vm-core/spec/SENTINEL_EVIDENCE_STANDARD.md

Sentinel Evidence Standard v1

Status: Draft (implementation-oriented)
Scope: VaultMesh Sentinel v1 offline-verifiable evidence artifacts

1) What “evidence” means here

Evidence is a portable, offline-verifiable artifact set that allows an auditor to deterministically verify:

• what happened (action_executed)
• what was attempted (action_intent)
• what was denied (shadow_receipt)
• and whether the history was tampered with (prev_event_hash + roots + integrity digests)

2) Required artifact set (seal bundle)

A seal bundle is the canonical evidence package. At minimum it contains:

• seal.json
• integrity.json
• verifier_manifest.json
• receipts.jsonl (or declared ledger export)
• roots.txt

3) Cryptographic defaults (v1)

• Signing: Ed25519 (where signatures are used; v1 verifier does not require a seal signature)
• Hashing: blake3 or sha256 (declared in artifacts; verifier MUST respect the declared hash_algo)
• Canonicalization: pinned by canonicalization_version and enforced by the verifier

4) Verification entrypoints (offline)

Single bundle:

• python3 vaultmesh-orgine-mobile/tools/vm_verify_sentinel_bundle.py --bundle vaultmesh-orgine-mobile/testvectors/sentinel/black-box-that-refused --strict

All testvectors (includes determinism check):

• bash vaultmesh-orgine-mobile/tools/run_sentinel_testvectors.sh

5) Failure codes are contractual

Failure codes are stable and must not be reused across meanings:

• Source of truth: vaultmesh-orgine-mobile/tools/sentinel_failure_codes.py