Glossary

AER — Agent Execution Record

The single tamper-evident record produced at Stage 4 of the pipeline. AER consolidates the six DKEC kernel outputs (DSE, TOK, DSC, NREP, AIVP, DCAE) into one signed object. Its hash, aer_hash, is the input to the cryptographic sealing pipeline (Stage 5).

AIVP — Artificial Intelligence Verification Protocol (Tier 4)

DKEC kernel that governs AI behavior under policy. Performs contradiction detection, policy enforcement, and reasoning validation; emits the Proof Integrity Artifact (PIA hash). Answers: "Did the AI behave correctly under governance rules?"

Attestation

In Verdifax usage, the act of sending a payload through the nine-stage pipeline and receiving back a sealed manifest hash. "Attesting" a model output means making that output verifiable.

DCAE — Deterministic Compute Attestation Engine

DKEC kernel that proves the run executed on trusted hardware. Cooperates with the Hardware Root Engine (HRE) to bind execution to a specific physical machine. Answers: "Was this executed on trusted hardware?"

DKEC — Deterministic Kernel Execution Controller

Stage 3 of the pipeline. Dispatches the six kernels in lockstep and emits the EPA / EFA hashes plus six execution IDs.

DLA — Distributed Ledger Anchor

Stage 9. Produces the final .VFA artifact and runs the independent third-party verifier. The output is final_vfa_hash plus an independent_verified boolean that must be true for the manifest to seal.

DOG — Deterministic Oracle Gateway

Stage 1 of the pipeline. The pipeline's front door — admits the payload, derives the envelope, computes envelope_id and envelope_hash.

DSC — Deterministic State Continuity

DKEC kernel that validates state transitions. Answers: "Was this state transition valid?"

DSE — Deterministic State Engine

DKEC kernel that captures the exact system state at execution time. Answers: "What is the exact system state?"

DTL — Deterministic Transport Layer

Stage 2. Sequences and binds envelopes into a totally-ordered log; emits sequence_id and transport_hash.

EFA — Execution Final Attestation

The hash produced at the end of Stage 3 (DKEC) summarizing the kernel-execution outcome. Distinct from epa_hash which describes the plan.

Envelope

The canonical wrapper for a payload that's been admitted into the pipeline. An envelope is identified by envelope_id (string) and sealed by envelope_hash (64-char hex).

EPA — Execution Plan Attestation

The hash produced at the start of Stage 3 capturing the planned kernel dispatch order, before the kernels actually run.

Formal Verifier Status

A field in the sealed manifest. Must equal the literal string VERIFIED_SOUND_COMPLETE_ZK for the run to be considered sealed. Anything else aborts the manifest.

Hardware Attestation Hash

The output of Stage 5 / L8. A SHA-256 of either a TPM2 quote or an AMD SEV-SNP report, anchoring the run to a specific physical machine.

Leakage Bundle Hash

Stage 5 / L9 output. An upper bound on information that escaped the secure enclave during the run, sealed and included in the manifest.

Manifest Hash

The headline artifact of every Verdifax run. A 64-character lowercase SHA-256 hex digest computed from every other field in the ExecutionManifest. The single value an external verifier checks.

NREP — Non-Repudiation Engine

DKEC kernel that binds execution to the actor that initiated it. Answers: "Who performed this action?"

PIA — Pipeline Integrity Anchor

A §0 spec construct: a hash that ties one stage's output into the next stage's input so the chain cannot be cut and rejoined.

PoTE — Proof of Tamper-Evident execution

Stage 7 output. A Merkle inclusion proof in a transparency log, binding the run to an immutable public record.

Program ID

A 64-character lowercase hex identifier registered with the program registry. Specifies which program is being executed; runs of different programs always produce different manifest hashes.

Registry Record Hash

The §0 hash of the registry record authorizing this program. Required as input to every attest() call. If the registry record changes (e.g., the program is updated), the hash changes — which is intentional.

Replay Fingerprint

Stage 6 output. A deterministic identifier any honest re-execution must reproduce.

Route ID

A free-form deterministic route identifier. Runs of the same program on different routes produce different manifest hashes.

VFA — Verdifax Final Artifact

The signed .vfa file produced at Stage 9 containing the full execution record, the manifest hash, and the independent verifier signature.

ZKSP

Stage 5. The cryptographic core: L7 (transcript), L8 (hardware attestation), L9 (leakage), L10 (formal verifier). Together, they bind the run to a verifiable cryptographic proof.

ZK Proof

In Verdifax, the L7-L10 pipeline's output: a zero-knowledge proof that the run satisfies the formal-verifier predicate without revealing the witness (the inputs, the model, or the runtime state).