Initialize repository snapshot

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/README.md

@@ -0,0 +1,14 @@
+# Test Categories
+
+This directory is explanatory: the executable catalog is `../manifest.yaml`.
+
+Categories mirror the MERIDIAN v1 spec boundaries:
+- `identity/` (audit-required boundaries; only what can be tested offline)
+- `event_chain/` (schema, hashes, chain, seq)
+- `refusal_proofs/` (intent → exactly-one-outcome; no silent denial)
+- `capabilities/` (revocation enforcement)
+- `sealing/` (bundle completeness, integrity, roots, ranges)
+- `tamper_signals/` (recording signals; not fully enforceable by verifier)
+- `offline_restore/` (clean-room copy verification)
+- `ml_boundary/` (v1 boundary represented by command lifecycle invariants)
+

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/capabilities/README.md

@@ -0,0 +1,8 @@
+# capabilities/
+
+MERIDIAN v1 binds “authority” to Sentinel’s capability surface.
+
+Conformance focus (verifier-enforced):
+- Revocation must be representable (`cap_revoke.payload.revoked_cap_hash`).
+- Any `action_executed` using a revoked `cap_hash` must FAIL verification: `E_REVOKED_CAPABILITY_USED`.
+

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/event_chain/README.md

@@ -0,0 +1,9 @@
+# event_chain/
+
+Conformance focus (verifier-enforced):
+- Event schema validity (`E_SCHEMA_INVALID`)
+- `event_hash` recomputation (`E_EVENT_HASH_MISMATCH`)
+- `op_digest` recomputation (`E_EVENT_HASH_MISMATCH`)
+- `prev_event_hash` continuity (`E_CHAIN_DISCONTINUITY`)
+- `seq` monotonicity (`E_SEQ_NON_MONOTONIC`)
+

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/identity/README.md

@@ -0,0 +1,7 @@
+# identity/
+
+Identity material (key origin, HSM provenance, provisioning ceremony) is largely **AUDIT‑REQUIRED** in v1.
+
+This suite only encodes what can be tested offline without secrets:
+- identity claims, once emitted into receipts, must be tamper‑evident (verified by Sentinel bundle verification)
+

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/ml_boundary/README.md

@@ -0,0 +1,12 @@
+# ml_boundary/
+
+MERIDIAN v1 does not claim ML correctness. It enforces evidence.
+
+Conformance modeling in v1:
+- “automation must not execute directly” is represented as:
+  - no `action_executed` without prior `action_intent` (strict linkage)
+  - no double outcome for a `trace_id`
+
+Failure code:
+- `E_CHAIN_DISCONTINUITY`
+

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/offline_restore/README.md

@@ -0,0 +1,9 @@
+# offline_restore/
+
+Clean-room drills:
+- copy a seal bundle into an empty directory
+- run verifier `--strict`
+- require PASS
+
+This enforces “offline-only” and “no hidden dependencies”.
+

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/refusal_proofs/README.md

@@ -0,0 +1,13 @@
+# refusal_proofs/
+
+MERIDIAN v1 wedge: **provable refusal**.
+
+Conformance focus (verifier-enforced in `--strict` mode):
+- `action_intent` MUST have exactly one outcome:
+  - `action_executed` OR `shadow_receipt`
+- silent denial is forbidden (intent without outcome)
+- execution without intent is forbidden
+
+Failure code:
+- `E_CHAIN_DISCONTINUITY`
+

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/sealing/README.md

@@ -0,0 +1,11 @@
+# sealing/
+
+Conformance focus (verifier-enforced):
+- required files present (`E_MISSING_REQUIRED_FILE`)
+- integrity hashes match (`E_MANIFEST_HASH_MISMATCH`)
+- no unlisted files in `--strict` (`E_SCHEMA_INVALID`)
+- declared range matches receipts (`E_RANGE_MISMATCH`)
+- declared root matches recomputation (`E_ROOT_MISMATCH`)
+- canonicalization version is supported (`E_CANON_VERSION_UNSUPPORTED`)
+- input bounds enforced (`E_OVERSIZE_INPUT`)
+

MERIDIAN_V1_CONFORMANCE_TEST_SUITE/tests/tamper_signals/README.md

@@ -0,0 +1,9 @@
+# tamper_signals/
+
+Sentinel can prove “this event was recorded” (integrity), not “the device detected it”.
+
+This category includes fixtures that demonstrate:
+- `tamper_signal` / `corruption_detected` events can be recorded and verified offline.
+
+Detection and emission policies remain AUDIT‑REQUIRED.
+