VERITAS Ω-CODE v2.0

"If it cannot be expressed as typed, declared, constraint-bound assertions with artifact evidence, it cannot be evaluated."

Ω-CODE v2.0 aligns the code-domain verification layer with the omega-brain-mcp 10-gate pipeline and VERITAS Ω Build v1.0.0, while preserving the deterministic enforcement innovations from Ω-CODE v1.0.

01

Claim Object

All pipeline input is a BuildClaim — a structured object, not a string grammar. Every field must be present and non-null.

BuildClaim := {
  id:            ClaimID,
  project:       String,
  version:       SemVer,
  commit:        Hash,
  P:             Set[BuildPrimitive],     // what we measure
  O:             Set[Operator],           // how we combine
  R:             Set[BuildRegime],        // deployment context
  B:             Set[Boundary],           // constraints
  L:             Set[LossModel],          // failure costs
  E:             Set[EvidenceItem],       // proof
  cost:          CostVector,
  cost_bounds:   CostBounds,
  attack_suite:  AttackSuite,
  dependencies:  DependencyManifest,
  security:      SecurityManifest,
  created_at:    Timestamp
}

ClaimID := SHA256(canonical(
  project + version + commit + P + O + R + B + L + PolicyHash
))

Set Canonicalization

All set fields sorted lexicographically by name or id before hashing. Two BuildClaims with same fields in different order MUST produce the same ClaimID.

P: sorted by BuildPrimitive.name
O: sorted by Operator.name
R: sorted by BuildRegime.name
B: sorted by Boundary.name
L: sorted by LossModel.name
E: sorted by EvidenceItem.id

Key Types

BuildPrimitive := { name: String, units: String, domain: Interval }
Operator       := { name: String, arity: Int, inputs: [Ref], output: Ref }
BuildRegime    := { name: "dev"|"staging"|"prod", predicates: [Predicate] }
Boundary       := { name: String, constraint: { variable, operator, target } }
PackageRef     := { name, version, registry, integrity_hash }
SASTFinding    := { tool, location, severity, finding }

Production regime enforces escalated thresholds: K=3, A=0.90, Q=0.80.

02

Environment Declaration

Preserved from v1.0. Before any pipeline run, the execution environment MUST be explicitly declared and hashed.

ENV_MANIFEST {
  os:              String
  language_ver:    String
  ast_parser:      String
  dependency_lock: Hash
  gate_config:     Hash          // PolicyHash
  timestamp:       Unix_epoch
}

ENV_HASH = SHA256(ENV_MANIFEST in canonical JSON key order). Different output under same ENV_HASH → VIOLATION: NONDETERMINISM.

03

Verdicts

Verdict := PASS | MODEL_BOUND | INCONCLUSIVE | VIOLATION

Precedence: VIOLATION > INCONCLUSIVE > MODEL_BOUND > PASS

Verdict	Meaning	Deploy?
PASS	All gates satisfied. Artifact deployable under declared regime.	Yes
MODEL_BOUND	Gates pass but resource/coverage/confidence near redline.	With monitoring
INCONCLUSIVE	Insufficient evidence or solver timeout. Cannot affirm or deny.	No — blocked
VIOLATION	Constraint failure, vulnerability, or test failure.	No — blocked

04

Pipeline

PIPELINE_ORDER := [
  INTAKE,  TYPE,  DEPENDENCY,  EVIDENCE,  MATH,
  COST,  INCENTIVE,  SECURITY,  ADVERSARY,  TRACE_SEAL
]

Fail-Fast Rule

IF Gate N returns VIOLATION:
  → HALT immediately → final_verdict = VIOLATION

IF Gate N returns INCONCLUSIVE:
  → HALT unless policy gate-skip
  → If skipped: downgraded to MODEL_BOUND

Final Verdict

EXECUTED_GATES := all gates that ran (inclusive of halting gate)
final_verdict  = max(verdicts over EXECUTED_GATES, by precedence)

Only executed gates participate. Gates that never ran are absent, not defaulted.

05

Gate Definitions

1

INTAKE

Parse, validate, and canonicalize the BuildClaim.

INTAKE_GATE(payload):
  1. Parse BuildClaim from source (CI, CLI, API)
  2. Validate all required fields present and non-null
  3. Verify commit hash matches HEAD
  4. Compute ClaimID — verify match
  5. Verify lockfile_hash matches disk
  6. Validate ENV_MANIFEST present and hashable

  → PASS or VIOLATION: INTAKE_MALFORMED
                        INTAKE_COMMIT_MISMATCH
                        INTAKE_LOCKFILE_DRIFT

Artifact: intake_report.json

2

TYPE

Type safety, unit consistency, symbol resolution.

TYPE_GATE(claim):
  1. Enforce unique primitive names
  2. Validate non-empty domains
  3. Validate operator arity + type references
  4. Check all constraint symbols → declared primitives
  5. Validate unit consistency across operators
  6. Verify regime predicates reference declared primitives

  → PASS or VIOLATION: UNDEFINED_SYMBOL | UNIT_MISMATCH
                        ARITY_ERROR | EMPTY_DOMAIN

TRUST_BOUNDARY — detected and logged for Gate 8 (SECURITY):

External input enters the system
Privilege level changes
Contract/user boundary crossed
IPC or network boundary
Deserialization on untrusted data

Artifacts: type_report.json (includes trust boundary map)

3

DEPENDENCY

Supply chain verification. First-class attack surface.

DEPENDENCY_GATE(claim):
  1. Parse SBOM from DependencyManifest
  2. Verify every PackageRef integrity_hash vs registry
  3. Scan CVEs:
     CRITICAL/HIGH (no patch) → VIOLATION(CVE_CRITICAL)
     MEDIUM → MODEL_BOUND(CVE_MEDIUM) if policy allows
     LOW → log + PASS
  4. Check dependency depth vs DEPENDENCY_DEPTH_REDLINE
  5. Detect deprecated/abandoned packages (>2yr, archived)
  6. Detect duplicate packages at different versions
  7. Verify license compatibility

Artifact: dependency_report.json

4

EVIDENCE

Quality, independence, and agreement of evidence.

Quality Function

clamp01(x) := max(0, min(1, x))

Quality(e) = clamp01(
  0.40 × provenance_score(tier)      // A=1.0, B=0.7, C=0.4
+ 0.25 × repeatability_score(method) // repeatable=1.0, else=0.5
+ 0.20 × freshness_score(e)          // within TTL=1.0, expired=0.0
+ 0.15 × environment_match_score(e)  // matches=1.0, partial=0.5
)

Independence Graph

Edge between e_i, e_j if:
  same source_id
  OR same tool + config + |Δt| ≤ 60s
  OR explicit dependency declared

MIS_GREEDY(G):
  Order by (degree asc, id asc)
  Greedily pick non-adjacent → Timeout → INCONCLUSIVE(MIS_TIMEOUT)

Thresholds by Regime

Regime	Kmin	Amin	Qmin
dev	2	0.70	0.60
staging	2	0.80	0.70
prod	3	0.90	0.80

Artifact: evidence_report.json

5

MATH

Constraint satisfaction via interval propagation or SMT.

MATH_GATE(claim):
  1. Bind evidence values → constraint variables
  2. Translate → interval propagation or SMT
  3. SAT → PASS
     UNSAT → VIOLATION(UNSAT_CONSTRAINT)
     TIMEOUT → INCONCLUSIVE(DECIDABILITY_TIMEOUT)

Scope: decidable fragment only (LRA, bit-vectors, SI units, range bounding). Non-linear → requires formal proof or accept MODEL_BOUND(GODEL_CEILING).

Artifact: math_report.json

6

COST

Resource consumption within declared bounds.

COST_GATE(claim):
  u = max(cost_i / bound_i) over all components

  u < 0.80  → PASS
  u < 0.95  → PASS with warning
  u ≥ 0.95  → MODEL_BOUND(COST_REDLINING)
  no bound  → VIOLATION(UNDECLARED_COST_BOUND)

Artifact: cost_report.json

7

INCENTIVE

Evidence source dominance and vendor concentration detection.

INCENTIVE_GATE(claim):
  Dominance(x) = max_count_by_source / |S_x|

  > 0.75 → VIOLATION(EVIDENCE_CAPTURE)
  > 0.50 → MODEL_BOUND(DOMINANCE_DETECTED)

  Registry concentration:
  single registry >80% → MODEL_BOUND(VENDOR_CONCENTRATION)

Artifact: incentive_report.json

8

SECURITY

Secrets, SAST, auth boundaries, crypto, trust boundary enforcement.

Dependency contract: MUST consume type_report.json from Gate 2. Missing → VIOLATION(TYPE_SECURITY_LINK_FAILURE).

SECURITY_GATE(claim):
  0. Verify type_report.json + trust_boundaries exist
  1. secrets_detected == true → VIOLATION(SECRET_DETECTED)  // zero tolerance
  2. SAST: CRITICAL → VIOLATION  HIGH → VIOLATION
          MEDIUM → MODEL_BOUND  LOW → log
  3. Verify auth_boundaries declared
  4. Verify injection_surfaces mitigated
  5. Verify TLS ≥ 1.2
  6. Trust boundaries without mitigation → VIOLATION(UNMITIGATED_BOUNDARY)

Artifact: security_report.json

9

ADVERSARY

Hostile verification. Fuzz, mutate, exploit, stress-test.

ADVERSARY_GATE(claim):
  For each attack in AttackSuite:
    PerturbParam: param × (1 + delta_rel)
      magnitude := 0.05 (default, in PolicyHash)
      sign := +1 if hash(attack.id) % 2 == 0, else -1
      delta_rel := sign × magnitude

    Re-evaluate constraints under perturbation
    Constraint flips SAT→UNSAT → VIOLATION(ADVERSARY_FRAGILE)

  Categories: fuzz · mutation · supply_chain · outage · load_spike · exploit
  Incomplete coverage → INCONCLUSIVE(COVERAGE_INCOMPLETE)

Artifact: adversary_report.json

10

TRACE / SEAL

Cryptographic seal over the entire pipeline run.

TRACE_SEAL_GATE(claim, gate_results):
  1. PolicyHash = SHA256(canonical(version, hash_alg, solver_backend,
     timeouts, thresholds, attack_params, gate_order, attack_suite_hash))

  2. trace_0 = SHA256("GENESIS" + PolicyHash + ClaimID)
     trace_k = SHA256(trace_prev + canonical(gate_result_k))

  3. seal = trace_final

  4. manifest.json = { claim_id, env_hash, policy_hash,
     gate_results: [hashes], final_verdict, seal, timestamp }

  5. Append seal to S.E.A.L. ledger

  Always PASS (recording, not evaluation)

Artifacts: trace.jsonl, manifest.json, seal.json

06

Artifact Canonicalization

CANONICAL_FORM:
  Encoding:    UTF-8 (no BOM)
  Format:      JSON
  Key order:   lexicographic (recursive)
  Whitespace:  compact — no trailing, no indentation
  Numbers:     no leading zeros, no trailing decimal zeros
  Strings:     double-quoted, escaped per RFC 8259
  Nulls:       literal "null" (not absent keys)

Binary artifacts → Base64 JSON wrapper: {"_binary": true, "encoding": "base64", "data": "..."}

07

Determinism Invariant

Given identical ENV_HASH + ClaimID + PolicyHash → pipeline MUST produce identical seal. Failure → VIOLATION: NONDETERMINISM.

Source	Handling
System timestamps	Use `ENV_MANIFEST.timestamp`
Random seeds	Seeded from ClaimID or declared fixed seed
External API calls	Classified `MODEL_BOUND`, not run inline
File system ordering	All lists sorted before hashing

08

State Evolution

Structural edit

New ClaimID → full re-run from Gate 1

Evidence update

Same ClaimID → re-run from Gate 4 (EVIDENCE)

Environment change

New ENV_HASH → full re-run, previous seal invalidated

09

Reason Codes — Complete Index

Gate	Code	Meaning
INTAKE	`INTAKE_MALFORMED`	BuildClaim parse failure
INTAKE	`INTAKE_COMMIT_MISMATCH`	Commit hash doesn't match HEAD
INTAKE	`INTAKE_LOCKFILE_DRIFT`	Lockfile hash doesn't match disk
TYPE	`UNDEFINED_SYMBOL`	Constraint references undeclared primitive
TYPE	`UNIT_MISMATCH`	Incompatible units across operator
TYPE	`ARITY_ERROR`	Operator input count wrong
TYPE	`EMPTY_DOMAIN`	Primitive domain has no valid range
DEPENDENCY	`CVE_CRITICAL`	Critical/high CVE with no patch
DEPENDENCY	`CVE_MEDIUM`	Medium CVE (MODEL_BOUND if policy)
EVIDENCE	`INSUFFICIENT_INDEPENDENCE`	\|S_x\| < Kmin
EVIDENCE	`LOW_AGREEMENT`	agreement(S_x) < Amin
EVIDENCE	`LOW_QUALITY`	mean Quality < Qmin
EVIDENCE	`MIS_TIMEOUT`	Independence solver timed out
MATH	`UNSAT_CONSTRAINT`	Constraint violated by evidence
MATH	`DECIDABILITY_TIMEOUT`	SMT solver exceeded limit
MATH	`GODEL_CEILING`	Non-linear, no formal proof
COST	`UNDECLARED_COST_BOUND`	Cost component with no bound
COST	`COST_REDLINING`	Utilization ≥ 0.95
INCENTIVE	`EVIDENCE_CAPTURE`	Single source >75% of evidence
INCENTIVE	`DOMINANCE_DETECTED`	Single source >50% of evidence
INCENTIVE	`VENDOR_CONCENTRATION`	Single registry >80% of packages
SECURITY	`TYPE_SECURITY_LINK_FAILURE`	type_report.json missing trust_boundaries
SECURITY	`SECRET_DETECTED`	Secrets in codebase (zero tolerance)
SECURITY	`SAST_CRITICAL`	Critical SAST finding
SECURITY	`SAST_HIGH`	High SAST finding
SECURITY	`SAST_MEDIUM`	Medium SAST finding
SECURITY	`UNMITIGATED_BOUNDARY`	Trust boundary without mitigation
ADVERSARY	`ADVERSARY_FRAGILE`	Constraint flips under perturbation
ADVERSARY	`COVERAGE_INCOMPLETE`	Not all attack categories executed
PIPELINE	`PIPELINE_ORDER_MISMATCH`	Gates out of order
PIPELINE	`NONDETERMINISM`	Same input, different output

10

System Integration

omega-brain-mcp

Hosts 10-gate pipeline; exposes veritas_run_pipeline, veritas_compute_quality, veritas_mis_greedy, veritas_claeg_resolve as individual MCP tools; appends seal to S.E.A.L. hash chain

AEGIS / AEGIS-Rewrite

Tier 1: VIOLATION records → deterministic fixes. Tier 2: MODEL_BOUND records → AI-assisted remediation under constraint envelope.

Gravity-Omega

Execution host; enforces VTP signature on gate outputs before downstream routing

Veritas Vault

Archives seal, ENV_MANIFEST, all gate report hashes via omega_log_session

S.E.A.L. Ledger

Append-only chain of seal values; NONDETERMINISM violations logged as entries

11

Delta from v1.0

v1.0 Concept	v2.0 Status	Notes
CLAEG EBNF grammar	Replaced	→ BuildClaim object model (MCP wire format)
Gate 0 (CLAEG)	Absorbed	→ INTAKE + TYPE
Gate 4 (AUTHORITY)	Absorbed	→ MATH + SECURITY
Gate 5 (SOLVENCY)	Absorbed	→ MATH + ADVERSARY
Gate 7 (TEMPORAL)	Absorbed	→ ADVERSARY (fuzz/mutation)
REJECTED_AT_CLAEG	Removed	INTAKE + TYPE cover all failures
EPISTEMIC_DECAY	Semantics preserved	→ State Evolution: ENV_HASH change = re-run
CASCADED_FAIL	Removed	Fail-fast halts; no downstream runs
ENV_MANIFEST	Preserved	Unique to Ω-CODE
Canonicalization	Preserved	Critical for cross-system verification
Trust boundaries	Preserved	Feeds into SECURITY gate
Evidence diversity	Preserved (softened)	Flagged, not hard-rejected
Execution bounds	Replaced	→ PolicyHash timeouts
Per-claim SEAL	Replaced	→ trace chain: H(prev + gate_result)

12

What Is Not In Scope

Reason narratively about code quality, style, or intent
Produce probabilistic severity scores (use AEGIS for triage)
Evaluate claims not expressible as structured BuildClaim objects
Replace formal verification for safety-critical systems
Model epistemic entropy, fractal composability, or causal do-calculus