docs(proof-debt): add canonical AXIOM: annotations to SafetyLemmas.idr#163
Merged
Merged
Conversation
Apply the estate Trusted-Base Reduction Policy (standards#203) inline annotation convention to the 5 class-(J) believe_me sites in src/abi/Boj/SafetyLemmas.idr. Each previously had a prose "Axiomatic:" doc-comment which is informative but not picked up by the canonical scripts/check-trusted-base.sh grep (standards#211) — that script recognises TRUSTED: / AXIOM: / OWED: keywords. Updates: - 5 doc-comments on charEqSound / charEqSym / unpackLength / appendLengthSum / substrLengthBound get an AXIOM: header line citing docs/proof-debt.md §(c) and the per-primitive docs/backend-assurance/ file. boj-server now satisfies BOTH halves of the check (inline + docs/proof-debt.md enumeration), making it the fully canonical reference implementation cited in standards#203 §"Precedent". - Module-header summary updated from "Five axiomatic believe_me" to "Five AXIOM-tagged believe_me primitives ... disposition-§(c) NECESSARY-AXIOM" so it matches the policy vocabulary. - PROOF-NEEDS.md gets a header note cross-linking docs/proof-debt.md (strategic-goals doc ↔ schema-conformant per-repo index) per the standards#213 seed pattern. Marker inventory unchanged: 5 markers, all §(c) NECESSARY AXIOM, all externally validated via docs/backend-assurance/. docs/proof-debt.md (landed in PR#161) already enumerates them and remains the source of truth. Refs: hyperpolymath/standards#203, hyperpolymath/standards#211, #161 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
🔍 Hypatia Security ScanFindings: 151 issues detected
View findings[
{
"reason": "Stale AI session file -- delete",
"type": "stale",
"file": "GEMINI.md",
"action": "delete",
"rule_module": "root_hygiene",
"severity": "medium"
},
{
"reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
"type": "unpinned_action",
"file": "governance.yml",
"action": "pin_sha",
"rule_module": "workflow_audit",
"severity": "high"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/sanctify-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/academic-workflow-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/fireflag-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/ephapax-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/bofig-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/hesiod-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/mcp-bridge/main.d.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "believe_me undermines formal verification (1 occurrences, CWE-704)",
"type": "believe_me",
"file": "/home/runner/work/boj-server/boj-server/src/abi/Boj/SafeHTTP.idr",
"action": "flag",
"rule_module": "code_safety",
"severity": "critical"
}
]Powered by Hypatia Neurosymbolic CI/CD Intelligence |
🏁 path-claims benchCommit NumbersHost-dependent — compare deltas across commits, not absolute values. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Follow-up to #161 (which seeded
docs/proof-debt.mdper the estateTrusted-Base Reduction Policy
— hyperpolymath/standards#203, enforcement hyperpolymath/standards#211).
docs/proof-debt.mdalready enumerates the 5 class-(J)believe_mesites in
src/abi/Boj/SafetyLemmas.idr, so thecheck-trusted-base.shgate passes via the "documented in proof-debt.md" path. This PR closes
the second path: each marker now also has an inline
AXIOM:leadingcomment, the canonical keyword the script greps. The result: boj-server
satisfies both halves of the check, making it the fully canonical
reference implementation cited in standards#203 §"Precedent".
Changes
src/abi/Boj/SafetyLemmas.idr(38 lines, 5 sites + 1 module header):charEqSound,charEqSym,unpackLength,appendLengthSum,substrLengthBoundeach gain anAXIOM: <name>; class-(J) — ...header line citing
docs/proof-debt.md §(c)and the per-primitivedocs/backend-assurance/<primitive>.md.use the policy vocabulary ("AXIOM-tagged", "disposition-§(c)
NECESSARY-AXIOM").
PROOF-NEEDS.md: new header note cross-linkingdocs/proof-debt.md(strategic-goals doc ↔ schema-conformant per-repo index) — mirrors
the pattern from standards#213.
Marker inventory (unchanged)
5 escape hatches, all
believe_me, all insrc/abi/Boj/SafetyLemmas.idr,all class-(J) NECESSARY AXIOM (§(c)), all externally validated under
docs/backend-assurance/:SafetyLemmas.idr:61charEqSoundSafetyLemmas.idr:68charEqSymSafetyLemmas.idr:226unpackLengthSafetyLemmas.idr:236appendLengthSumSafetyLemmas.idr:246substrLengthBound§(a) DISCHARGED: 0. §(b) BUDGETED: 0 (the externally-validated harness
under
docs/backend-assurance/is §(b)-style discipline applied to §(c)items per standards#203 §"Precedent"). §(d) DEBT: 0.
Test plan
bash scripts/check-trusted-base.sh .(when the standards#211trusted-basejob runs against this branch) reports[OK] All 5 escape hatch(es) are documented (inline annotation or entry in: docs/proof-debt.md PROOF-NEEDS.md).believe_mebodies andsignatures untouched; only doc-comments edited.
Refs: hyperpolymath/standards#203 (policy), hyperpolymath/standards#211
(enforcement), #161 (proof-debt.md seed).
🤖 Generated with Claude Code
Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com