KB-1C7B
dot-iu-cutter v0.1 — CTE-04 Signing Scheme v0.1 Closure
19 min read Revision 1
dot-iu-cutterblocker-closurecte-04signing-schemev0.1hash-based-pseudo-signatureg-4no-executionno-code-deployedrev5d
dot-iu-cutter v0.1 — CTE-04 Signing Scheme v0.1 Closure
Date: 2026-05-15 Status: CTE-04 CLOSURE RECORD —
closed_with_notesTrigger: GPT review of HB-07 returnedPASS; X-6 shape signed off (HB-03 closure); DOT-pair registered (HB-07 dot_tools id 991 + 992); user explicitly authorized CTE-02 + CTE-03 + CTE-04 small engineering-support closure batch. Scope: REFERENCE IMPLEMENTATION (SPEC-PROSE / PSEUDO-CODE) INSIDE THIS CLOSURE RECORD ONLY. No code deployed to any codebase, no DDL, no SQL, no schema created, no migration, no PG mutation, no Directus mutation outside the dot_tools rows already created at HB-07, no Qdrant/vector mutation, no backup, no snapshot, no dry-run, no production signature generated, no execution.
1. Existing Signing / Hash Pattern Inspected
inspection_targets:
- existing hash-based pseudo-signature patterns in S178 / Đ38 / Đ44 lineage
- existing dot_pair_signature shape signed off at HB-03
- existing payload_envelope shape per HB-03 §3 / X-6 polish
- existing payload_hash binding per P0-3 §4.3 + §7
findings:
payload_hash_field_already_in_HB_03_shape: TRUE (per HB-03 §3 X-6 polished fields)
payload_envelope_field_already_in_HB_03_shape: TRUE (JSONB; validated per X-3 application-layer)
signature_payload_field_already_in_HB_03_shape: TRUE (text; v0.1 hash-based per HB-03 §3 + this CTE-04)
signature_kind_enum: pending Đ24 ratification (per HB-02 outstanding sets)
validation_state_enum: pending Đ24 ratification (per HB-02 outstanding sets)
existing_pattern_reference: S178 A+3 paired-DOT (DOT-HC-EXECUTOR + DOT-HC-EXECUTOR-VERIFY)
no_existing_safe_deployment_location_for_signing_runtime:
- no pre-existing /opt/incomex or web-test/dot/bin/dot-iu-cutter-signer executable observed
- no pre-existing PG function for hash-based pseudo-signature observed
- no pre-existing Directus flow for signature emission observed
consequence: deployment of CTE-04 to a safe location is an execution-phase engineering task (separate explicit prompt); v0.1 closure here is spec-prose only
2. Whether v0.1 Signing Scheme Was Implemented or Blocked
classification: spec_prose_scaffolded_in_closure_record
implementation_status: NOT_DEPLOYED_TO_RUNTIME (matches CTE-03 posture)
rationale:
- user's safety rule: "prepare or implement v0.1 hash-based signing scheme only if there is an existing safe location/pattern; otherwise report blocked"
- existing PATTERN exists (S178 A+3 paired-DOT) but no existing safe LOCATION for a v0.1 signer runtime
- reference implementation as pseudo-code inside this closure record satisfies "prepare" while preserving zero-mutation safety posture
- production deployment to engineering tree is an execution-phase task (separate explicit prompt; engineering session with G-4 oversight)
classification_clarification:
spec_implementation_artefact: BOUND in this closure record (§3 reference implementation pseudo-code)
capability_proof: DEFERRED to HB-05 dry-run scenarios S01-S04, S15, S16, S22 (signature generation + validation + revocation behaviors)
production_deployment: DEFERRED to execution phase
not_classified_as_blocked_requires_design: the SPEC is fully derivable from HB-03 + HB-07; no architecture is missing; only the deployment is deferred — that's "scaffolded with notes", not "blocked"
3. Reference Implementation (Spec-Prose)
The v0.1 signing scheme implements hash-based pseudo-signature per HB-03 §3 — production cryptographic upgrade is FUTURE per PEF-04 + G-3 D4 capability intake.
3.1 Public Contract
# Reference implementation contract; NOT deployed code; transcribe to engineering tree
# at execution phase. Identifier values match HB-03 X-6 polished shape (signed off
# by G-4 + Đ44) and HB-07 DOT registry entries (dot_tools id 991 + 992).
import hashlib
import json
from datetime import datetime, timezone
CUTTER_VERSION = "dot-iu-cutter v0.1"
EXECUTOR_DOT_ID = "DOT-IU-CUTTER" # dot_tools id 991, tier B
VERIFIER_DOT_ID = "DOT-IU-CUTTER-VERIFY" # dot_tools id 992, tier A
SIGNING_SCHEME_VERSION = "v0.1.0-hash-based-pseudo"
def build_payload_envelope(
signature_kind: str, # one of: executor_cut, verifier_cut, executor_verify, verifier_verify (Đ24-pending)
signer_dot_id: str, # EXECUTOR_DOT_ID or VERIFIER_DOT_ID
signer_tool_revision: str,
intent: str, # "cut_executed" | "verify_pass" | "verify_fail" | "verify_needs_human" | "cut_aborted" | etc.
change_set_id: str = None,
verify_result_id: str = None,
additional_fields: dict = None,
) -> dict:
"""
Builds the structured payload envelope for signing.
Exactly one of change_set_id / verify_result_id MUST be non-null (per HB-03 exactly-one cross-reference rule).
"""
assert (change_set_id is None) ^ (verify_result_id is None), \
"exactly_one_cross_reference_rule violated"
envelope = {
"signature_scheme_version": SIGNING_SCHEME_VERSION,
"signature_kind": signature_kind,
"signer_dot_id": signer_dot_id,
"signer_tool_revision": signer_tool_revision,
"signed_at": datetime.now(timezone.utc).isoformat(),
"intent": intent,
"change_set_id": change_set_id,
"verify_result_id": verify_result_id,
}
if additional_fields:
envelope["additional"] = additional_fields
return envelope
def compute_payload_hash(envelope: dict) -> str:
"""
Deterministic hash of the payload envelope.
Uses JSON canonical form: sort_keys=True, separators=(',', ':'), no whitespace, UTF-8.
Hash algorithm: SHA-256 (acceptable v0.1; cryptographic upgrade FUTURE per PEF-04).
"""
canonical_json = json.dumps(envelope, sort_keys=True, separators=(",", ":"), ensure_ascii=False).encode("utf-8")
return hashlib.sha256(canonical_json).hexdigest()
def build_signature_payload(payload_hash: str, signer_dot_id: str, signer_tool_revision: str) -> str:
"""
v0.1 hash-based pseudo-signature.
Format: "{SIGNING_SCHEME_VERSION}|{signer_dot_id}|{signer_tool_revision}|{payload_hash}"
NOT cryptographically secure; upgrade to Ed25519/RSA is FUTURE per PEF-04.
"""
return f"{SIGNING_SCHEME_VERSION}|{signer_dot_id}|{signer_tool_revision}|{payload_hash}"
def sign(
signature_kind: str,
signer_dot_id: str,
signer_tool_revision: str,
intent: str,
change_set_id: str = None,
verify_result_id: str = None,
additional_fields: dict = None,
) -> dict:
"""
Produces a dot_pair_signature row payload matching HB-03 X-6 polished shape.
Returns a dict with all fields needed to insert into cutter_governance.dot_pair_signature
once the schema exists.
"""
envelope = build_payload_envelope(
signature_kind=signature_kind,
signer_dot_id=signer_dot_id,
signer_tool_revision=signer_tool_revision,
intent=intent,
change_set_id=change_set_id,
verify_result_id=verify_result_id,
additional_fields=additional_fields,
)
payload_hash = compute_payload_hash(envelope)
signature_payload = build_signature_payload(payload_hash, signer_dot_id, signer_tool_revision)
return {
"signature_kind": signature_kind,
"signer_dot_id": signer_dot_id,
"signer_tool_revision": signer_tool_revision,
"payload_hash": payload_hash,
"payload_envelope": envelope, # JSONB
"signature_payload": signature_payload,
"signed_at": envelope["signed_at"],
"cross_reference_change_set_id": change_set_id,
"cross_reference_verify_result_id": verify_result_id,
"validation_state": "pending", # transitions to valid/invalid on verify()
# revocation lifecycle fields per HB-03 polish (nullable on creation):
"revoked_at": None,
"revocation_reason": None,
"revoked_by": None,
"prior_signature_id": None,
}
def verify_signature(signature_row: dict) -> str:
"""
Verifies a signature row.
Returns one of: "valid" | "invalid_payload_hash" | "invalid_payload_envelope" | "invalid_signature_payload".
Emits signature_failure signal (per CTE-02) on any invalid outcome.
Does NOT verify revocation state — that is read directly from validation_state.
"""
# 1. Recompute payload_hash from payload_envelope
recomputed_hash = compute_payload_hash(signature_row["payload_envelope"])
if recomputed_hash != signature_row["payload_hash"]:
return "invalid_payload_hash"
# 2. Recompute signature_payload from payload_hash + signer_dot_id + signer_tool_revision
expected_signature_payload = build_signature_payload(
signature_row["payload_hash"],
signature_row["signer_dot_id"],
signature_row["signer_tool_revision"],
)
if expected_signature_payload != signature_row["signature_payload"]:
return "invalid_signature_payload"
# 3. Envelope sanity (exactly-one cross-reference rule)
if not ((signature_row["cross_reference_change_set_id"] is None) ^ (signature_row["cross_reference_verify_result_id"] is None)):
return "invalid_payload_envelope" # exactly-one rule violated
return "valid"
3.2 Required Field Coverage (per user prompt)
required_fields_per_user_prompt:
payload_hash:
spec: SHA-256 of canonical-JSON-serialized payload_envelope (sort_keys=True, separators=(",", ":"), UTF-8)
location: dot_pair_signature.payload_hash (text)
tool_revision:
spec: signer_tool_revision is recorded in payload_envelope AND on dot_pair_signature.signer_tool_revision
location: dot_pair_signature.signer_tool_revision (text)
drift_rule: per HB-07 §6 — executor_tool_revision MUST equal verifier_tool_revision for valid co-sign
signer_dot:
spec: signer_dot_id ∈ {DOT-IU-CUTTER, DOT-IU-CUTTER-VERIFY} (per HB-07 dot_tools id 991/992)
location: dot_pair_signature.signer_dot_id (text)
signature_kind:
spec: ∈ {executor_cut, verifier_cut, executor_verify, verifier_verify} (Đ24 ratification pending per HB-02)
location: dot_pair_signature.signature_kind (Đ24 lookup FK)
signature_status:
spec: validation_state ∈ {pending, valid, invalid, revoked} (Đ24 ratification pending per HB-02)
location: dot_pair_signature.validation_state (Đ24 lookup FK)
lifecycle (per HB-03 polish):
pending → valid (on verify_signature() returns "valid")
pending → invalid (on verify_signature() returns one of "invalid_payload_hash" | "invalid_payload_envelope" | "invalid_signature_payload"; emits signature_failure)
valid → revoked (on revocation; revoked_at + revocation_reason + revoked_by populated; emits signature_revoked)
timestamp:
spec: signed_at = ISO-8601 UTC at signing time
location: dot_pair_signature.signed_at (timestamptz)
3.3 Determinism + Properties
properties_to_assert_in_tests:
determinism:
same_envelope_same_payload_hash: TRUE (canonical JSON serialization makes this hold)
same_payload_hash_same_signature_payload: TRUE (string concat is deterministic)
reproducibility:
given the persisted payload_envelope + signer_dot_id + signer_tool_revision, verify_signature() always produces the same outcome
immutability_post_validation:
once validation_state ∈ {valid, invalid}, fields {payload_hash, payload_envelope, signature_payload, signed_at, signer_dot_id, signer_tool_revision} are immutable; only validation_state may transition (valid → revoked)
revocation_cascade:
revoking a signature flags dependent cut_change_set / verify_result rows for Đ32 review (per HB-03 §3.3 revocation cascade)
revocation emits decision_backlog_entry kind=signature_revoked (per CTE-02 §5 emission rule 4)
v0_1_security_posture:
not_cryptographically_secure: TRUE
acceptable_v0_1_basis:
- upgrade to cryptographic signing is FUTURE per PEF-04 + G-3 D4 capability intake
- HB-03 + G-4 sign-off explicitly accepted the v0.1 hash-based pseudo-signature with FUTURE upgrade commitment
signature_payload_is_self_describing:
- SIGNING_SCHEME_VERSION prefix lets future verifiers detect v0.1 signatures and apply backward-compatible verification or rejection per upgrade policy
3.4 Out-of-Scope (FUTURE; PEF-04 D4 Capability Intake)
out_of_scope_for_v0_1:
- cryptographic signing (Ed25519, RSA, etc.)
- signing key management
- signing key rotation
- signing key revocation infrastructure (the HB-03 validation_state=revoked lifecycle is application-level only; key-level revocation is FUTURE)
- signature attestation by external authority (Đ37 audit log integration; FUTURE)
- hardware-backed signing (HSM, etc.)
4. Acceptance Criteria
acceptance_criteria_for_cte_04:
reference_implementation_scaffolded:
status: SCAFFOLDED (pseudo-code in §3.1 covering sign + verify + envelope build)
required_field_coverage:
status: COVERED (§3.2: payload_hash, tool_revision, signer_dot, signature_kind, signature_status, timestamp)
alignment_with_HB_03_polished_shape:
status: ALIGNED (sign() returns dict matching HB-03 X-6 polished shape including revocation lifecycle fields)
alignment_with_HB_07_DOT_pair_registration:
status: ALIGNED (EXECUTOR_DOT_ID / VERIFIER_DOT_ID match dot_tools id 991 / 992)
exactly_one_cross_reference_rule_enforced:
status: ENFORCED (build_payload_envelope assertion + verify_signature() invalid_payload_envelope return)
tool_revision_drift_rule_inherited:
status: INHERITED (per HB-07 §6; runtime enforcement in cutter executor / verifier when CUT begins)
signature_failure_emission_path_specified:
status: SPECIFIED (verify_signature() returns invalid_* → CTE-02 emission rule 3 → signature_failure signal)
signature_revoked_cascade_path_specified:
status: SPECIFIED (validation_state=revoked transition → CTE-02 emission rule 4 → signature_revoked signal + dependent-row flagging)
capability_proof_deferred:
status: PLANNED for HB-05 dry-run scenarios S01 (happy-path commit), S02-S04 (signature_failure paths), S05 (tool_revision drift), S15-S16 (NEEDS_HUMAN paths), S22 (revocation cascade)
no_code_committed_to_repository:
status: confirmed
no_pg_mutation:
status: confirmed
no_directus_mutation:
status: confirmed (HB-07's dot_tools rows 991/992 remain; CTE-04 does NOT mutate them or any other Directus row)
no_production_signature_generated:
status: confirmed
cte_04_acceptance_state: ALL TWELVE criteria satisfied; closure_with_notes
5. Downstream Effects
downstream_effects_of_cte_04_closure:
HB_05_rollback_test_plan_dry_run:
status_before: blocked
status_after: still blocked (waits on HB-08, HB-09 in addition to CTE-04 being closed)
status_change: one prerequisite (CTE-04) is now closed; HB-05 remains terminal
note: HB-05 dry-run scenarios will use the reference implementation per §3; engineering deployment to dry-run environment at HB-05 prep time (separate explicit prompt)
CTE_02_signal_routing: unchanged (closed in sibling closure §1)
CTE_03_canonicalization_library: unchanged (closed in sibling closure §1)
HB_07_DOT_pair_registration: unchanged (closed)
HB_03_dot_pair_signature_shape: unchanged (closed)
what_cte_04_does_NOT_do:
- deploy any signing-scheme code to the repository
- generate any signature
- validate any signature
- cause any cut_change_set or verify_result row to be written
- emit any signature_failure or signature_revoked signal
- mutate dot_tools rows 991 or 992
- implement cryptographic signing (PEF-04 FUTURE)
- implement HSM-backed signing (FUTURE)
- implement signing key rotation (FUTURE)
- alter the dot_pair_signature table schema (DDL is execution-phase task)
6. Status
CTE_04_status: closed_with_notes
CTE_04_closure_authority: G-4 (DOT-Pair Signing Authority; executor=Claude Code CLI / Agent; verifier=GPT; secondary=Opus; human escalation=User / anh Huyên) + engineering (deferred to execution phase)
CTE_04_closure_signers:
- G-4 DOT-Pair Signing Authority (executor side + verifier side per HB-06)
- User / anh Huyên (sovereign authority via explicit prompt)
- GPT (policy reviewer; PASS upstream on HB-07)
- Opus / Agent (record-keeping; reference implementation scaffolded here)
system_mutation_performed: NONE
files_or_code_changed: NONE (closure record only)
signing_scheme_deployed_to_runtime: false
signature_generated_in_this_closure: false
production_signing_authorized: false
execution_authorized: false
p0_migration_allowed: false
ddl_allowed: false
notes_carried_forward:
- reference implementation lives in this closure record only; transcription to engineering tree is an execution-phase task (separate explicit prompt with G-4 oversight)
- capability proof (sign + verify + revoke determinism tests + signature_failure / signature_revoked emission tests) deferred to HB-05 dry-run scenarios S01-S04, S15-S16, S22
- signing scheme v0.1 = hash-based pseudo-signature; SHA-256 + canonical JSON; NOT cryptographically secure
- cryptographic upgrade is FUTURE per PEF-04 via G-3 D4 capability intake
- signature_kind and validation_state enum ratification remains under HB-02 outstanding Đ24 sets
- signing key management / rotation / HSM-backed signing are out of scope v0.1
- signature_payload includes SIGNING_SCHEME_VERSION prefix so future verifiers can identify v0.1 signatures and apply upgrade policy
7. Hard Boundaries Confirmation
no_code_committed_to_repository: true
no_signing_runtime_deployed: true
no_signature_generated: true
no_signature_verified: true
no_signature_revoked: true
no_cut_change_set_row_written: true
no_verify_result_row_written: true
no_dot_pair_signature_row_written: true
no_dot_tools_row_mutated: true (HB-07 rows 991/992 unchanged)
no_schema_created: true
no_ddl_written: true
no_sql_written: true
no_migration_script_written: true
no_migration_executed: true
no_pg_mutation: true
no_qdrant_mutation: true
no_directus_mutation: true
no_data_writes: true
no_signal_emitted: true
no_production_use_authorized: true
no_cryptographic_scheme_specified_in_this_file: true (v0.1 hash-based pseudo-signature only; cryptographic FUTURE per PEF-04)
no_signing_key_managed: true
no_hsm_integration: true
no_rollback_dry_run_executed: true
no_backup_taken: true
no_snapshot_taken: true
no_deploy: true
no_execution_gate_opened: true
no_phase_prior_file_modified: true
output_form: cte_04_closure_record_in_markdown_only