Evidence Layer

Replayable.
Hash-verified.
Offline-verifiable.

MGOS does not ask for blind trust. Its assurance claims are backed by a self-contained evidence layer: manifests, SHA-256 verification, replayable decision artifacts, and audited validation suites.

Tamper-evident by design. No external anchoring by default.

What the evidence layer contains

The operational proof trail of MGOS Runtime Stack.

It does not prove the formal kernel theorems -- that belongs to the /proof boundary. It proves something different: that the delivered artifact, the replayed decisions, and the validation outputs are internally consistent, reproducible, and auditable.

RECEIPTS

Decision-linked records

Every authorization outcome is paired with a cryptographic trace.

MANIFEST

Complete file inventory

Every artifact in the bundle is listed, described, and accounted for.

SHA-256

Integrity verification

Every file hash is checked against the declared manifest.

REPLAY

Reproducible outcomes

Same input, same output, same hash in the pinned environment.

What is in the bundle
MANIFEST.txtComplete inventory of the delivered evidence package.
SHA256SUMS.txtIntegrity checks for all bundled artifacts.
VERIFY_BUNDLE.shOne-command offline verification. No network, no dependencies.
decision_logs/Decision traces and outcome records.
validation_reports/Acceptance gates and audited suite outputs.
build_notes/Pinned environment and artifact provenance.

Delivered under evaluation agreement / NDA when applicable.

How to verify in 5 minutes

The point is not to watch a demo.
The point is to verify the artifact.

STEP 1 | 30s
Run VERIFY_BUNDLE.sh
One command. Checks manifest completeness and SHA-256 integrity. Offline. No dependencies.
STEP 2 | 1 min
Confirm manifest integrity
Every file listed. Every hash matches. No extra files. No missing artifacts.
STEP 3 | 2 min
Replay decision artifacts
Run selected decision traces in the pinned environment. Same input produces same output produces same hash.
STEP 4 | 1 min
Check audited gates
Compare gate outputs against delivered reports. Verify that acceptance criteria are met.

The delivered evidence package is designed to be self-consistent and reproducible -- not to require trust in MGOS.

What the evidence supports
Formally proved

Core authorization logic. Mechanized in Lean 4.

Open /proof

Operationally validated

Audited suites, replay outputs, acceptance gates. This is what evidence directly supports.

Not claimed by evidence alone

Full-system certification. Hardware safety case. Cross-platform bitwise identity. Upstream AI truth.

Audited validation gates
GateWhat it checksStatus
A0Bundle integrity -- MANIFEST / SHA / VERIFY offlinePASS
A5Replay determinism -- same input, same output, same hashPASS
S1 / S2Conflict and fault no-go behavior -- zero ALLOW on conflictPASS
G96Load stability -- decisions stable under CPU loadPASS
G97Dirty-input handling -- deterministic return, no crashesPASS

Statuses refer to audited suites in the pinned evaluation environment. Gate IDs correspond to the evidence bundle report.

Audited suites
BASELINE

Reference behavior

Standard suite for expected runtime behavior under normal operating conditions.

SOAK

Stability audit

Longer-run stability and drift detection under sustained operation.

POISON

Adversarial inputs

Fail-close behavior under malformed, adversarial, or contradictory inputs.

Zero unsafe authorization in the audited suites. Explicit fail-close coverage is tracked separately where required.

What a receipt means

Not a log line. An integrity-linked authorization trace.

decision: BLOCK
timestamp: 2026-03-07T14:32:01Z
policy: operational_envelope_v3
state: conflict_detected | channels: 3
digest: c7b84931...64bff24f

Receipts are tamper-evident. They are not externally anchored by default. Receipt verification = hash-chain + bundle integrity (MANIFEST / SHA).

What this evidence does not claim
NOT CLAIMED

Full-system certification. Evidence supports certification workflows but does not substitute for them.

NOT CLAIMED

Hardware fault closure. Hardware redundancy remains a deployment obligation.

NOT CLAIMED

Upstream AI truth verification. MGOS authorizes execution; it does not evaluate semantic truth.

NOT CLAIMED

Cross-platform bitwise identity. Determinism is claimed within a pinned environment only.

How access works
Public site shows the evidence model and verification process.
Detailed bundles are shared for evaluation under NDA.
Artifact access can be provided for technical diligence.
Verification is designed for third-party review, not only internal demonstration.

Trust the claim if you want.
Verify the artifact if you need.

Evidence bundle delivered under NDA within 24h. Offline-verifiable. MANIFEST / SHA / VERIFY.

Request Evaluation Bundle Open Proof Boundary Back to Runtime Stack