Notes
Short technical notes on trust boundaries, verification, failure modes, and governed systems. Each note makes one distinction or clarifies one boundary.
Authority Is Not Execution
A system can have the authority to act and still not be the system that acts. Confusing the two creates invisible risk.
Failure Modes Are Not Edge Cases
An edge case is something the system did not anticipate. A failure mode is a known degradation path the system should have designed for. Governance failures are always failure modes — calling them edge cases is a misclassification that removes the obligation to design recovery.
Independence Without Replay Is Still Weak
A record that is independently verifiable but cannot be replayed still has a gap. Independence proves existence and integrity. Replay proves fidelity. A proof surface needs both.
Verification Requires Independence
A system that can only be verified by itself has not been verified. Independence is not a quality property of verification — it is the threshold below which the word has no meaning.
Proof Is Not Presentation
A well-formatted report is not evidence. Proof is what survives when the system that produced it is no longer in control of how it is read.
Trust Is Reduced, Not Removed
No system eliminates trust. Good systems make the remaining trust assumptions explicit, narrow, and independently checkable.
Delegation Is Not Disappearance
Handing off to a third party does not make accountability vanish. The delegator still owns the claim about what the delegate did.
The Audit Log Is Not the Evidence
Audit logs are internal records maintained by the system under review. They are not independent evidence. A log the accused controls is not proof.
Scope Is a Runtime Property
Declaring scope at configuration time does not enforce it at execution time. Scope that is not checked during execution is a suggestion, not a constraint.