# Aphoria Claims - version controlled
#
# Human-authored claims with provenance, invariants, and consequences.
# Each claim represents a deliberate architectural decision or safety invariant.
#
# Manage with: aphoria claims create|list|explain|update|supersede|deprecate

[[claim]]
id = "aphoria-no-unwrap-001"
concept_path = "aphoria/production/error_handling"
predicate = "unwrap_count"
value = 0
comparison = "equals"
provenance = "CI clippy::unwrap_used lint at deny level"
invariant = "Production code MUST NOT use unwrap() or expect()"
consequence = "Runtime panics in production"
authority_tier = "expert"
evidence = ["CLAUDE.md critical rules", "Cargo.toml clippy config"]
category = "safety"
status = "active"
created_by = "jml"
created_at = "2026-02-08T12:00:00Z"

[[claim]]
id = "aphoria-bridge-tier-001"
concept_path = "aphoria/bridge/tier_assignment"
predicate = "default_tier"
value = "SourceClass::Community"
comparison = "present"
provenance = "Bridge module design: observations default to Community tier"
invariant = "Observation-to-assertion bridge MUST assign Community tier by default"
consequence = "Incorrect authority ranking in conflict detection"
authority_tier = "expert"
evidence = ["bridge.rs observation_to_assertion function"]
category = "architecture"
status = "active"
created_by = "jml"
created_at = "2026-02-08T12:00:00Z"

[[claim]]
id = "aphoria-lifecycle-skip-001"
concept_path = "aphoria/bridge/lifecycle"
predicate = "skips_pending"
value = true
comparison = "present"
provenance = "Bridge design: observations skip Pending and go directly to Approved"
invariant = "Observations bypass Pending lifecycle stage"
consequence = "Observations would be invisible to queries if stuck in Pending"
authority_tier = "expert"
evidence = ["bridge.rs observation_to_assertion"]
category = "architecture"
status = "active"
created_by = "jml"
created_at = "2026-02-08T12:00:00Z"

# --- Dogfood claims for flywheel testing ---

[[claim]]
id = "aphoria-tls-verify-001"
concept_path = "aphoria/tls/cert_verification"
predicate = "enabled"
value = false
comparison = "absent"
provenance = "RFC 5246 Section 7.4.2 - TLS certificate verification is mandatory"
invariant = "TLS certificate verification MUST NOT be disabled in production code"
consequence = "MITM attacks become trivial; all encrypted traffic can be intercepted"
authority_tier = "regulatory"
evidence = ["RFC 5246", "OWASP TLS Cheat Sheet"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"

[[claim]]
id = "aphoria-no-tokio-core-001"
concept_path = "stemedb_core/imports/tokio"
predicate = "imported"
value = true
comparison = "absent"
provenance = "Architecture decision: stemedb-core must remain runtime-agnostic"
invariant = "stemedb-core MUST NOT import tokio to prevent runtime coupling"
consequence = "Core becomes tied to a specific async runtime, preventing embedding in non-tokio contexts"
authority_tier = "expert"
evidence = ["CLAUDE.md architecture overview", "stemedb-core Cargo.toml"]
category = "architecture"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"

[[claim]]
id = "aphoria-no-md5-001"
concept_path = "aphoria/crypto/hashing/algorithm"
predicate = "algorithm"
value = "md5"
comparison = "not_equals"
provenance = "NIST SP 800-131A Rev 2 - MD5 is not approved for any cryptographic use"
invariant = "MD5 MUST NOT be used for hashing in any security context"
consequence = "Collision attacks are practical; signatures and integrity checks become meaningless"
authority_tier = "regulatory"
evidence = ["NIST SP 800-131A", "RFC 6151"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"

[[claim]]
id = "aphoria-no-wildcard-cors-001"
concept_path = "aphoria/cors/allow_origin"
predicate = "config_value"
value = "*"
comparison = "absent"
provenance = "OWASP CORS Misconfiguration - Wildcard origin with credentials is a vulnerability"
invariant = "CORS MUST NOT use wildcard (*) origin in production services"
consequence = "Any origin can make credentialed cross-origin requests, bypassing same-origin policy"
authority_tier = "expert"
evidence = ["OWASP Testing Guide v4 - CORS", "CWE-942"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"

[[claim]]
id = "aphoria-jwt-audience-001"
concept_path = "aphoria/jwt/audience_validation"
predicate = "enabled"
value = false
comparison = "absent"
provenance = "RFC 7519 Section 4.1.3 - The aud claim MUST be validated"
invariant = "JWT audience validation MUST NOT be disabled"
consequence = "Tokens issued for one service can be replayed against another"
authority_tier = "regulatory"
evidence = ["RFC 7519 Section 4.1.3"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"

[[claim]]
id = "aphoria-hsts-enabled-001"
concept_path = "aphoria/security_headers/hsts"
predicate = "header_status"
value = "disabled"
comparison = "absent"
provenance = "RFC 6797 - HTTP Strict Transport Security must be enabled for HTTPS services"
invariant = "HSTS header MUST NOT be disabled on HTTPS-serving endpoints"
consequence = "Users can be downgraded to HTTP via SSL stripping attacks"
authority_tier = "regulatory"
evidence = ["RFC 6797", "OWASP Secure Headers Project"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"

[[claim]]
id = "aphoria-no-hardcoded-secrets-001"
concept_path = "aphoria/secrets/api_key"
predicate = "storage_method"
value = "hardcoded"
comparison = "absent"
provenance = "OWASP Top 10 2021 - A07 Identification and Authentication Failures"
invariant = "API keys MUST NOT be hardcoded in source files"
consequence = "Secrets leak through version control; credential rotation requires code changes"
authority_tier = "expert"
evidence = ["OWASP Top 10 A07:2021", "CWE-798"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"