What changed, what is still open, and where reviewers should look next.

What changed

Short version first. The dated archive below keeps the longer history.

• DBAD-PUB-844 expanded the projection guard beyond trace pages into older public explanatory/demo pages. The fuzzer now checks /examples, /v2-2-demo, /decencymeter/demo, /faq, /glossary, /methodology, /whitepaper, /explained, /why-dbad-exists, and /trust-flow for cropable raw proof language such as is_valid = true, Allowed actions =, raw continuation-machine enum text, and old standalone valid/allowed/approved framing. The cleaned pages now render those concepts as structural evidence, submitted machine inputs, or non-authorization examples; the final live run covered checked=15566 failures=0.
• DBAD-PUB-845 incorporated the strongest Round56 follow-up ideas. Visible positive checked-rule rows now start with NOT AUTHORIZATION instead of putting the non-authority boundary after the pass-shaped word, and composite proof bundles now sign compact OpenAPI contract samples for both canonical DBaD/DecencyMeter OpenAPI hosts, including response headers and body digests.
• DBAD-PUB-846 hardened peer freshness at the discovery layer. Ethics-host API-doc discovery JSON now emits the same proof freshness headers as other DBaD evidence routes, and audit_public_api_docs_discovery_schema.py fails if /api/docs/index.json, /api/docs/ethics.json, or /api/docs/ethics?format=json lose X-DBaD-Cache-Status: fresh or the no-store cache contract.
• DBAD-PUB-843 expanded the cross-client projection guard from a few representative traces to the linked public trace fleet. The fuzzer now discovers trace links from /dbad/traces and /dbad-ethics-817, scans up to 80 linked trace pages, and the latest live run covered 71 trace detail pages with checked=14831 failures=0. Trace detail pages now render runtime-validation-overlaid content, compute operator guidance from that overlay, display trace IDs/refs as non-authorization trace-reference evidence labels, and sanitize historical stored guidance phrases that previously contained standalone allowed/approved/valid-shaped words.
• DBAD-PUB-842 closed the first findings from the stronger cross-client display fuzzer. The canonical trace no longer shows cropable "approved continuation" advisory text, the reset fixture scenario uses reset-boundary evidence wording, and operator form status lines no longer print trace-specific mutation URLs that can carry approval-shaped fixture IDs.
• DBAD-PUB-841 made the latest trace-detail display cleanup executable. The cross-client projection fuzzer now checks the canonical broken trace and reset-boundary fixture in addition to the requested trace for raw visible boolean rows, raw continuation enum text, reset-boundary raw snippets, and stale pass/allowed trace phrases.
• DBAD-PUB-840 closed a trace-detail visible-boolean crop gap. The server-rendered validation block and the client-side "Validate this trace" refresh path no longer print raw true/false rows for authority, reset, reliance, coverage, or trust-positive-use metadata; visible rows use non-authorization evidence wording instead.
• DBAD-PUB-839 closed the next public-surface enum/example hygiene gap. Public docs and fixture proof tables no longer show reset-boundary or continue-after-review machine enum values as clean standalone evidence; they describe those values as submitted machine inputs or reset-boundary evidence, while served API/copy outputs remain value-bound as NOT_AUTH::not_authorization_... evidence.
• DBAD-PUB-838 closed the next local extraction gap in nested validation summaries. trust_continuity_confidence and escalation_closure_disposition now bind as non-authorization status evidence instead of exposing reset-restoration or escalation-approval words as standalone values; the status audit and cross-client projection fuzzer now check those paths.
• DBAD-PUB-837 tightened public example hygiene after a local grep pass. Public proof pages and the staged Round56 prompt no longer present legacy raw-positive examples such as validation booleans or root transport success as clean standalone snippets; old shapes are described as formerly raw/non-compliant, and current examples use the NOT_AUTH::not_authorization_... evidence shape.
• Public-page readability pass: this update page now leads with a concise latest summary, while the full dated archive remains below. The ethics API docs now use contained, horizontally scrollable code blocks instead of page-breaking snippets.
• DBAD-PUB-836 closed a second local extraction gap in invariant/reset evidence. Public trace API/copy payloads now value-bind status_field_invariant_verified, prose_reliance_not_machine_verified, and zero_trust_reset_state as non-authorization evidence instead of bare true or raw approved. The status, boolean, and cross-client fuzzers now check these paths, and an extra peer-style JSON extractor found zero permission-shaped values across representative trace APIs and the compliance snapshot.
• DBAD-PUB-835 closed a companion extraction gap in structured reliance evidence. Public trace API/copy payloads and composite proof-bundle samples now value-bind reliance_declaration_mode, reliance_mode, reliance_scope, reliance_contribution_to_outcome, reliance_declaration_complete, reliance_set_integrity, trace_reliance_integrity, and reset-boundary booleans as non-authorization evidence instead of raw complete, machine_bound, or bare true. The status, boolean, and cross-client fuzzers now check these paths.
• DBAD-PUB-834 closed the next local extraction gap in stored trace state. Public trace API/copy payloads now value-bind stored state fields such as state.effective_state, state.local_state, state_history[].effective_state, and historical_contamination.current_effective_state as NOT_AUTH::not_authorization_status_evidence_for_... instead of raw allow/Allow. The status-field audit and cross-client fuzzers now check these paths.
• DBAD-PUB-833 closed a crop/extraction gap in validation rule maps. Successful current_validation.checked_rules.* values now project as NOT_AUTH::not_authorization_boolean_evidence_for_... instead of bare true, while failed rules remain false. The status-field compliance audit now checks this explicitly.
• DBAD-PUB-832 hardened the canonical OpenAPI proof surface. https://decencymeter.com/api/v1/openapi.json, https://ethics.decencymeter.com/api/v1/openapi.json, and the compatibility Church OpenAPI URL now emit Cache-Control: no-store, max-age=0, must-revalidate, Surrogate-Control: no-store, Pragma: no-cache, Expires: 0, and X-DBaD-Cache-Status: fresh. audit_dbad_openapi_host_canonical.py now fails if those freshness headers disappear.
• DBAD-PUB-830 expanded the standard public contract runner again. run_ethics_public_contract_audit.py now also runs API-doc live-route checks, targeted HTML/static health for the four main DBaD proof pages, and the template accessibility audit, so link, asset, and accessibility regressions fail the same pre-peer gate instead of living as separate manual checks.
• DBAD-PUB-829 made the OpenAPI host checks part of the standard public contract runner. run_ethics_public_contract_audit.py now executes the API-doc discovery schema audit and the canonical OpenAPI host audit, so a pre-peer public contract pass fails if the docs discovery payload drops openapi_json=https://decencymeter.com/api/v1/openapi.json or drifts back toward the Church OpenAPI URL as canonical.
• DBAD-PUB-828 made the OpenAPI host correction executable rather than just documented. audit_dbad_openapi_host_canonical.py verifies DecencyMeter and ethics OpenAPI URLs return tenant-correct DBaD/DecencyMeter contracts, the Church URL remains Church-labeled compatibility, and public DBaD pages do not point reviewers to the Church OpenAPI URL as canonical. The public docs JSON discovery payload now exposes openapi_json=https://decencymeter.com/api/v1/openapi.json.
• DBAD-PUB-827 moved the DBaD/DecencyMeter OpenAPI review surface off the Church FQDN. https://decencymeter.com/api/v1/openapi.json and https://ethics.decencymeter.com/api/v1/openapi.json now serve the API v1 OpenAPI contract, while the Church host remains compatibility-only for Church-specific clients while that scope remains active. DBaD contract-depth audits and docs now point to the DecencyMeter URL by default.
• DBAD-PUB-826 closed the next API-depth gap: the served OpenAPI contract now carries DBaD-specific non-authorization envelope, trust-continuation, verifier, composite proof-bundle, and mutation schemas/examples. Critical DBaD operations are marked with x-dbad-non-authorization-contract, document DBaD no-store response headers, avoid root ok examples, and are checked by audit_api_v1_dbad_openapi_contract.py. The composite red-team runner now includes this contract-depth audit.
• API hardening pass: the strict /api/v1 OpenAPI coverage/drift audit is now enrichment-aware and passes with missing_paths=0, missing_operations=0, path_coverage=100.00%, and operation_coverage=100.00%. The enriched OpenAPI contract now documents the DBaD proof/validation/trust-continuation endpoints, public ethics intake/calculator/subscription endpoints, open-data sample, Church public lesson/hymn endpoints, member audio-library endpoints, and the remaining admin report exports.
• Post-Round 54 local self-audit added explicit evidence companion names to trust-continuation responses. /trust-continuation/check now exposes allowed_evidence and trust_continuation_token_issued_evidence with local authority/display/machine/human-readable companions; /trust-continuation/token/verify now exposes allowed_evidence, token_valid_evidence, and historical_verification_attestation_available_evidence. These fields are still non-authorization evidence; the short-lived trust-continuation token remains the credential.
• Round 55 response digestion preserved Copilot's useful hardening ideas as executable work rather than treating them as confirmed defects. The composite red-team runner now includes fuzz_dbad_composite_proof_bundle_scope.py for signed-field and unsigned-shadow-field mutation, copied/delayed bundle replay, token-redaction, no-root-ok, and verifier failure echo-suppression checks; it also includes fuzz_dbad_trust_token_integrity.py for fresh token issuance, valid verification, immediate replay as evidence-only behavior, wrong intended use, tampered token, wrong trace context, wrong receipt, and historical-attestation-as-permission rejection.
• The composite red-team runner now appends compact internal history to /home/dbad/logs/dbad_redteam_history.jsonl, classifies failures by leakage class, and reports an explicitly internal-only regression posture score. That score is operational triage only; it is not DBaD authorization and not public proof of safety.
• A working Authorization Non-Recoverability report package now exists at /home/dbad/docs/DBaD_Authorization_Non_Recoverability_Report_2026-05-31.md. It frames the current implementation as adversarially tested evidence/authorization separation, not a formal proof and not an ethics/safety claim.
• Additional local self-audit now covers evidence-code correlation and cross-client projection drift. audit_dbad_evidence_code_correlation.py records repeated/mixed-kind structural evidence-code groups as advisory exposure and fails on public decode hints or approval-shaped meaning near evidence codes. fuzz_dbad_cross_client_projection.py projects trace API JSON and trace-detail HTML into lossy extracted-value/text views and fails if approval-shaped terms appear without the non-authorization boundary.
• Post-Round 54 local self-audit added audit_dbad_shared_mutation_guards.py and wired it into dbad_redteam_runner.py. The check snapshots the public ethics calculator, runs a DBaD evaluate request, then verifies the calculator's shared weights and dimension_labels were not polluted by status-binding companions.
• The LLM/crop fuzzer now simulates first-token windows, sliding eight-token crops, and prompt-injection-style stripping of NOT_AUTH::not_authorization_*_evidence_for_ prefixes. That stronger fuzzer found cropable source language in status semantics and validation summaries; the served text now avoids positive-looking terminal phrases and uses Deterministic DBaD checks recorded no blocking violations... wording instead of bare pass-shaped validation summaries.
• Post-Round 54 local self-audit also added GET /api/v1/dbad/composite-proof-bundle, a signed, cache-bustable, no-store public proof bundle for peers whose tools cannot fetch several live endpoints. It includes current status-snapshot, trace API, trust-continuation check, and token-verification samples with response headers and a dbad_cpb_v1... signature. Tokens and historical attestations are redacted, and POST /api/v1/dbad/composite-proof-bundle/verify verifies the signature while still returning non-authority evidence only.
• Trace-detail validation/state/proof blocks now carry a subtle repeated visual crop marker, DBaD EVIDENCE ONLY - NOT AUTHORIZATION, in screen and print CSS. The marker is non-selectable, low contrast enough to preserve readability, and exists only to make cropped screenshots harder to detach from the non-authorization boundary.
• Pre-Round 53 local trust-path self-audit found that a valid trust-continuation check still returned cropable raw positive response booleans at the root, under data.allowed, and under historical-attestation availability. Check/verify response bodies now omit root ok, bind positive response booleans as NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., and keep the trust-continuation token itself as the credential. The focused status-field audit now performs fresh trust-continuation check and token-verify probes.
• Post-hardening documentation scan found and corrected an outdated API-doc client snippet that still used a raw-true comparison for token verification. The snippet now treats allowed, token_verification_status, and current_validation.is_valid as bound evidence strings and gates certified use on HTTP 200 token verification, empty failure states, intended use, and matching non-authority metadata.
• Post-hardening display scan found one remaining human-visible trace-detail metadata row, representation_compliant: true, even though API/copy JSON already exposed representation_compliant=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-.... Trace detail now renders representation_compliant evidence with the display-safe NOT AUTHORIZATION - boolean evidence: structural-evidence-code-v2-... - not permission value, and the fuzz harness fails if the raw row returns.
• Pre-Round 52 local self-audit found a remaining public API envelope gap outside the read-only proof path: DBaD trace mutation endpoints still returned root ok and raw stored trace fragments on write/error responses. Trace mutation APIs now use the same non-authority envelope contract as public proof APIs: no root ok, value-bound api_transaction_status, mutation_result=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-... on success, mutation_success_authoritative_for_trust_positive_use=false, and runtime-validation-overlaid trace payloads. The status-field audit now probes mutation error and success responses directly.
• Pre-Round 51 local self-audit found the next likely extraction issue before peer review: public trace JSON still exposed raw positive validation booleans on validation, nested reliance-summary, and reset-approval paths. Public payload binding now projects those positive booleans as NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-... with local *_authority_binding, *_display_safe=false, *_machine_only=true, and *_human_readable=NOT AUTHORIZATION - boolean evidence: structural-evidence-code-v2-... - not permission companions. False blocking booleans remain false so failure checks and rejection semantics stay clear.
• Round 54 response digestion preserved the useful peer ideas as executable harnesses: fuzz_dbad_boolean_authority_leakage.py checks that sensitive boolean-like fields cannot collapse to raw approval booleans, fuzz_dbad_llm_boolean_simulator.py checks lossy text/summary views for authorization collapse, and dbad_redteam_runner.py runs the composite status, fuzz, boolean, semantic-collapse, and prose-reliance checks in one command.
• Round 49 response digestion accepted the only live API gap: nested verification outcome fields such as verification_posture.latest_outcome and verification_history[].outcome now use NOT_AUTH::not_authorization_outcome_evidence_for_structural-evidence-code-v2-... values and local *_authority_binding=not_authorization_token_bound plus *_human_readable=NOT AUTHORIZATION - status evidence: structural-evidence-code-v2-... - not permission companions. Quoteable representation fields now also carry local companions: representation_class_authority_binding, representation_class_human_readable, representation_compliant_authority_binding, and representation_compliant_human_readable. The served marker is served_hardening_round=round53_trust_response_evidence_binding_v1, and the fuzz/status audits now check these paths directly.
• Pre-Round 49 local hardening closed a fresh self-scan gap where trace index/detail rows still rendered Trust inheritance: Current validation passed; fresh trust-continuation check required as a cropable phrase. The visible rows now say Trust inheritance evidence and lead with NOT AUTHORIZATION; API-facing trust_inheritance_result.label values for pass/reset/reliance/non-governing/blocked cases now also start with explicit non-authorization wording. The detail page lower cards now render outcome, completeness, verification history, escalation closure, state history, and selected validation metadata as display-safe evidence values, and operator form option labels say evidence-only/not-authorization while preserving the submitted machine values.
• Round 48 response digestion closed the remaining cropable trace-index summary/state gaps. The trace index now renders Current runtime validation evidence with the same NOT AUTHORIZATION - structural validation evidence: structural-evidence-code-v2-... - not permission value used elsewhere, and stored effective-state rows now render as Stored effective-state evidence with display-safe evidence values instead of allow/Allow. Trace detail state-layer rows now render Local/Systemic/Effective state evidence with NOT AUTHORIZATION values, print CSS keeps these labels/values together, and the Round 47 fuzz harness now fails raw runtime/state labels as well as metadata-label regressions.
• The status-field compliance snapshot now value-binds data.sample_status_fields.validation_outcome_class with NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-... and emits the local display-safety companions, removing the last bare structural_pass sample from the public proof endpoint.
• Round 47 response digestion found no confirmed live API/status-code defect. The only fresh actionable presentation concern was crop safety around trace metadata rows, so the trace index labels review, expected, outcome, completeness, and closure rows as evidence, marks blind-spot counts as not authorization, and labels review filters as navigation aids. The Round 47 fuzz harness fetches trace detail and trace index HTML and fails if those rows regress to raw Review status:, Expected:, Outcome:, Completeness:, or Closure: labels.
• Round 46 response digestion closed the remaining reversibility gap in the status evidence code. Status/class/boolean/outcome evidence now uses deterministic hash-based structural-evidence-code-v2-... values rather than base64 or literal semantic suffixes. The verifier can recognize bounded known-code meanings for compliance checks, but field-level extraction, delimiter splitting, and base64 decoding no longer recover clean words such as passed, verified, complete, or true.
• Round 41 response hardening removed the remaining approval-shaped verifier/envelope shortcuts. DBaD non-authorization endpoints now omit root ok, expose ok_removed_for_authorization_safety=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., bind verifier classes as NOT_AUTH::not_authorization_class_evidence_for_..., bind verifier true values as NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., expose status_value_semantics plus status_prefix_stripping_forbidden=true, and report secondary binding failures as missing_secondary_status_binding=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-.... A new public snapshot at /api/v1/dbad/status-field-compliance-snapshot gives cold-start reviewers a cache-bustable proof surface for the current status-field invariant.
• Round 42 response digestion added a focused reproducibility path for peers whose web tools cannot fetch full live payloads: python3 app/scripts/audit_dbad_status_field_compliance.py --base-url https://ethics.decencymeter.com. The script fetches the status-field compliance snapshot with cache-busting, walks the prose-reliance trace API for status-keyed strings, verifies copied safe citation and archival projection artifacts, confirms verifier responses omit root ok and do not echo full payloads, and checks bare-status plus representation-mutation rejection. The public contract now clarifies that status-keyed boolean/class evidence may use typed non-authorization prefixes such as NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-... and NOT_AUTH::not_authorization_class_evidence_for_..., but never bare approval-shaped strings.
• Round 44 response digestion accepted the cache-layer concern as a concrete hardening item. DBaD API routes under /api/v1/dbad/ now force Cache-Control: no-store, max-age=0, must-revalidate, Surrogate-Control: no-store, Pragma: no-cache, Expires: 0, and X-DBaD-Cache-Status: fresh. The status-field compliance audit now verifies those headers on DBaD API responses, in addition to the no-root-ok and status-value binding checks. API docs also warn client frameworks not to synthesize a root ok or authorization boolean from HTTP 200 or object-hydration helpers.
• The Round 41 artifact pass also binds quoteable representation evidence: safe citations now expose representation_class=NOT_AUTH::not_authorization_class_evidence_for_structural-evidence-code-v2-... and representation_compliant=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., while archival projections expose representation_class=NOT_AUTH::not_authorization_class_evidence_for_structural-evidence-code-v2-.... The public proof text continues to list machine-only markers such as human_readable_bundle_fingerprint_machine_only and transaction status examples including evaluation_payload_delivered_not_authorization, validation_payload_delivered_not_authorization, safe_citation_verification_delivered_not_authorization, and historical_attestation_verification_delivered_not_authorization.
• The public entry pages were refreshed after the Round 34 value-bound hardening pass: Why DBaD exists now points readers to the current baseline, update notes, API docs, point-in-time evidence boundary, fresh trust-continuation requirement, and DecencyMeter advisory-only separation; DBaD Explained was also layout-hardened for desktop and mobile.
• Validation receipts now expose operator_env_version, operator_env_state_hash, operator_env_id, operator_env_scope, operator_env_authority_level, and trace_validation_version.
• Structured reliance now exposes depends_on_reliance_trace_refs, reliance_validation_versions, and reliance_snapshot_hash.
• Prose-only reliance now exposes display-safe current_validation_status_human_readable=NOT AUTHORIZATION - validation evidence: structural-evidence-code-v2-... - not permission, validation_class=advisory_only_prose, reliance_contribution_to_outcome=NOT_AUTH::not_authorization_outcome_evidence_for_..., and the semantic status name passed_no_valid_reliance_applied is available only through value-bound, machine-only evidence fields. The trace headline says NOT AUTHORIZATION - Structural Validation Evidence (No Machine Reliance Applied). The exposed raw status fields and comparison token fields are all value-bound, for example current_validation_status=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., validation_status_class=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., validation_outcome_class=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., current_validation_status_token=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., validation_status_class_token=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., and validation_outcome_class_token=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-...; token fields also carry token-specific authority binding, machine-only, and non-display-safe companions.
• Validation JSON now exposes raw_status_fields_display_safe=false, raw_status_fields_machine_only=true, current_validation_status_machine_only=true, validation_status_class_machine_only=true, validation_outcome_class_machine_only=true, current_validation_status_value_authority_binding=not_authorization_value_bound, validation_status_class_value_authority_binding=not_authorization_value_bound, validation_outcome_class_value_authority_binding=not_authorization_value_bound, token companions such as current_validation_status_token_authority_binding=not_authorization_token_bound, current_validation_status_token_display_safe=false, current_validation_status_token_machine_only=true, validation_status_class_token_authority_binding=not_authorization_token_bound, validation_status_class_token_display_safe=false, validation_status_class_token_machine_only=true, validation_outcome_class_token_authority_binding=not_authorization_token_bound, validation_outcome_class_token_display_safe=false, validation_outcome_class_token_machine_only=true, group fields token_fields_display_safe=false, token_fields_machine_only=true, displaying_token_fields_is_non_compliant=true, displaying_raw_status_fields_is_non_compliant=true, preferred_display_fields, trust_positive_authorization=false, trust_authorization_class=not_authorized, approval_inference_forbidden=true, authorization_status_hard=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., non_authorization_core_status=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., headline_authority_binding=non_authorization_must_precede_outcome, display-safe validation_outcome_class_human_readable=NOT AUTHORIZATION - structural validation evidence: structural-evidence-code-v2-... - not permission, minimum_safe_fields, required_bundled_fields, bundled_semantic_fields, bundling_hash, bundling_scope=full_validation_semantics_v2, human_readable_bundle_fingerprint_safe_display, served_hardening_round=round53_trust_response_evidence_binding_v1, status_field_invariant_verified=NOT_AUTH::not_authorization_boolean_evidence_for_..., status_human_readable_truncation_forbidden=true, explicit operator environment identity/scope/authority fields, provenance_class, safe_citation_v1_accepted=false, and requires_trust_continuation_token_for_authorization=true so clients do not treat legacy raw validation booleans, raw status fields, token fields, or passed* status strings as permission.
• Trust-continuation checks require reliance_snapshot_hash when structured reliance dependencies exist.
• Token verification can fail with transitive_reliance_epoch_mismatch or trace_referenced_no_longer_available.
• Successful token verification now exposes valid_from_utc and valid_until_utc, and emits an optional signed historical_verification_attestation for audit/reporting only, with a signed NOT AUTHORIZATION - HISTORICAL EVIDENCE ONLY header, attestation_class=historical_non_authoritative, authorization_status=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., and verification_result=historically_valid_non_authoritative.
• Trace detail pages include Copy safe citation, a compact signed JSON artifact that bundles canonical query-free trace URL, status value semantics, the current hardening round, timestamp, freshness window, receipt ID, validation epoch, trace_validation_version, operator environment identity/scope/authority/state hash, provenance_class, validation summary, violations/advisories, non-authority fields, safe display fields, and the fresh-token requirement. The verify endpoint checks tamper evidence but still returns accepted_as_authorization=false; submitted partial projections missing required fields return verifier_response_class=NOT_AUTH::not_authorization_class_evidence_for_partial_non_compliant, altered semantic, temporal, receipt, rule-version, operator-environment, provenance, violation, advisory context, missing value binding, or missing token binding returns verifier_response_class=NOT_AUTH::not_authorization_class_evidence_for_structural-evidence-code-v2-..., and current-trace v2-to-v1 downgrades return illegal_version_downgrade_detected. Copy archival projection remains compact archive metadata only; the semantic verifier class is archival_projection_recognized, but the served value is bound as non-authorization class evidence. It verifies with HTTP 422, no root ok, verifier_response_class=NOT_AUTH::not_authorization_class_evidence_for_structural-evidence-code-v2-..., error=archival_projection_not_safe_citation, and archival_projection_accepted_as_safe_citation=false; missing or reordered archival headlines return a bound context_mismatch_non_compliant verifier class.
• Safe-citation verification now separates signature validity from compliance: a signed artifact missing required bundled fields can still report safe_citation_signature_valid=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., but it omits root ok, returns verifier_response_class=NOT_AUTH::not_authorization_class_evidence_for_partial_non_compliant, and returns signature_and_authorization_class=NOT_AUTH::not_authorization_class_evidence_for_valid_signature_non_compliant_never_authoritative.
• Round 27 response cleanup now binds the first visible trace-page signal to non-authorization: trace pages lead with NOT AUTHORIZATION, render headline_authority_binding=non_authorization_must_precede_outcome, display operator environment identity/scope/authority plus provenance_class in the first-screen authority banner, current bundle fingerprints begin with NOT_AUTH::, and current v2 required_bundled_fields binds headline_authority_binding plus provenance_class.
• Trace API responses now add root-level non-authority fields and omit root ok: api_transaction_status=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., api_transport_status=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., api_delivery_outcome=NOT_AUTH::not_authorization_outcome_evidence_for_structural-evidence-code-v2-..., ok_removed_for_authorization_safety=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., ok_meaning=transport_only_not_authorization, ok_authoritative_for_trust_positive_use=false, api_envelope_ok_authoritative_for_trust_positive_use=false, trust_positive_authorization=false, and unsafe_if_ok_used_for_authorization=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-....
• Pre-Round 29 hardening originally added non-authority envelope fields; Round 41 supersedes the transport shortcut by removing root ok from DBaD non-authorization endpoints. POST /api/v1/dbad/evaluate, POST /api/v1/dbad/validate, POST /api/v1/dbad/safe-citation/verify, and POST /api/v1/dbad/historical-verification-attestation/verify now repeat bound transaction statuses, api_transport_status=NOT_AUTH::not_authorization_status_evidence_for_structural-evidence-code-v2-..., ok_removed_for_authorization_safety=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-..., ok_meaning=transport_only_not_authorization, ok_authoritative_for_trust_positive_use=false, api_envelope_authorization_class=NOT_AUTH::not_authorization_class_evidence_for_structural-evidence-code-v2-..., accepted_as_authorization=false, and unsafe_if_ok_used_for_authorization=NOT_AUTH::not_authorization_boolean_evidence_for_structural-evidence-code-v2-.... Trace detail titles and social descriptions still start with NOT AUTHORIZATION so link previews cannot quote a pass-shaped status without the boundary.
• Round 32 response hardening closes the remaining visible fingerprint crop path. Trace Validation now exposes current_validation_status_human_readable, validation_status_class_human_readable, validation_outcome_class_human_readable, and human_readable_bundle_fingerprint_safe_display; the raw human_readable_bundle_fingerprint remains in machine/copy artifacts for verification, but the visible trace page renders only the safe display projection so pass-shaped fragments cannot be cropped out of a long fingerprint line without adjacent NOT AUTHORIZATION wording.
• Round 35 response hardening closes the comparison-token re-exposure path: extracting only current_validation_status_token, validation_status_class_token, and validation_outcome_class_token still requires adjacent token-specific fields such as *_token_authority_binding=not_authorization_token_bound, *_token_display_safe=false, and *_token_machine_only=true. Safe-citation and archival-projection verifiers reject missing or altered token authority/display-safety binding as context_mismatch_non_compliant.
• Round 37 compatibility closure removes the remaining v1 safe-citation acceptance window. full_validation_semantics_v1 is no longer accepted as a complete safe-citation scope; only full_validation_semantics_v2 can verify as NOT_AUTH::not_authorization_class_evidence_for_structural-evidence-code-v2-.... This is intentionally breaking because there are no active external API consumers.
• The Agents of Chaos comparison package now maps DBaD controls to the paper's observed agent failure families: non-owner compliance, destructive tool use, resource exhaustion, identity spoofing, cross-agent propagation, and false completion reports.
• Trace-detail navigation now defensively and recursively redirects same-host absolute URLs accidentally placed under /dbad/traces/ back to their canonical route, so malformed paths like /dbad/traces/https://ethics.decencymeter.com/agents-of-chaos-comparison open the comparison page instead of a dead trace URL.
• Round 40 response hardening collapses the old companion-only path: every derived *status* string value, including explicit token fields, must now start with NOT_AUTH:: or NOT AUTHORIZATION and must still carry *_machine_only=true, *_display_safe=false, *_authority_binding=not_authorization_token_bound, and *_human_readable=NOT AUTHORIZATION - status evidence: structural-evidence-code-v2-... - not permission; trace/validation JSON and submitted artifacts expose secondary_status_fields_bound=true, secondary_status_binding_policy, and global_status_field_invariant=Every status field must be value-bound and companion-bound; no bare approval-shaped status token may appear.; verifiers reject submitted artifacts that drop value binding or companions with missing_secondary_status_binding=true; API docs include a status field compliance linter for external renderers.
• Verifier responses for legacy v1 safe citations now include v1_citation_rejection_reason.rejection_code=legacy_bundle_version_rejected, rejection_policy_date=2026-05-29, and a policy URL to make the closure explicit for stored v1 artifacts.
• The DecencyMeter public home page empty-wall card now reads as an intentional reviewed-content empty state instead of placeholder copy, and the wall link uses the site button treatment rather than a browser-default blue link.
• Round 31 response hardening makes the Trace Validation metadata rows crop-safe too: visible current_validation_status, validation_status_class, and validation_outcome_class rows now render values such as NOT AUTHORIZATION - validation class evidence: structural-evidence-code-v2-... - not permission / NOT AUTHORIZATION - structural validation evidence: structural-evidence-code-v2-... - not permission. Print/PDF output also appends [NOT AUTHORIZATION - structural evidence only] to those metadata rows. The visible validation summary line begins NOT AUTHORIZATION - Validation result:, each visible rule result renders pass - not authorization or fail - not authorization, and archival projections add labeled status values so alternative YAML/XML-style serialization cannot preserve only a clean pass-shaped value without a companion non-authorization value.
• Public API discovery now exposes predictable JSON aliases at /api/docs/ethics.json and /api/docs/church.json, matching the existing ?format=json discovery payloads; the ethics robots policy explicitly allows /api/docs/ethics.json.
• The DBaD public-surface update contract is now explicit and audited: DBaD ethics logic/API/code changes must account for /updates, /current-state, /api/docs/ethics, and /dbad-ethics-817, plus running log, recovery file, task queue, and prompt/synthesis updates. The standard public contract audit bundle now also runs API-doc discovery, OpenAPI host, API-doc live-route, HTML/static health, template copy-payload, and template accessibility checks.
• The latest pre-peer sweep passed public contract, stale-language consistency, prose-reliance contract, API docs live-route, internal-link, HTML/static health, security-header, template accessibility, canonical-link, API docs discovery schema, host-scoping, and desktop/mobile screenshot-smoke checks.
• API docs now include a historical-attestation quoteability example that distinguishes a valid non-authoritative citation from the invalid claim "DBaD approved this trace."
• Prose-only reliance now leads with an advisory runtime state and stays non-machine-verified.
• Copied/API JSON for prose-only reliance now uses display-safe current_validation_status_human_readable=NOT AUTHORIZATION - validation evidence: structural-evidence-code-v2-... - not permission in addition to the raw machine-only status token.
• Successful reset-boundary and structured-reliance paths now use display-safe pass states such as NOT AUTHORIZATION - validation evidence: structural-evidence-code-v2-... - not permission and NOT AUTHORIZATION - validation evidence: structural-evidence-code-v2-... - not permission, so copied dependency summaries no longer need bare generic pass wording.
• A repeatable prose-reliance contract audit now checks the trace API, trace page, hidden copy JSON payloads, and docs pages for the no-valid-reliance-applied contract.

Public proof links

• Current-state baseline
• Prose reliance advisory fixture
• Structured reliance reset-boundary fixture
• Incomplete reliance rejected fixture
• Composite proof bundle API
• Client-consumption snippets
• Agents of Chaos comparison package
• This update log

Outstanding questions

• Signed historical verification attestations are implemented only as non-authoritative audit artifacts; they return accepted_as_authorization=false and are rejected as trust-positive authorization.
• Persistent DB-backed token revocation and public introspection remain deferred until certified integrations or longer-lived tokens justify the operational plane.
• Signed first-use resource-continuity attestations and verifier quorum are still decision gates, not implemented guarantees.

Next peer-review focus

• After trace-index/detail trust-inheritance and lower-card hardening, can any cropped screenshot still preserve a pass-shaped result while dropping NOT AUTHORIZATION, evidence-only wording, or operator-environment provenance?
• Known-issue cleanup target for the next peer pass: challenge any remaining cross-environment, verifier-response, copied-artifact, API-envelope, lower-card, operator-control, or public-discoverability shape that could make archive, citation, attestation, or validation artifacts look like trust-positive authorization.
• Does the new archival_minimal_non_authoritative projection class make compact archives useful without weakening complete safe citations?
• Do reviewers find any remaining compatibility path that still permits a downgraded or partial artifact to verify as complete?
• Are historical attestations clearly useful as audit evidence without becoming static trust permission, even under partial extraction?
• Are token and reliance epoch failure states diagnostic enough for clients?