# Sentinel Evidence Standard v1

Status: Draft (implementation-oriented)  
Scope: VaultMesh Sentinel v1 offline-verifiable evidence artifacts

## 1) What “evidence” means here

Evidence is a **portable, offline-verifiable artifact set** that allows an auditor to deterministically verify:
- what happened (`action_executed`)
- what was attempted (`action_intent`)
- what was denied (`shadow_receipt`)
- and whether the history was tampered with (`prev_event_hash` + roots + integrity digests)

## 2) Required artifact set (seal bundle)

A seal bundle is the canonical evidence package. At minimum it contains:
- `seal.json`
- `integrity.json`
- `verifier_manifest.json`
- `receipts.jsonl` (or declared ledger export)
- `roots.txt`

## 3) Cryptographic defaults (v1)

- Signing: Ed25519 (where signatures are used; v1 verifier does not require a seal signature)
- Hashing: `blake3` **or** `sha256` (declared in artifacts; verifier MUST respect the declared `hash_algo`)
- Canonicalization: pinned by `canonicalization_version` and enforced by the verifier

## 4) Verification entrypoints (offline)

Single bundle:
- `python3 vaultmesh-orgine-mobile/tools/vm_verify_sentinel_bundle.py --bundle vaultmesh-orgine-mobile/testvectors/sentinel/black-box-that-refused --strict`

All testvectors (includes determinism check):
- `bash vaultmesh-orgine-mobile/tools/run_sentinel_testvectors.sh`

## 5) Failure codes are contractual

Failure codes are stable and must not be reused across meanings:
- Source of truth: `vaultmesh-orgine-mobile/tools/sentinel_failure_codes.py`