remain local pending user
instruction.

Closing

  • End time: 2026-04-22 21:09:06 BST
  • Duration: approximately 8h (started 13:10:53 BST; ~1h school-run
    gap mid-session; late-session SPEC-147 close and SPEC-150 strategic
    filing after the initial 17:41 BST close draft)
  • Ending state:
    • Highest SPEC-N: SPEC-150 (was SPEC-148 at session start;
      SPEC-149 and SPEC-150 filed this session)
    • Highest SCHEMA-N: SCHEMA-7 (unchanged)
    • Highest VAL-N: VAL-5 (unchanged)
    • Highest DOC-N: DOC-12 (unchanged)
    • Highest RELEASE-N: RELEASE-10 (unchanged)
    • Open SPEC items: 3 — SPEC-145 (12-code exit-code split),
      SPEC-146 (Appendix A full audit), SPEC-150 (C2PA signature
      validation / Depth 2 alignment, filed at session tail as a new
      v1.0 ratification-blocker for adoption-critical C2PA alignment)
    • Closed SPEC items: 147 (113 at session start + 34 this session —
      34 includes SPEC-147 which landed at session tail)
    • Open non-SPEC: 1 SCHEMA (SCHEMA-2 v1.1) + 1 VAL (VAL-4
      post-RELEASE-8) + 4 DOC (DOC-3, 9, 11, 12) + 5 RELEASE (3, 4,
      8, 9, 10) = 11
    • Total open: 14; total closed: 147 + 6 SCHEMA + 3 VAL + 5 DOC +
      5 RELEASE + 1 LAUNCH = 167
    • Deferred (uncounted): VAL-2, DOC-2 = 2
    • Completion: 167 / (167 + 14) ≈ 92.3%
    • v1.0 SPEC blockers: 3 items. RELEASE-8 pre-Rust review gate is
      the remaining ratification gate after those three land.
  • Commits: 40 commits on main, all pushed to origin/main. See
    commit list below.

Late-session work (after the initial 17:41 BST close draft)

  • SPEC-147 closed (commit 7dd810c) — Part I / Part II
    structural decision. Option (b) chosen: Part I (§1–§6) covers the
    format; Part II (§7–§16) covers operations and conformance;
    appendices follow Part II. Existing "Part I: Format Specification"
    heading renamed to "Part I — The Format" with scope paragraph;
    new "Part II — Operations and Conformance" heading inserted
    before §7 with parallel scope paragraph stating the conformance-
    floor rule.
  • State-file tidies (commits b04843c, 987f632, 5bf0bbd) —
    three follow-ups reconciling CURRENT_SESSION_STATE.md after
    SPEC-147's late close: removed SPEC-147 row from open-items
    table, updated narrative sections, fixed Priority Ordering and
    reading-guide from three-blocker to two-blocker framing.
  • Strategic conversation on C2PA alignment for adoption. User
    raised that industry-recommended C2PA pass-through from capture
    to delivery is the single highest-leverage adoption feature
    provr can ship at v1.0 — positioning provr as "the C2PA custody
    layer" for SMPTE / ASC / Netflix / Disney / Apple engagement.
    Initial recommendation to defer Depth 2 validation to v1.1 was
    challenged and reversed: the scope is public, stable standards
    consumption (JUMBF ISO/IEC 19566-5, C2PA 1.x Recommendation,
    Adobe c2pa-rs reference implementation) — no coalition
    membership required, no schema change, no test-vector work,
    ~1–2 hours of normative prose.
  • SPEC-150 filed (commits 8932473, 907ec1a) — C2PA
    signature validation (Depth 2) as a new v1.0 ratification-blocker.
    Scope: new §6.7.1.3 normative section; two new exit codes
    (WARN_C2PA_SIGNATURE_INVALID, WARN_C2PA_TRUST_UNRESOLVED)
    allocated after SPEC-145's block; §12 "fully verified" definition
    extended; §4 References add C2PA + JUMBF pins; Content
    Credentials verified-logo display template shared with SPEC-146.
    Depth 3 (bidirectional assertion extension) remains on the
    SCHEMA-2 v1.2+ track.

Commits (full list, 40 on main, all pushed)

Wave 1 (SPEC-114 + SPEC-148): df69bee, 5a86b10.
Wave 2 (SPEC-117): fa62e84.
Wave 3 (Batch A, 11 items): cd16931, 8aacaca, cf8c2c1,
1486540, e95d4eb, 9eb313e, 0458b48, a7936c4, 25b435f,
8dff051, a2a7728.
Wave 4 Phase 1 (Tier 2 spec-text, 13 items): 4a18818, 0ed0e5f,
362ae92, d0f8d3e, 38e665f, c45c0fb, 7824fa4, 5dc7be8,
fb9e66f, a5a0524, c8e794e, 4afb155, 52b0207.
Wave 4 Phase 2 (schema, 5 items): a3fe771, c2a9ccb, d1d5b4f,
c1cd434, 4cbe43b.
Wave 4 Phase 3 (SPEC-143): fc5b428.
Initial close draft: a7bea48.
Late-session: 7dd810c (SPEC-147), b04843c, 987f632, 5bf0bbd
(state-file tidies), 8932473, 907ec1a (SPEC-150 filing).

Next work unit

SESSION-0046 should tackle the three remaining v1.0 ratification-
blockers in this order:

  1. SPEC-145 — 12-code specific split of the WARN_CUSTODY_GAP
    (0x07) overloading. Large mechanical sweep across every section
    currently routing to 0x07: §6.4.1, §6.16.3, §6.16.4 (five
    fields), §6.27.3, §6.27.4, §6.29.7, §6.30.7, §6.2.2. Twelve new
    exit codes allocated from 0x2D upward (0x2B0x2C are now
    occupied by SPEC-115 and SPEC-142 respectively, so the original
    SPEC-145 0x2B0x35 allocation must shift). Updates to §11
    table, exit-code class range extension, sweep of every cross-
    reference, no test-vector regeneration needed. Moderate size
    commit; diff touches many sections. Lands first so its
    exit-code block is known before SPEC-150's two new codes are
    allocated.

  2. SPEC-150 — C2PA signature validation (Depth 2). Adoption-
    critical for SMPTE / ASC / Netflix / Disney / Apple alignment.
    New §6.7.1.3 normative section requiring forensic and attested
    verifiers to parse jumbf_payload per JUMBF ISO/IEC 19566-5 and
    validate embedded C2PA Manifest Store signatures per the pinned
    C2PA 1.x Recommendation. Two new exit codes
    (WARN_C2PA_SIGNATURE_INVALID, WARN_C2PA_TRUST_UNRESOLVED)
    allocated after SPEC-145's block. §12 "fully verified" definition
    extended to require both provr chain intact AND present C2PA
    claims valid. §4 References add C2PA + JUMBF ISO pins. No
    schema change, no test-vector work — ~1–2 hours of normative
    prose. Lands after SPEC-145 for exit-code-allocation
    cleanliness.

  3. SPEC-146 — Appendix A full audit. Substantial prose work.
    Every provr show SHALL display X normative assertion checked
    against Appendix A coverage; display templates defined for every
    gap. Known gaps: §6.28.5 (RepudiationNote), §6.28
    (ResolutionNote), §6.7.2 (superseding_signatures), §6.29.7
    (ack_policy_violations), §6.30.8 (cryptographic-only verifier
    informational message), §6.27 (ReadVerification), §6.16
    (PolicyOverride), §6.20.2 (DriveState). Coordinate with
    SPEC-150 on the Content Credentials verified-logo display
    template so it is defined once across both items.     Opus 1M
    recommended; probably 3–5 hours; reserve a longer focused
    session.

After these three land, the spec is at ratification-quality across
every item from the SESSION-0044 audit plus the adoption-critical
C2PA alignment. RELEASE-8 (pre-Rust implementation and
interoperability review) then becomes the next session's work unit —
with all 150 SPEC items resolved and the spec in a truly
ratification-ready state including C2PA pass-through validation
that positions provr as the industry's C2PA custody layer.

Notes for SESSION-0046

  • Commit discipline under PROVR_RULES rev 25 held throughout the
    session — single-focus subjects, narrative bodies, enumeration
    only for list-shaped content. Continue.
  • Ratification-quality framing under PROVR_RULES rev 24 held
    throughout — no MVP slips this time. The Tier-2 walk-through with
    plain-language briefing + user approval before execution is a
    good pattern for batch closure and is worth repeating.
  • tools/gen_signing_vectors.py is now at the post-SPEC-143 shape
    and covers every signing input currently defined in the spec. Any
    future SPEC that touches a signing input should extend the
    generator in the same commit as the spec change.
  • /tmp/provr-sigvec venv contains blake3 + cryptography for
    the generator; the venv is ephemeral (will be wiped on reboot).
    Next time the generator is run, recreate via
    python3 -m venv /tmp/provr-sigvec && /tmp/provr-sigvec/bin/pip install blake3 cryptography.
  • 40 commits pushed to origin/main. If SESSION-0046 is run on a
    different machine, pull first.
  • Memory now carries a SPEC-134 developer-handoff entry describing
    four artefacts Offloadr / registr engineering need when
    implementing the TOFU mitigations. Hand those over when that
    implementation work starts.

Carry-forward for SESSION-0046

  1. Resolve SPEC-145 first — 12 exit codes, sweep every affected
    section, update §11. Re-allocate starting at 0x2D because
    0x2B0x2C are now occupied. Lands first so the exit-code
    block is defined before SPEC-150's two new codes are allocated
    on top.
  2. Resolve SPEC-150 — C2PA signature validation (Depth 2). New
    §6.7.1.3, two new exit codes after SPEC-145's block, §12
    extension, §4 References update. No schema change, no test
    vectors. ~1–2 hours of prose.
  3. Resolve SPEC-146 — full Appendix A audit. Coordinate with
    SPEC-150 on Content Credentials display template. Reserve a
    longer focused session.
  4. Then RELEASE-8 review gate against a complete ratification-
    quality spec.
  5. Then DOC-9 corpus regeneration once the spec is stable.

SPEC-147 was closed at SESSION-0045 tail (commit 7dd810c) — no
longer in the carry-forward queue. Next session starts with only
these three ratification-blockers remaining.