SSM-Clock Stamp – KV Forward-Compatibility (5.18)

Objective. Ensure that future keys in the optional kv: tail do not break older verifiers. Unknown keys are ignored; recognized keys must satisfy strict domains. Everything is plain ASCII and deterministic.

Rule (must)

  • A stamp may end with an optional tail:
    ...|kv:k1=v1;k2=v2;...
  • Parsers MUST ignore unknown keys.
  • Recognized keys (enforce domains):
    • algo ∈ {sha256, sha3_256, blake2b-256}
    • chain_algo ∈ {sha256, sha3_256, blake2b-256}
    • theta_prec ∈ {3..9}
    • float = ieee75464
    • time_mode ∈ {derived_utc, observed}
    • ssmc_hint_min = Delta with |Delta| <= 30 (minutes)
    • a_stamp ∈ (-1,+1) (meta only)
    • Optional provenance: chain_id = [0-9a-fA-F]{8}, device = [A-Za-z0-9._-]{1,32}
  • Duplicates are invalid (e.g., theta_prec=5;theta_prec=6 → FAIL).
  • Values must not contain | or ;.
  • Absence of kv: implies defaults: algo=sha256; chain_algo=sha256; theta_prec=5; float=ieee75464; time_mode=derived_utc.

Why this works

  • Older tools verify core fields and ignore what they don’t recognize.
  • Future tools can add keys without breaking anchors or the base format; anchors hash the entire ASCII line unchanged.

Test (copy-ready)

  1. Produce a stamp with extra keys:
    SSMCLOCK1|...|<h64>|<c64>|kv:algo=sha256;theta_prec=5;float=ieee75464;foo=bar;bar=baz
  2. Verify with an older tool that only understands algo, theta_prec, float.
  3. Expect PASS if core checks succeed; unknown foo, bar are ignored.

Expected output (stdout, ASCII)

HASH_OK=true CLOCK_OK=true CHAIN_OK=true
VERDICT=PASS

Failure examples (deterministic)

  • Duplicate key: kv:theta_prec=5;theta_prec=6FAIL (syntax/domain).
  • Out of domain: kv:float=ieee75432 or theta_prec=2FAIL.
  • Value with separators: kv:note=a|b or kv:note=a;bFAIL.
  • Leap-second claim still banned: iso_utc="...:60Z"FAIL before any kv: parsing.

Producer guidance

  • Keep unknown, experimental fields behind kv:; choose lowercase keys like [a-z0-9_]+.
  • Do not change the base line shape:
    SSMCLOCK1|iso_utc|rasi_idx|theta_deg|sha256(file)|chain[|kv:...]]
  • When introducing a new recognized key, publish its domain and acceptance rule; older tools will still pass by ignoring it.

Why this matters
Forward-compatibility lets the Shunyaya Symbolic Mathematical Clock Stamp evolve (policy, metadata, crypto agility) without breaking legacy verifiers or anchors, because unknown kv: keys are non-breaking and the ASCII line remains the single source of truth.

Navigation
Back: SSM-Clock Stamp – SSM-Clock Sub-Day Hint (advisory minutes) (5.17)
Next: SSM-Clock Stamp – Security Guarantees & Non-Guarantees (6.1)