SSM-Clock Stamp – Acceptance Criteria (5.11)

Objective. Define the minimal conditions under which a verifier MUST return PASS for SSM-Clock Stamp artifacts — deterministic, plain ASCII.

Integrity

  • Unmodified files verify HASH_OK=true via h' = H_algo(file_bytes) and string-equal to recorded digest (lowercase 64-hex).
  • Any byte change yields HASH_OK=falseVERDICT=FAIL.

Clock (UTC → angle)

  • iso_utc parses as YYYY-MM-DDThh:mm:ssZ (UTC, seconds only; 23:59:60 forbidden).
  • Deterministic math: wrap360(x) = x - 360*floor(x/360), theta_deg = wrap360( (unix_seconds/86400) * 360 ), rasi_idx = floor(theta_deg/30).
  • theta_deg is printed with exactly theta_prec digits (default 5) using IEEE-754 binary64 round-half-to-even; compare as strings.
  • Result: CLOCK_OK=true when both rasi_idx and fixed-print theta_deg match.

Chain (append-only)

  • If a ledger is provided, rewalk from chain_0 = "0"*64 with each row’s kv:chain_algo (or default):
    chain_k = H_chain( ascii(chain_{k-1} + "|" + stamp_core_k) ).
  • All rows match recorded chain; the target file’s chain is present → CHAIN_OK=true.
  • Without a ledger, set CHAIN_OK=na (does not fail core PASS).

Anchors (daily roll-up)

  • If an anchor note is provided, rebuild the same-day set; canonical order by (iso_utc, stamp_core, chain); literal join "Stamp_1|...|Stamp_n"; compute
    rollup_D' = sha256( ascii(joined) ).
  • Require rollup_D' == rollup_sha256 and, if present, n == countANCHOR_OK=true.
  • Without a note, set ANCHOR_OK=na.

KV compliance

  • Defaults when kv: absent: algo=sha256; chain_algo=sha256; theta_prec=5; float=ieee75464; time_mode=derived_utc.
  • Recognized domains:
    • algo ∈ {sha256, sha3_256, blake2b-256}
    • chain_algo ∈ {sha256, sha3_256, blake2b-256}
    • theta_prec ∈ {3..9}
    • float = ieee75464
    • time_mode ∈ {derived_utc, observed}
  • Unknown kv keys are ignored; duplicate keys or out-of-domain values → FAIL (syntax/policy).

Observed-time evidence (if present)

  • abs( unix(iso_utc) - unix(obs_iso_utc) ) <= tolerance_sec and
    obs_evidence_sha256 == sha256( ascii(concat_of_sources_and_reported_times) ) (normalize \r\n\n).
  • Report EVIDENCE_OK=true/false; advisory unless local policy requires.

ASCII discipline

  • Stamps are single ASCII lines with | separators; no spaces around separators; all hashed inputs use ascii(...).
  • Digests are lowercase 64-hex; theta_deg uses . as decimal; no thousands separators.

Backward compatibility

  • All v1.1 stamps verify under v1.3: absence of kv: implies the defaults above.

PASS rule (final)

  • HASH_OK=true and CLOCK_OK=true and (CHAIN_OK ∈ {true, "na"}) and (ANCHOR_OK ∈ {true, "na"}) → VERDICT=PASS.
  • Otherwise VERDICT=FAIL with the first failing reason.

Navigation
Back: SSM-Clock Stamp – Batch Verify-All (harness) (5.10)
Next: SSM-Clock Stamp – Float Parity Across Implementations (5.12)