@tenova/swt3-ai 0.5.5 → 0.5.6

package/dist/witness.js

@@ -34,7 +34,7 @@ import { queryHardware as queryHw, topologyCode as topoCode, queryTPM as queryTp
 import { queryEnvironment as queryEnv } from "./environment.js";
 import { TrustRegistry, verifyCredential, signCredential, TRUST_LEVEL_NAMES, } from "./trust.js";
 import { createVercelOnFinish } from "./adapters/vercel-ai.js";
-import { QUANTIZATION_CODES, POLICY_CATEGORIES, BINDING_METHODS, APPROVAL_STATUS, PII_EVENT_TYPES, CONTENT_TYPE_CODES, BASELINE_MODE_CODES } from "./types.js";
+import { QUANTIZATION_CODES, POLICY_CATEGORIES, BINDING_METHODS, APPROVAL_STATUS, PII_EVENT_TYPES, CONTENT_TYPE_CODES, BASELINE_MODE_CODES, LICENSE_TYPE_CODES, SBOM_FORMAT_CODES, REDTEAM_CATEGORY_CODES, CONSENT_BASIS_CODES, DRIFT_TYPE_CODES, LOG_FORMAT_CODES, INCIDENT_TYPE_CODES, BENCHMARK_TYPE_CODES, PERTURBATION_TYPE_CODES, CYBER_FRAMEWORK_CODES, DISCLOSURE_TYPE_CODES, RECIPIENT_TYPE_CODES, DETECTION_METHOD_CODES, PROCESSING_TYPE_CODES, DECISION_TYPE_CODES, REPORTING_STATUS_CODES, SUPPLY_RISK_CODES, PMM_TYPE_CODES, LIFECYCLE_STAGE_CODES, METAGOV_SCOPE_CODES, METAGOV_PERMISSION_CODES, METAGOV_OVERRIDE_REASON_CODES, METAGOV_REVIEW_STATUS_CODES, METAGOV_DIVERGENCE_CODES, DESIGN_DOMAIN_CODES, SIMULATION_TYPE_CODES, APPROVAL_TYPE_CODES, MATERIAL_STANDARD_CODES, CHAIN_STATUS_CODES, RELEASE_TYPE_CODES } from "./types.js";
 import { loadFullConfig, validatePolicy } from "./config.js";
 import { MerkleAccumulator } from "./merkle.js";
 // ── Chain Density Enforcement ──────────────────────────────────────────
@@ -44,6 +44,13 @@ function globToRegex(pattern) {
         .replace(/\?/g, ".");
     return new RegExp("^" + escaped + "$");
 }
+/** Parse first 8 hex chars as int mod 1M, falling back to hash for non-hex input. */
+function safeHexInt(s) {
+    const v = parseInt(s.slice(0, 8), 16);
+    if (!isNaN(v))
+        return v % 1000000;
+    return parseInt(sha256Truncated(s, 8), 16) % 1000000;
+}
 function parseVelocity(spec) {
     const parts = spec.split("/");
     const limit = parseInt(parts[0], 10);
@@ -297,6 +304,7 @@ export class Witness {
     _chainEnforcer;
     _sentinel;
     _sentinelDetecting = false;
+    _lastKnownGoodVersion = 0;
     get configHash() {
         return this._configHash;
     }
@@ -975,8 +983,9 @@ export class Witness {
             ? Witness.hashModelFile(weights)
             : weights;
         const match = options?.expectedHash ? info.fileHash === options.expectedHash : true;
+        const stageCode = options?.lifecycleStage ? (LIFECYCLE_STAGE_CODES[options.lifecycleStage] ?? 0) : 0;
         const [ts, epoch] = timestampMs();
-        const fa = 1, fb = match ? 1 : 0, fc = 0;
+        const fa = 1, fb = match ? 1 : 0, fc = stageCode;
         const fp = mintFingerprint(this.config.tenantId, "AI-MDL.5", fa, fb, fc, ts);
         const payload = {
             procedure_id: "AI-MDL.5", factor_a: fa, factor_b: fb, factor_c: fc,
@@ -994,6 +1003,8 @@ export class Witness {
                 ctx.format = info.format;
             if (options?.expectedHash)
                 ctx.expected_hash = options.expectedHash;
+            if (options?.lifecycleStage)
+                ctx.lifecycle_stage = options.lifecycleStage;
             payload.ai_context = ctx;
         }
         const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
@@ -1548,206 +1559,338 @@ export class Witness {
         this.buffer.enqueueMany([payload]);
         return payload;
     }
-    // ── Chain, Violation, Charter, Registry, Reviewer, Safe State ───
+    // ── License Provenance (AI-LIC.1) ──────────────────────────────
     /**
-     * Witness a multi-agent chain handoff (AI-CHAIN.1).
+     * Witness license provenance of a model stack (AI-LIC.1).
+     *
+     * Records the license composition of base models, adapters, and
+     * training data. Detects license drift when components from
+     * different license families are combined.
+     *
+     * @param options.componentsChecked - Number of license components verified.
+     * @param options.allCompliant - True if all components are license-compatible.
+     * @param options.licenseType - Primary license type (permissive, copyleft, proprietary, dual, openmdw, unknown).
+     * @param options.baseModelLicense - SPDX identifier of the base model license.
+     * @param options.adapterLicenses - List of adapter/LoRA license identifiers.
+     * @param options.spdxIds - SPDX identifiers for all components.
+     * @param options.licenseHash - SHA-256 of the full license manifest.
      */
-    witnessChainHandoff(depth, targetAgent, options) {
-        const accepted = options?.accepted ?? true;
+    witnessLicenseProvenance(options) {
+        const fa = options.componentsChecked;
+        const fb = options.allCompliant ? 1 : 0;
+        const fc = LICENSE_TYPE_CODES[options.licenseType] ?? 5;
         const [ts, epoch] = timestampMs();
-        const fa = depth;
-        const fb = this.config.cycleId ? 1 : 0;
-        const fc = accepted ? 1 : 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-CHAIN.1", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-LIC.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-CHAIN.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-LIC.1",
+            factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = targetAgent;
-            payload.ai_context = {
-                provider: "chain", target_agent: targetAgent, depth, accepted,
+            payload.ai_model_id = `license-${options.licenseType}`;
+            const ctx = {
+                provider: "license-provenance",
+                license_type: options.licenseType,
             };
+            if (options.baseModelLicense)
+                ctx.base_model_license = options.baseModelLicense;
+            if (options.adapterLicenses)
+                ctx.adapter_licenses = options.adapterLicenses;
+            if (options.spdxIds)
+                ctx.spdx_ids = options.spdxIds;
+            if (options.licenseHash)
+                ctx.license_hash = options.licenseHash;
+            payload.ai_context = ctx;
         }
-        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        const policyHash = this.config.policyVersion
+            ? sha256Truncated(this.config.policyVersion, 12) : undefined;
         this._applyOperationalMetadata(payload, policyHash);
         this.buffer.enqueueMany([payload]);
         return payload;
     }
+    // ── AI Bill of Materials (AI-SBOM.1) ────────────────────────────
     /**
-     * Witness a trust-level-aware chain handoff (AI-CHAIN.1 + optional AI-CHAIN.2).
+     * Witness an AI bill of materials snapshot (AI-SBOM.1).
      *
-     * Tracks the effective trust level across all agents in the chain.
-     * If chainMinTrustLevel is configured and strict mode is active,
-     * throws ChainTrustError when the effective level drops below the minimum.
+     * Records the component inventory of an AI system at build or deploy
+     * time, covering models, datasets, infrastructure, and security
+     * posture per G7/CISA "SBOM for AI Minimum Elements" (May 2026).
      *
-     * Auto-mints AI-CHAIN.2 (trust degradation) when the effective trust
-     * level drops compared to the previous handoff.
+     * @param options.totalComponents - Number of components in the BOM.
+     * @param options.clustersDocumented - G7 clusters documented (0-7).
+     * @param options.format - BOM format (cyclonedx, spdx, custom, unknown).
+     * @param options.bomHash - SHA-256 of the full BOM document.
+     * @param options.version - BOM version string.
+     * @param options.modelCount - Number of AI models in BOM.
+     * @param options.datasetCount - Number of datasets in BOM.
+     * @param options.infrastructureComponents - Number of infra components.
      */
-    witnessChainTrustHandoff(targetAgentId, targetTrustLevel, options) {
-        const accepted = options?.accepted ?? true;
-        const prevEffective = this._chainTrustLevels.length > 0
-            ? Math.min(...this._chainTrustLevels)
-            : targetTrustLevel;
-        this._chainTrustLevels.push(targetTrustLevel);
-        const effectiveTrustLevel = Math.min(...this._chainTrustLevels);
-        // Enforce minimum if configured
-        const minLevel = this.config.chainMinTrustLevel;
-        if (minLevel !== undefined && effectiveTrustLevel < minLevel && this._strict) {
-            throw new ChainTrustError(effectiveTrustLevel, minLevel);
-        }
+    witnessSbom(options) {
+        const fa = options.totalComponents;
+        const fb = options.clustersDocumented;
+        const fc = SBOM_FORMAT_CODES[options.format] ?? 3;
         const [ts, epoch] = timestampMs();
-        const fa = this._chainTrustLevels.length;
-        const fb = targetTrustLevel;
-        const fc = effectiveTrustLevel;
-        const fp = mintFingerprint(this.config.tenantId, "AI-CHAIN.1", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-SBOM.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-CHAIN.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-SBOM.1",
+            factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = targetAgentId;
-            payload.ai_context = {
-                provider: "chain-trust",
-                target_agent: targetAgentId,
-                target_trust_level: targetTrustLevel,
-                effective_trust_level: effectiveTrustLevel,
-                chain_depth: this._chainTrustLevels.length,
+            payload.ai_model_id = `sbom-${options.format}`;
+            const ctx = {
+                provider: "ai-sbom",
+                bom_hash: options.bomHash,
+                format: options.format,
             };
+            if (options.version)
+                ctx.version = options.version;
+            if (options.modelCount != null)
+                ctx.model_count = options.modelCount;
+            if (options.datasetCount != null)
+                ctx.dataset_count = options.datasetCount;
+            if (options.infrastructureComponents != null)
+                ctx.infrastructure_components = options.infrastructureComponents;
+            payload.ai_context = ctx;
         }
-        const cycleId = options?.cycleId ?? this.config.cycleId;
-        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        const policyHash = this.config.policyVersion
+            ? sha256Truncated(this.config.policyVersion, 12) : undefined;
         this._applyOperationalMetadata(payload, policyHash);
-        if (cycleId)
-            payload.cycle_id = cycleId;
-        const payloads = [payload];
-        // Auto-mint AI-CHAIN.2 if trust degraded
-        if (this._chainTrustLevels.length > 1 && effectiveTrustLevel < prevEffective) {
-            const degradation = extractChainTrustDegradationPayload(this.config.tenantId, prevEffective, effectiveTrustLevel, this.config.clearingLevel, this.config.agentId, this.config.signingKey, this.config.signingKeyId, this.config.signingKeyVersion, cycleId, policyHash, this.config.signingAlgorithm);
-            if (this.config.clearingLevel <= 1) {
-                degradation.ai_context = {
-                    provider: "chain-trust-degradation",
-                    previous_effective: prevEffective,
-                    new_effective: effectiveTrustLevel,
-                    target_agent: targetAgentId,
-                };
-            }
-            payloads.push(degradation);
-        }
-        this.buffer.enqueueMany(payloads);
+        this.buffer.enqueueMany([payload]);
         return payload;
     }
-    /** The effective (minimum) trust level across all chain handoffs. Returns 4 if no handoffs yet. */
-    get chainEffectiveTrustLevel() {
-        return this._chainTrustLevels.length === 0 ? 4 : Math.min(...this._chainTrustLevels);
-    }
-    /** The trust levels recorded at each chain handoff. */
-    get chainTrustLevels() {
-        return this._chainTrustLevels;
-    }
+    // ── Adversarial Test Campaign (AI-REDTEAM.1) ──────────────────
     /**
-     * Witness a policy violation (AI-VIO.1).
+     * Witness an adversarial test campaign (AI-REDTEAM.1).
+     *
+     * Records red team or adversarial testing results, transforming
+     * point-in-time reports into continuous verifiable evidence per
+     * EO 14110, EU AI Act Art. 9(7), and NIST AI 100-2.
+     *
+     * @param options.testsExecuted - Number of attack scenarios run.
+     * @param options.testsPassed - Number of attacks successfully mitigated.
+     * @param options.coverageCategory - Coverage category key (prompt_injection, jailbreak, etc.).
+     * @param options.framework - Testing framework (e.g. "OWASP-LLM-Top10", "NIST-AI-100-2").
+     * @param options.campaignId - Unique identifier for this test campaign.
+     * @param options.modelUnderTest - Model identifier being tested.
+     * @param options.attackTaxonomy - Attack taxonomy version or reference.
+     * @param options.passRate - Computed pass rate (0-1).
+     * @param options.durationSeconds - Campaign duration in seconds.
      */
-    witnessViolation(severity, description, options) {
-        const autoDetected = options?.autoDetected ?? false;
-        const policyCategory = options?.policyCategory ?? "unspecified";
+    witnessRedTeam(options) {
+        const fa = options.testsExecuted;
+        const fb = options.testsPassed;
+        const fc = REDTEAM_CATEGORY_CODES[options.coverageCategory] ?? 10;
         const [ts, epoch] = timestampMs();
-        const fa = Math.max(1, Math.min(4, severity));
-        const fb = autoDetected ? 1 : 0;
-        const fc = POLICY_CATEGORIES[policyCategory] ?? 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-VIO.1", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-REDTEAM.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-VIO.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-REDTEAM.1",
+            factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = `violation-sev${fa}`;
-            payload.ai_context = {
-                provider: "violation", severity: fa, description, auto_detected: autoDetected, policy_category: policyCategory,
+            payload.ai_model_id = `redteam-${options.coverageCategory}`;
+            const ctx = {
+                provider: "red-team",
+                coverage_category: options.coverageCategory,
             };
+            if (options.framework)
+                ctx.framework = options.framework;
+            if (options.campaignId)
+                ctx.campaign_id = options.campaignId;
+            if (options.modelUnderTest)
+                ctx.model_under_test = options.modelUnderTest;
+            if (options.attackTaxonomy)
+                ctx.attack_taxonomy = options.attackTaxonomy;
+            if (options.passRate != null)
+                ctx.pass_rate = options.passRate;
+            if (options.durationSeconds != null)
+                ctx.duration_seconds = options.durationSeconds;
+            payload.ai_context = ctx;
         }
-        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        const policyHash = this.config.policyVersion
+            ? sha256Truncated(this.config.policyVersion, 12) : undefined;
         this._applyOperationalMetadata(payload, policyHash);
         this.buffer.enqueueMany([payload]);
         return payload;
     }
+    // ── Data Subject Consent (AI-CONSENT.1) ───────────────────────
     /**
-     * Witness an agent charter or system prompt hash (AI-CHR.1).
+     * Witness data subject consent documentation (AI-CONSENT.1).
+     *
+     * Records that consent or lawful basis was documented before
+     * processing. Complements CJT fields (which declare legal basis)
+     * by proving consent was actually obtained per GDPR Art. 6/7
+     * and EU AI Act Art. 10.
+     *
+     * @param options.subjectsCovered - Number of data subjects in scope.
+     * @param options.legalBasisType - GDPR lawful basis (consent, contract, legal_obligation, vital_interest, public_task, legitimate_interest).
+     * @param options.withdrawalAvailable - True if withdrawal mechanism exists.
+     * @param options.purpose - Processing purpose description.
+     * @param options.retentionDays - Data retention period in days.
+     * @param options.consentMechanism - Mechanism used (e.g. "opt-in-form", "api-consent-endpoint").
+     * @param options.consentHash - SHA-256 of the consent record.
+     * @param options.dataCategories - Categories of personal data processed.
      */
-    witnessCharter(options) {
-        if (!options.charterText && !options.charterHash) {
-            throw new Error("Provide charterText or charterHash");
-        }
-        const computed = options.charterHash ?? sha256Truncated(options.charterText);
-        const match = options.expectedHash ? computed === options.expectedHash : true;
+    witnessConsent(options) {
+        const fa = options.subjectsCovered;
+        const fb = CONSENT_BASIS_CODES[options.legalBasisType] ?? 0;
+        const fc = options.withdrawalAvailable ? 1 : 0;
         const [ts, epoch] = timestampMs();
-        const fa = 1, fb = match ? 1 : 0, fc = 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-CHR.1", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-CONSENT.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-CHR.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-CONSENT.1",
+            factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = "charter";
-            const ctx = { provider: "charter", charter_hash: computed };
-            if (options.expectedHash)
-                ctx.expected_hash = options.expectedHash;
+            payload.ai_model_id = `consent-${options.legalBasisType}`;
+            const ctx = {
+                provider: "consent-management",
+                legal_basis_type: options.legalBasisType,
+            };
+            if (options.purpose)
+                ctx.purpose = options.purpose;
+            if (options.retentionDays != null)
+                ctx.retention_days = options.retentionDays;
+            if (options.consentMechanism)
+                ctx.consent_mechanism = options.consentMechanism;
+            if (options.consentHash)
+                ctx.consent_hash = options.consentHash;
+            if (options.dataCategories)
+                ctx.data_categories = options.dataCategories;
             payload.ai_context = ctx;
         }
-        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        const policyHash = this.config.policyVersion
+            ? sha256Truncated(this.config.policyVersion, 12) : undefined;
         this._applyOperationalMetadata(payload, policyHash);
         this.buffer.enqueueMany([payload]);
         return payload;
     }
+    // ── Multi-Agent Delegation (AI-MULTI.1) ───────────────────────
     /**
-     * Witness a model registry check (AI-MDL.8).
+     * Witness inter-agent permission delegation (AI-MULTI.1).
+     *
+     * Records the permission envelope when one agent delegates tasks
+     * to another. Complements AI-CHAIN.1/2 (which witness handoffs and
+     * trust degradation) by witnessing WHAT was delegated per
+     * EU AI Act Art. 9 and NIST AI RMF GOVERN 1.3.
+     *
+     * @param options.delegationDepth - Hops from original human authorization.
+     * @param options.permissionsGranted - Count of distinct permissions delegated.
+     * @param options.timeBoundMinutes - Minutes until delegation expires (0 = unbounded).
+     * @param options.parentAgentId - Delegating agent identifier (hashed in context).
+     * @param options.childAgentId - Receiving agent identifier (hashed in context).
+     * @param options.delegatedTools - List of tool names being delegated.
+     * @param options.scopeHash - SHA-256 of the permission manifest.
+     * @param options.authorizationChain - Ordered agent IDs from human to child (each hashed).
      */
-    witnessModelRegistry(modelId, registryId, options) {
-        const found = options?.found ?? true;
-        const status = options?.status ?? "approved";
+    witnessMultiAgentDelegation(options) {
+        const fa = options.delegationDepth;
+        const fb = options.permissionsGranted;
+        const fc = options.timeBoundMinutes;
         const [ts, epoch] = timestampMs();
-        const fa = 1, fb = found ? 1 : 0, fc = APPROVAL_STATUS[status] ?? 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-MDL.8", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-MULTI.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-MDL.8", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-MULTI.1",
+            factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = modelId;
-            payload.ai_context = {
-                provider: "model-registry", model_id: modelId, registry_id: registryId, found, status,
+            payload.ai_model_id = `delegation-depth-${options.delegationDepth}`;
+            const ctx = {
+                provider: "multi-agent",
+                parent_agent_hash: sha256Truncated(options.parentAgentId),
+                child_agent_hash: sha256Truncated(options.childAgentId),
             };
+            if (options.delegatedTools)
+                ctx.delegated_tools = options.delegatedTools;
+            if (options.scopeHash)
+                ctx.scope_hash = options.scopeHash;
+            if (options.authorizationChain) {
+                ctx.authorization_chain = options.authorizationChain.map((id) => sha256Truncated(id));
+            }
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion
+            ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Model Drift Detection (AI-DRIFT.1) ─────────────────────────
+    /**
+     * Witness model drift detection (AI-DRIFT.1).
+     *
+     * Records statistical drift events including data drift, concept drift,
+     * and prediction drift per EU AI Act Art. 9(2)(b) continuous risk
+     * estimation and NIST AI RMF MEASURE 2.6.
+     */
+    witnessDrift(options) {
+        const fa = options.metricsEvaluated;
+        const fb = options.driftedCount;
+        const fc = DRIFT_TYPE_CODES[options.driftType] ?? 0;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-DRIFT.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-DRIFT.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `drift-${options.driftType}`;
+            const ctx = { provider: "drift-detection", drift_type: options.driftType };
+            if (options.baselineHash)
+                ctx.baseline_hash = options.baselineHash;
+            if (options.driftScore != null)
+                ctx.drift_score = options.driftScore;
+            if (options.detectionMethod)
+                ctx.detection_method = options.detectionMethod;
+            if (options.windowSize != null)
+                ctx.window_size = options.windowSize;
+            if (options.threshold != null)
+                ctx.threshold = options.threshold;
+            payload.ai_context = ctx;
         }
         const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
         this._applyOperationalMetadata(payload, policyHash);
         this.buffer.enqueueMany([payload]);
         return payload;
     }
+    // ── Audit Log Integrity (AI-AUDIT.1) ──────────────────────────
     /**
-     * Witness reviewer identity binding (AI-HITL.3).
+     * Witness audit log integrity verification (AI-AUDIT.1).
+     *
+     * Records verification of audit trail integrity per EU AI Act
+     * Art. 12 (record-keeping) and GDPR Art. 30 (ROPA).
      */
-    witnessReviewerIdentity(required, actual, options) {
-        const method = options?.method ?? "session";
+    witnessAuditIntegrity(options) {
+        const fa = options.entriesChecked;
+        const fb = options.integrityVerified ? 1 : 0;
+        const fc = LOG_FORMAT_CODES[options.logFormat] ?? 3;
         const [ts, epoch] = timestampMs();
-        const fa = required, fb = actual, fc = BINDING_METHODS[method] ?? 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-HITL.3", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-AUDIT.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-HITL.3", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-AUDIT.1", factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = "reviewer-identity";
-            const ctx = {
-                provider: "reviewer", required, actual, method,
-            };
-            if (options?.reviewerIdHash)
-                ctx.reviewer_id_hash = options.reviewerIdHash;
+            payload.ai_model_id = `audit-${options.logFormat}`;
+            const ctx = { provider: "audit-integrity", log_format: options.logFormat };
+            if (options.logHash)
+                ctx.log_hash = options.logHash;
+            if (options.periodStart)
+                ctx.period_start = options.periodStart;
+            if (options.periodEnd)
+                ctx.period_end = options.periodEnd;
+            if (options.gapsDetected != null)
+                ctx.gaps_detected = options.gapsDetected;
             payload.ai_context = ctx;
         }
         const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
@@ -1755,27 +1898,35 @@ export class Witness {
         this.buffer.enqueueMany([payload]);
         return payload;
     }
+    // ── Incident Reporting (AI-INCIDENT.1) ────────────────────────
     /**
-     * Witness safe state attestation (AI-SAFE.1).
+     * Witness incident reporting (AI-INCIDENT.1).
+     *
+     * Records that a serious incident was reported per EU AI Act
+     * Art. 62 and NIST AI RMF MANAGE 3.2.
      */
-    witnessSafeState(options) {
-        const mechanismExists = options?.mechanismExists ?? true;
-        const safeStateConfirmed = options?.safeStateConfirmed ?? true;
+    witnessIncident(options) {
+        const fa = options.severityCode;
+        const fb = options.authorityNotified ? 1 : 0;
+        const fc = INCIDENT_TYPE_CODES[options.incidentType] ?? 5;
         const [ts, epoch] = timestampMs();
-        const fa = 1, fb = mechanismExists ? 1 : 0, fc = safeStateConfirmed ? 1 : 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-SAFE.1", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-INCIDENT.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-SAFE.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-INCIDENT.1", factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = "safe-state";
-            const ctx = {
-                provider: "safe-state", mechanism_exists: mechanismExists, safe_state_confirmed: safeStateConfirmed,
-            };
-            if (options?.mechanismType)
-                ctx.mechanism_type = options.mechanismType;
+            payload.ai_model_id = `incident-${options.incidentType}`;
+            const ctx = { provider: "incident-reporting", incident_type: options.incidentType };
+            if (options.incidentId)
+                ctx.incident_id = options.incidentId;
+            if (options.authority)
+                ctx.authority = options.authority;
+            if (options.affectedSubjects != null)
+                ctx.affected_subjects = options.affectedSubjects;
+            if (options.remediationStatus)
+                ctx.remediation_status = options.remediationStatus;
             payload.ai_context = ctx;
         }
         const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
@@ -1783,34 +1934,37 @@ export class Witness {
         this.buffer.enqueueMany([payload]);
         return payload;
     }
-    // ── Training Data (AI-DATA.3 / AI-DATA.4) ──────────────────────
+    // ── Performance Metrics (AI-PERF.1) ───────────────────────────
     /**
-     * Witness training dataset summary statistics (AI-DATA.3).
+     * Witness performance/accuracy metrics (AI-PERF.1).
+     *
+     * Records model performance benchmarks per EU AI Act Art. 15(1)
+     * accuracy requirements and NIST AI RMF MEASURE 2.5.
      */
-    witnessTrainingStats(rowCount, featureCount, options) {
+    witnessPerformance(options) {
+        const fa = options.metricsEvaluated;
+        const fb = options.metricsPassing;
+        const fc = BENCHMARK_TYPE_CODES[options.benchmarkType] ?? 5;
         const [ts, epoch] = timestampMs();
-        const fa = rowCount;
-        const fb = featureCount;
-        const fc = options?.classBalanceRatio != null ? Math.floor(options.classBalanceRatio * 1000) : 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-DATA.3", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-PERF.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-DATA.3", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-PERF.1", factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = "training-stats";
-            const ctx = {
-                provider: "training-stats", row_count: rowCount, feature_count: featureCount,
-            };
-            if (options?.classBalanceRatio != null)
-                ctx.class_balance_ratio = options.classBalanceRatio;
-            if (options?.distributionHash)
-                ctx.distribution_hash = options.distributionHash;
-            if (options?.classLabels)
-                ctx.class_labels = options.classLabels;
-            if (options?.summary)
-                ctx.summary = options.summary;
+            payload.ai_model_id = options.modelUnderTest ? `perf-${options.modelUnderTest}` : `perf-${options.benchmarkType}`;
+            const ctx = { provider: "performance-metrics", benchmark_type: options.benchmarkType };
+            if (options.benchmarkId)
+                ctx.benchmark_id = options.benchmarkId;
+            if (options.datasetHash)
+                ctx.dataset_hash = options.datasetHash;
+            if (options.threshold != null)
+                ctx.threshold = options.threshold;
+            if (options.score != null)
+                ctx.score = options.score;
+            if (options.modelUnderTest)
+                ctx.model_under_test = options.modelUnderTest;
             payload.ai_context = ctx;
         }
         const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
@@ -1818,32 +1972,35 @@ export class Witness {
         this.buffer.enqueueMany([payload]);
         return payload;
     }
+    // ── Robustness Testing (AI-ROBUST.1) ──────────────────────────
     /**
-     * Witness a training data PII lifecycle event (AI-DATA.4).
+     * Witness robustness testing (AI-ROBUST.1).
+     *
+     * Records resilience against errors, faults, and inconsistencies
+     * per EU AI Act Art. 15(3) and NIST AI RMF MEASURE 2.6.
      */
-    witnessTrainingPiiLifecycle(recordsAffected, options) {
-        const completed = options?.completed ?? true;
-        const eventType = options?.eventType ?? "unspecified";
+    witnessRobustness(options) {
+        const fa = options.perturbationsTested;
+        const fb = options.perturbationsSurvived;
+        const fc = PERTURBATION_TYPE_CODES[options.perturbationType] ?? 5;
         const [ts, epoch] = timestampMs();
-        const fa = recordsAffected;
-        const fb = completed ? 1 : 0;
-        const fc = PII_EVENT_TYPES[eventType] ?? 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-DATA.4", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-ROBUST.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-DATA.4", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-ROBUST.1", factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = "pii-lifecycle";
-            const ctx = {
-                provider: "pii-lifecycle", event_type: eventType,
-                records_affected: recordsAffected, completed,
-            };
-            if (options?.datasetId)
-                ctx.dataset_id = options.datasetId;
-            if (options?.scope)
-                ctx.scope = options.scope;
+            payload.ai_model_id = `robust-${options.perturbationType}`;
+            const ctx = { provider: "robustness-testing", perturbation_type: options.perturbationType };
+            if (options.testSuiteId)
+                ctx.test_suite_id = options.testSuiteId;
+            if (options.degradationPct != null)
+                ctx.degradation_pct = options.degradationPct;
+            if (options.baselineScore != null)
+                ctx.baseline_score = options.baselineScore;
+            if (options.perturbedScore != null)
+                ctx.perturbed_score = options.perturbedScore;
             payload.ai_context = ctx;
         }
         const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
@@ -1851,42 +2008,35 @@ export class Witness {
         this.buffer.enqueueMany([payload]);
         return payload;
     }
-    // ── Bias Assessment (AI-FAIR.3) ─────────────────────────────────
+    // ── Cybersecurity Attestation (AI-CYBER.1) ────────────────────
     /**
-     * Witness a bias assessment (AI-FAIR.3).
-     * Records that a bias assessment was conducted, how many protected
-     * attributes were tested, and whether all fairness thresholds were met.
+     * Witness cybersecurity measure attestation (AI-CYBER.1).
      *
-     * @param protectedAttributeCount - Number of demographic dimensions tested
-     * @param allThresholdsMet - true if all fairness thresholds passed
-     * @param options.maxDisparityPct - Worst-case disparity percentage (0-100)
-     * @param options.methodology - Assessment methodology name
-     * @param options.protectedAttributes - List of protected attributes tested
+     * Records cybersecurity assessment results per EU AI Act Art. 15(4)
+     * and NIST Cybersecurity Framework.
      */
-    witnessBiasAssessment(protectedAttributeCount, allThresholdsMet, options) {
+    witnessCybersecurity(options) {
+        const fa = options.controlsAssessed;
+        const fb = options.controlsCompliant;
+        const fc = CYBER_FRAMEWORK_CODES[options.framework] ?? 4;
         const [ts, epoch] = timestampMs();
-        const fa = protectedAttributeCount;
-        const fb = allThresholdsMet ? 1 : 0;
-        const fc = options?.maxDisparityPct != null ? Math.round(options.maxDisparityPct) : 0;
-        const fp = mintFingerprint(this.config.tenantId, "AI-FAIR.3", fa, fb, fc, ts);
+        const fp = mintFingerprint(this.config.tenantId, "AI-CYBER.1", fa, fb, fc, ts);
         const payload = {
-            procedure_id: "AI-FAIR.3", factor_a: fa, factor_b: fb, factor_c: fc,
+            procedure_id: "AI-CYBER.1", factor_a: fa, factor_b: fb, factor_c: fc,
             clearing_level: this.config.clearingLevel,
             anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
         };
         if (this.config.clearingLevel <= 1) {
-            payload.ai_model_id = "bias-assessment";
-            const ctx = {
-                provider: "bias-assessment",
-                protected_attribute_count: protectedAttributeCount,
-                all_thresholds_met: allThresholdsMet,
-            };
-            if (options?.methodology)
-                ctx.methodology = options.methodology;
-            if (options?.protectedAttributes)
-                ctx.protected_attributes = options.protectedAttributes;
-            if (options?.maxDisparityPct != null)
-                ctx.max_disparity_pct = options.maxDisparityPct;
+            payload.ai_model_id = `cyber-${options.framework}`;
+            const ctx = { provider: "cybersecurity-assessment", framework: options.framework };
+            if (options.assessmentId)
+                ctx.assessment_id = options.assessmentId;
+            if (options.frameworkVersion)
+                ctx.framework_version = options.frameworkVersion;
+            if (options.findingsCount != null)
+                ctx.findings_count = options.findingsCount;
+            if (options.criticalFindings != null)
+                ctx.critical_findings = options.criticalFindings;
             payload.ai_context = ctx;
         }
         const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
@@ -1894,8 +2044,1136 @@ export class Witness {
         this.buffer.enqueueMany([payload]);
         return payload;
     }
-    // ── Trust Mesh (AI-TRUST.1 / AI-TRUST.2) ────────────────────────
-    _trustRegistry;
+    // ── Transparency Disclosure (AI-TRANS.1) ──────────────────────
+    /**
+     * Witness transparency disclosure (AI-TRANS.1).
+     *
+     * Records AI usage disclosures to deployers, end users, or data
+     * subjects per EU AI Act Art. 13 and GDPR Art. 13/14.
+     */
+    witnessTransparency(options) {
+        const fa = options.disclosuresMade;
+        const fb = DISCLOSURE_TYPE_CODES[options.disclosureType] ?? 0;
+        const fc = RECIPIENT_TYPE_CODES[options.recipientType] ?? 0;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-TRANS.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-TRANS.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `trans-${options.disclosureType}`;
+            const ctx = { provider: "transparency-disclosure", disclosure_type: options.disclosureType, recipient_type: options.recipientType };
+            if (options.disclosureId)
+                ctx.disclosure_id = options.disclosureId;
+            if (options.contentHash)
+                ctx.content_hash = options.contentHash;
+            if (options.channel)
+                ctx.channel = options.channel;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Watermark Verification (AI-WATERMARK.1) ──────────────────
+    /**
+     * Witness watermark verification (AI-WATERMARK.1).
+     *
+     * Records verification that AI content marking survived downstream
+     * processing per EU AI Act Art. 50(2). Distinct from AI-MARK.1
+     * which witnesses marking; this witnesses verification.
+     */
+    witnessWatermarkVerification(options) {
+        const fa = options.itemsChecked;
+        const fb = options.watermarksDetected;
+        const fc = DETECTION_METHOD_CODES[options.detectionMethod] ?? 4;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-WATERMARK.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-WATERMARK.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `watermark-${options.detectionMethod}`;
+            const ctx = { provider: "watermark-verification", detection_method: options.detectionMethod };
+            if (options.contentHash)
+                ctx.content_hash = options.contentHash;
+            if (options.watermarkProvider)
+                ctx.watermark_provider = options.watermarkProvider;
+            if (options.confidenceScore != null)
+                ctx.confidence_score = options.confidenceScore;
+            if (options.strippedCount != null)
+                ctx.stripped_count = options.strippedCount;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Data Protection Impact Assessment (AI-DPIA.1) ─────────────
+    /**
+     * Witness data protection impact assessment (AI-DPIA.1).
+     *
+     * Records DPIA completion per GDPR Art. 35 and EU AI Act Art. 27
+     * for high-risk AI processing.
+     */
+    witnessDpia(options) {
+        const fa = options.risksIdentified;
+        const fb = options.risksMitigated;
+        const fc = PROCESSING_TYPE_CODES[options.processingType] ?? 4;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-DPIA.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-DPIA.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `dpia-${options.processingType}`;
+            const ctx = { provider: "impact-assessment", processing_type: options.processingType };
+            if (options.dpiaId)
+                ctx.dpia_id = options.dpiaId;
+            if (options.assessmentDate)
+                ctx.assessment_date = options.assessmentDate;
+            if (options.dpoConsulted != null)
+                ctx.dpo_consulted = options.dpoConsulted;
+            if (options.residualRiskLevel)
+                ctx.residual_risk_level = options.residualRiskLevel;
+            if (options.supervisoryAuthorityConsulted != null)
+                ctx.supervisory_authority_consulted = options.supervisoryAuthorityConsulted;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Automated Decision Notification (AI-AUTO.1) ───────────────
+    /**
+     * Witness automated decision notification (AI-AUTO.1).
+     *
+     * Records notification of automated decisions with legal effects
+     * per GDPR Art. 22 and EU AI Act Art. 14.
+     */
+    witnessAutomatedDecision(options) {
+        const fa = options.decisionsMade;
+        const fb = options.humanReviewed;
+        const fc = DECISION_TYPE_CODES[options.decisionType] ?? 5;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-AUTO.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-AUTO.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `auto-${options.decisionType}`;
+            const ctx = { provider: "automated-decision", decision_type: options.decisionType };
+            if (options.decisionId)
+                ctx.decision_id = options.decisionId;
+            if (options.subjectNotified != null)
+                ctx.subject_notified = options.subjectNotified;
+            if (options.optOutAvailable != null)
+                ctx.opt_out_available = options.optOutAvailable;
+            if (options.humanReviewRequested != null)
+                ctx.human_review_requested = options.humanReviewRequested;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Autonomous Generation Depth (AI-AUTO.2) ──────────────────
+    /**
+     * Witness autonomous generation depth (AI-AUTO.2).
+     *
+     * Records the depth of AI-to-AI generation cycles and whether
+     * a human approval gate was present. EU AI Act Art. 14, EO 14110 Sec. 3.
+     */
+    witnessGenerationDepth(options) {
+        const fa = options.maxDepth;
+        const fb = options.observedDepth;
+        const fc = options.humanGatePresent ? 1 : 0;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-AUTO.2", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-AUTO.2", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = options.sourceAgentId || "autonomous-generator";
+            const ctx = { provider: "generation-depth", max_depth: fa, observed_depth: fb };
+            if (options.generationContext)
+                ctx.generation_context = options.generationContext;
+            if (options.sourceAgentId)
+                ctx.source_agent_id = options.sourceAgentId;
+            if (options.mergeTarget)
+                ctx.merge_target = options.mergeTarget;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── External Timestamp Attestation (AI-AUDIT.2) ──────────────
+    /**
+     * Witness external timestamp attestation (AI-AUDIT.2).
+     *
+     * Records that a batch of anchors was anchored to an independent
+     * RFC 3161 Timestamp Authority. NIST 800-53 AU-10 (Non-repudiation).
+     */
+    witnessTimestampAttestation(options) {
+        const fa = options.anchorCount;
+        const fb = options.tsaVerified ? 1 : 0;
+        const TSA_CODES = { none: 0, freetsa: 1, digicert: 2, sectigo: 3, custom: 4 };
+        const fc = TSA_CODES[options.tsaProvider] ?? 4;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-AUDIT.2", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-AUDIT.2", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = "merkle-rollup";
+            const ctx = { provider: "timestamp-attestation", tsa_provider: options.tsaProvider };
+            if (options.merkleRoot)
+                ctx.merkle_root = options.merkleRoot;
+            if (options.tsaUrl)
+                ctx.tsa_url = options.tsaUrl;
+            if (options.tsaSerial)
+                ctx.tsa_serial = options.tsaSerial;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Dual-Use Model Classification (AI-DUALUSE.1) ─────────────
+    /**
+     * Witness dual-use model classification (AI-DUALUSE.1).
+     *
+     * Records classification and reporting of dual-use foundation
+     * models per EO 14110 Sec 4(a) and NIST AI RMF GOVERN 1.1.
+     */
+    witnessDualUse(options) {
+        const fa = options.classificationCode;
+        const fb = REPORTING_STATUS_CODES[options.reportingStatus] ?? 0;
+        const fc = options.daysSinceClassification;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-DUALUSE.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-DUALUSE.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = options.modelId ?? `dualuse-class-${options.classificationCode}`;
+            const ctx = { provider: "dual-use-classification", reporting_status: options.reportingStatus };
+            if (options.modelId)
+                ctx.model_id = options.modelId;
+            if (options.classificationBasis)
+                ctx.classification_basis = options.classificationBasis;
+            if (options.computeThreshold)
+                ctx.compute_threshold = options.computeThreshold;
+            if (options.authorityNotified)
+                ctx.authority_notified = options.authorityNotified;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Supply Chain Risk (AI-SUPPLY.1) ───────────────────────────
+    /**
+     * Witness supply chain risk assessment (AI-SUPPLY.1).
+     *
+     * Records third-party AI supply chain risk metrics per NIST AI
+     * RMF MEASURE 3.1, G7/CISA SBOM-AI, and EO 14028.
+     */
+    witnessSupplyChainRisk(options) {
+        const fa = options.suppliersAssessed;
+        const fb = options.suppliersCompliant;
+        const fc = SUPPLY_RISK_CODES[options.riskLevel] ?? 0;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-SUPPLY.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-SUPPLY.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `supply-risk-${options.riskLevel}`;
+            const ctx = { provider: "supply-chain-risk", risk_level: options.riskLevel };
+            if (options.supplierIdHash)
+                ctx.supplier_id_hash = options.supplierIdHash;
+            if (options.vulnerabilityCount != null)
+                ctx.vulnerability_count = options.vulnerabilityCount;
+            if (options.lastAuditDate)
+                ctx.last_audit_date = options.lastAuditDate;
+            if (options.updateCadenceDays != null)
+                ctx.update_cadence_days = options.updateCadenceDays;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Post-Market Monitoring (AI-PMM.1) ─────────────────────────
+    /**
+     * Witness post-market monitoring attestation (AI-PMM.1).
+     *
+     * Records execution of post-market monitoring plans per EU AI Act
+     * Art. 72 and NIST AI RMF MANAGE 4.1.
+     */
+    witnessPostMarketMonitoring(options) {
+        const fa = options.monitoringChecksRun;
+        const fb = options.anomaliesDetected;
+        const fc = PMM_TYPE_CODES[options.monitoringType] ?? 4;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-PMM.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-PMM.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `pmm-${options.monitoringType}`;
+            const ctx = { provider: "post-market-monitoring", monitoring_type: options.monitoringType };
+            if (options.monitoringPlanHash)
+                ctx.monitoring_plan_hash = options.monitoringPlanHash;
+            if (options.periodStart)
+                ctx.period_start = options.periodStart;
+            if (options.periodEnd)
+                ctx.period_end = options.periodEnd;
+            if (options.reportGenerated != null)
+                ctx.report_generated = options.reportGenerated;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Chain, Violation, Charter, Registry, Reviewer, Safe State ───
+    /**
+     * Witness a multi-agent chain handoff (AI-CHAIN.1).
+     */
+    witnessChainHandoff(depth, targetAgent, options) {
+        const accepted = options?.accepted ?? true;
+        const [ts, epoch] = timestampMs();
+        const fa = depth;
+        const fb = this.config.cycleId ? 1 : 0;
+        const fc = accepted ? 1 : 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-CHAIN.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-CHAIN.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = targetAgent;
+            payload.ai_context = {
+                provider: "chain", target_agent: targetAgent, depth, accepted,
+            };
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness a trust-level-aware chain handoff (AI-CHAIN.1 + optional AI-CHAIN.2).
+     *
+     * Tracks the effective trust level across all agents in the chain.
+     * If chainMinTrustLevel is configured and strict mode is active,
+     * throws ChainTrustError when the effective level drops below the minimum.
+     *
+     * Auto-mints AI-CHAIN.2 (trust degradation) when the effective trust
+     * level drops compared to the previous handoff.
+     */
+    witnessChainTrustHandoff(targetAgentId, targetTrustLevel, options) {
+        const accepted = options?.accepted ?? true;
+        const prevEffective = this._chainTrustLevels.length > 0
+            ? Math.min(...this._chainTrustLevels)
+            : targetTrustLevel;
+        this._chainTrustLevels.push(targetTrustLevel);
+        const effectiveTrustLevel = Math.min(...this._chainTrustLevels);
+        // Enforce minimum if configured
+        const minLevel = this.config.chainMinTrustLevel;
+        if (minLevel !== undefined && effectiveTrustLevel < minLevel && this._strict) {
+            throw new ChainTrustError(effectiveTrustLevel, minLevel);
+        }
+        const [ts, epoch] = timestampMs();
+        const fa = this._chainTrustLevels.length;
+        const fb = targetTrustLevel;
+        const fc = effectiveTrustLevel;
+        const fp = mintFingerprint(this.config.tenantId, "AI-CHAIN.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-CHAIN.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = targetAgentId;
+            payload.ai_context = {
+                provider: "chain-trust",
+                target_agent: targetAgentId,
+                target_trust_level: targetTrustLevel,
+                effective_trust_level: effectiveTrustLevel,
+                chain_depth: this._chainTrustLevels.length,
+            };
+        }
+        const cycleId = options?.cycleId ?? this.config.cycleId;
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        if (cycleId)
+            payload.cycle_id = cycleId;
+        const payloads = [payload];
+        // Auto-mint AI-CHAIN.2 if trust degraded
+        if (this._chainTrustLevels.length > 1 && effectiveTrustLevel < prevEffective) {
+            const degradation = extractChainTrustDegradationPayload(this.config.tenantId, prevEffective, effectiveTrustLevel, this.config.clearingLevel, this.config.agentId, this.config.signingKey, this.config.signingKeyId, this.config.signingKeyVersion, cycleId, policyHash, this.config.signingAlgorithm);
+            if (this.config.clearingLevel <= 1) {
+                degradation.ai_context = {
+                    provider: "chain-trust-degradation",
+                    previous_effective: prevEffective,
+                    new_effective: effectiveTrustLevel,
+                    target_agent: targetAgentId,
+                };
+            }
+            payloads.push(degradation);
+        }
+        this.buffer.enqueueMany(payloads);
+        return payload;
+    }
+    /** The effective (minimum) trust level across all chain handoffs. Returns 4 if no handoffs yet. */
+    get chainEffectiveTrustLevel() {
+        return this._chainTrustLevels.length === 0 ? 4 : Math.min(...this._chainTrustLevels);
+    }
+    /** The trust levels recorded at each chain handoff. */
+    get chainTrustLevels() {
+        return this._chainTrustLevels;
+    }
+    /**
+     * Witness a policy violation (AI-VIO.1).
+     */
+    witnessViolation(severity, description, options) {
+        const autoDetected = options?.autoDetected ?? false;
+        const policyCategory = options?.policyCategory ?? "unspecified";
+        const [ts, epoch] = timestampMs();
+        const fa = Math.max(1, Math.min(4, severity));
+        const fb = autoDetected ? 1 : 0;
+        const fc = POLICY_CATEGORIES[policyCategory] ?? 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-VIO.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-VIO.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `violation-sev${fa}`;
+            payload.ai_context = {
+                provider: "violation", severity: fa, description, auto_detected: autoDetected, policy_category: policyCategory,
+            };
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness an agent charter or system prompt hash (AI-CHR.1).
+     */
+    witnessCharter(options) {
+        if (!options.charterText && !options.charterHash) {
+            throw new Error("Provide charterText or charterHash");
+        }
+        const computed = options.charterHash ?? sha256Truncated(options.charterText);
+        const match = options.expectedHash ? computed === options.expectedHash : true;
+        const [ts, epoch] = timestampMs();
+        const fa = 1, fb = match ? 1 : 0, fc = 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-CHR.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-CHR.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = "charter";
+            const ctx = { provider: "charter", charter_hash: computed };
+            if (options.expectedHash)
+                ctx.expected_hash = options.expectedHash;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness a model registry check (AI-MDL.8).
+     */
+    witnessModelRegistry(modelId, registryId, options) {
+        const found = options?.found ?? true;
+        const status = options?.status ?? "approved";
+        const [ts, epoch] = timestampMs();
+        const fa = 1, fb = found ? 1 : 0, fc = APPROVAL_STATUS[status] ?? 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-MDL.8", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-MDL.8", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = modelId;
+            payload.ai_context = {
+                provider: "model-registry", model_id: modelId, registry_id: registryId, found, status,
+            };
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness reviewer identity binding (AI-HITL.3).
+     */
+    witnessReviewerIdentity(required, actual, options) {
+        const method = options?.method ?? "session";
+        const [ts, epoch] = timestampMs();
+        const fa = required, fb = actual, fc = BINDING_METHODS[method] ?? 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-HITL.3", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-HITL.3", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = "reviewer-identity";
+            const ctx = {
+                provider: "reviewer", required, actual, method,
+            };
+            if (options?.reviewerIdHash)
+                ctx.reviewer_id_hash = options.reviewerIdHash;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness safe state attestation (AI-SAFE.1).
+     */
+    witnessSafeState(options) {
+        const mechanismExists = options?.mechanismExists ?? true;
+        const safeStateConfirmed = options?.safeStateConfirmed ?? true;
+        const [ts, epoch] = timestampMs();
+        const fa = 1, fb = mechanismExists ? 1 : 0, fc = safeStateConfirmed ? 1 : 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-SAFE.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-SAFE.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = "safe-state";
+            const ctx = {
+                provider: "safe-state", mechanism_exists: mechanismExists, safe_state_confirmed: safeStateConfirmed,
+            };
+            if (options?.mechanismType)
+                ctx.mechanism_type = options.mechanismType;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Training Data (AI-DATA.3 / AI-DATA.4) ──────────────────────
+    /**
+     * Witness training dataset summary statistics (AI-DATA.3).
+     */
+    witnessTrainingStats(rowCount, featureCount, options) {
+        const [ts, epoch] = timestampMs();
+        const fa = rowCount;
+        const fb = featureCount;
+        const fc = options?.classBalanceRatio != null ? Math.floor(options.classBalanceRatio * 1000) : 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-DATA.3", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-DATA.3", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = "training-stats";
+            const ctx = {
+                provider: "training-stats", row_count: rowCount, feature_count: featureCount,
+            };
+            if (options?.classBalanceRatio != null)
+                ctx.class_balance_ratio = options.classBalanceRatio;
+            if (options?.distributionHash)
+                ctx.distribution_hash = options.distributionHash;
+            if (options?.classLabels)
+                ctx.class_labels = options.classLabels;
+            if (options?.summary)
+                ctx.summary = options.summary;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness a training data PII lifecycle event (AI-DATA.4).
+     */
+    witnessTrainingPiiLifecycle(recordsAffected, options) {
+        const completed = options?.completed ?? true;
+        const eventType = options?.eventType ?? "unspecified";
+        const [ts, epoch] = timestampMs();
+        const fa = recordsAffected;
+        const fb = completed ? 1 : 0;
+        const fc = PII_EVENT_TYPES[eventType] ?? 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-DATA.4", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-DATA.4", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = "pii-lifecycle";
+            const ctx = {
+                provider: "pii-lifecycle", event_type: eventType,
+                records_affected: recordsAffected, completed,
+            };
+            if (options?.datasetId)
+                ctx.dataset_id = options.datasetId;
+            if (options?.scope)
+                ctx.scope = options.scope;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Bias Assessment (AI-FAIR.3) ─────────────────────────────────
+    /**
+     * Witness a bias assessment (AI-FAIR.3).
+     * Records that a bias assessment was conducted, how many protected
+     * attributes were tested, and whether all fairness thresholds were met.
+     *
+     * @param protectedAttributeCount - Number of demographic dimensions tested
+     * @param allThresholdsMet - true if all fairness thresholds passed
+     * @param options.maxDisparityPct - Worst-case disparity percentage (0-100)
+     * @param options.methodology - Assessment methodology name
+     * @param options.protectedAttributes - List of protected attributes tested
+     */
+    witnessBiasAssessment(protectedAttributeCount, allThresholdsMet, options) {
+        const [ts, epoch] = timestampMs();
+        const fa = protectedAttributeCount;
+        const fb = allThresholdsMet ? 1 : 0;
+        const fc = options?.maxDisparityPct != null ? Math.round(options.maxDisparityPct) : 0;
+        const fp = mintFingerprint(this.config.tenantId, "AI-FAIR.3", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-FAIR.3", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = "bias-assessment";
+            const ctx = {
+                provider: "bias-assessment",
+                protected_attribute_count: protectedAttributeCount,
+                all_thresholds_met: allThresholdsMet,
+            };
+            if (options?.methodology)
+                ctx.methodology = options.methodology;
+            if (options?.protectedAttributes)
+                ctx.protected_attributes = options.protectedAttributes;
+            if (options?.maxDisparityPct != null)
+                ctx.max_disparity_pct = options.maxDisparityPct;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Governance Infrastructure Attestation (AI-METAGOV.1) ──────────────
+    /**
+     * Witness governance infrastructure configuration (AI-METAGOV.1).
+     *
+     * Attests the governance system's own configuration using the same
+     * protocol it enforces, per the Recursive Governance architecture.
+     * The governance config must be attested before operational events
+     * can be processed.
+     */
+    witnessGovernanceConfig(options) {
+        // Canonical serialization: sort rules by id, concat id+expression+version, hash with domain separator
+        const sorted = [...options.rules].sort((a, b) => a.id.localeCompare(b.id));
+        const canonical = sorted.map(r => `${r.id}:${r.expression}:${r.version ?? ""}`).join("|");
+        const configHash = sha256Truncated(`SWT3:GOVERNANCE:${canonical}`, 12);
+        const fa = options.rules.length;
+        const fb = parseInt(configHash.slice(0, 8), 16) % 1000000;
+        const fc = options.governanceVersion;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-METAGOV.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-METAGOV.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `governance-v${options.governanceVersion}`;
+            const ctx = {
+                provider: "governance-infrastructure",
+                config_hash: configHash,
+                rule_count: options.rules.length,
+                governance_version: options.governanceVersion,
+            };
+            if (options.operatorId)
+                ctx.operator_id = options.operatorId;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Policy Downgrade Detection (AI-METAGOV.3) ──────────────────────
+    /**
+     * Check policy version and witness downgrade if detected (AI-METAGOV.3).
+     *
+     * Enforces monotonic policy version progression. If the provided version
+     * is lower than the last known good version, mints a downgrade alert anchor.
+     * Returns the payload if a downgrade was detected, or null if version is normal.
+     */
+    checkPolicyDowngrade(options) {
+        const isDowngrade = options.policyVersion < this._lastKnownGoodVersion;
+        if (!isDowngrade) {
+            this._lastKnownGoodVersion = Math.max(this._lastKnownGoodVersion, options.policyVersion);
+            return null;
+        }
+        const fa = options.policyVersion;
+        const fb = safeHexInt(options.policyContentHash);
+        const fc = 1; // downgrade detected
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-METAGOV.3", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-METAGOV.3", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `policy-downgrade`;
+            payload.ai_context = {
+                provider: "policy-monitor",
+                expected_version: this._lastKnownGoodVersion,
+                loaded_version: options.policyVersion,
+                content_hash: options.policyContentHash,
+                downgrade: true,
+            };
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        if (options.strict) {
+            throw new Error(`SWT3: Policy downgrade detected: version ${options.policyVersion} < ${this._lastKnownGoodVersion}`);
+        }
+        return payload;
+    }
+    // ── Governance Layer Registration (AI-METAGOV.2) ──────────────────────
+    /**
+     * Register an AI governance layer with the witness layer (AI-METAGOV.2).
+     *
+     * Each AI governance layer must register before its outputs are
+     * considered authoritative. Computes governance stack fingerprint
+     * with SWT3:GOVSTACK: domain separator.
+     */
+    registerGovernanceLayer(options) {
+        const stackInput = `${options.layerId}:${options.configHash}:${options.stackPosition}`;
+        const regFingerprint = sha256Truncated(`SWT3:GOVSTACK:${stackInput}`, 12);
+        const fa = 1;
+        const fb = parseInt(regFingerprint.slice(0, 8), 16) % 1000000;
+        const fc = options.stackPosition;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-METAGOV.2", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-METAGOV.2", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = options.modelId ?? options.layerId;
+            const ctx = {
+                provider: "governance-layer-registration",
+                layer_id: options.layerId,
+                config_hash: options.configHash,
+                stack_position: options.stackPosition,
+                registration_fingerprint: regFingerprint,
+            };
+            if (options.modelId)
+                ctx.model_id = options.modelId;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness an AI governance layer's output/verdict (AI-METAGOV.2).
+     *
+     * Records the governance layer's compliance decision in the non-AI
+     * witness layer, creating an independently verifiable record.
+     */
+    witnessGovernanceOutput(options) {
+        const fa = 1;
+        const fb = safeHexInt(options.evidenceHash);
+        const fc = options.verdict === "PASS" ? 1 : 0;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-METAGOV.2", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-METAGOV.2", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = options.modelId ?? options.layerId;
+            payload.ai_context = {
+                provider: "governance-output",
+                layer_id: options.layerId,
+                verdict: options.verdict,
+                evidence_hash: options.evidenceHash,
+            };
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Governance Authorization (AI-METAGOV.5) ──────────────────────
+    /**
+     * Authorize a governance configuration change (AI-METAGOV.5).
+     *
+     * Records the operator identity, authority scope, and signature
+     * for governance changes. Supports separation of duties enforcement.
+     */
+    authorizeGovernanceChange(options) {
+        const fa = METAGOV_SCOPE_CODES[options.scopeDomain] ?? 0;
+        const fb = METAGOV_PERMISSION_CODES[options.permissionLevel] ?? 0;
+        const fc = safeHexInt(options.operatorCredentialHash);
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-METAGOV.5", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-METAGOV.5", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `governance-auth-${options.scopeDomain}`;
+            payload.ai_context = {
+                provider: "governance-authorization",
+                scope_domain: options.scopeDomain,
+                permission_level: options.permissionLevel,
+                operator_id: options.operatorId,
+                change_description: options.changeDescription,
+            };
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Emergency Override Attestation (AI-METAGOV.6) ──────────────────
+    /**
+     * Witness an emergency governance override (AI-METAGOV.6).
+     *
+     * Records governance changes made outside normal approval workflow.
+     * Triggers mandatory review requirement.
+     */
+    witnessEmergencyOverride(options) {
+        const fa = METAGOV_OVERRIDE_REASON_CODES[options.overrideReason] ?? 0;
+        const fb = options.reviewWindowHours;
+        const fc = METAGOV_REVIEW_STATUS_CODES.unreviewed; // always starts unreviewed
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-METAGOV.6", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-METAGOV.6", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `emergency-override`;
+            payload.ai_context = {
+                provider: "governance-emergency",
+                override_reason: options.overrideReason,
+                review_window_hours: options.reviewWindowHours,
+                operator_id: options.operatorId,
+                change_description: options.changeDescription,
+                review_status: "unreviewed",
+            };
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Governance Sync Verification (AI-METAGOV.7) ──────────────────────
+    /**
+     * Witness governance policy divergence between organizations (AI-METAGOV.7).
+     *
+     * Records whether federated organizations have equivalent, compatible,
+     * or divergent governance policies during trust credential exchange.
+     */
+    witnessGovernanceSync(options) {
+        const fa = METAGOV_DIVERGENCE_CODES[options.divergenceType] ?? 0;
+        const fb = safeHexInt(options.localPolicyHash);
+        const fc = safeHexInt(options.remotePolicyHash);
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-METAGOV.7", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-METAGOV.7", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `governance-sync`;
+            const ctx = {
+                provider: "governance-sync",
+                divergence_type: options.divergenceType,
+                local_policy_hash: options.localPolicyHash,
+                remote_policy_hash: options.remotePolicyHash,
+            };
+            if (options.remoteTenantId)
+                ctx.remote_tenant_id = options.remoteTenantId;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Attestation Purity Verification (AI-METAGOV.8) ──────────────────
+    /**
+     * Verify and attest that the attestation engine is free of AI (AI-METAGOV.8).
+     *
+     * Computes a combined hash of attestation path source files to prove
+     * the witness layer contains no machine learning components.
+     */
+    verifyAttestationPurity(options) {
+        const combinedInput = options.sourceFiles
+            .sort((a, b) => a.path.localeCompare(b.path))
+            .map(f => `${f.path}:${f.hash}`)
+            .join("|");
+        const combinedHash = sha256Truncated(combinedInput, 12);
+        const fa = options.sourceFiles.length;
+        const fb = parseInt(combinedHash.slice(0, 8), 16) % 1000000;
+        const fc = 1; // pure by definition (this SDK has no AI in attestation path)
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-METAGOV.8", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-METAGOV.8", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `attestation-purity`;
+            const ctx = {
+                provider: "purity-verification",
+                source_file_count: options.sourceFiles.length,
+                combined_source_hash: combinedHash,
+                purity_tier: "verified_pure",
+            };
+            if (options.buildHash)
+                ctx.build_hash = options.buildHash;
+            payload.ai_context = ctx;
+        }
+        const policyHash = this.config.policyVersion ? sha256Truncated(this.config.policyVersion, 12) : undefined;
+        this._applyOperationalMetadata(payload, policyHash);
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Physical AI / Large Engineering Model (AI-ENG.1-5) ──────────
+    /**
+     * Witness AI-generated design provenance (AI-ENG.1).
+     * DO-178C 5.1, ASME V&V 10 3.1, FDA 21 CFR 11.10(a).
+     */
+    witnessDesignProvenance(options) {
+        const fa = options.constraintsApplied;
+        const fb = options.parametersGenerated;
+        const fc = DESIGN_DOMAIN_CODES[options.designDomain] ?? 7;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-ENG.1", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-ENG.1", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `design-${options.designDomain}`;
+            const ctx = { provider: "design-generation", design_domain: options.designDomain };
+            if (options.designHash)
+                ctx.design_hash = options.designHash;
+            if (options.modelVersion)
+                ctx.model_version = options.modelVersion;
+            payload.ai_context = ctx;
+        }
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness simulation validation of AI-generated design (AI-ENG.2).
+     * DO-178C 6.3, ASME V&V 10 4.1, ISO 26262-4.
+     */
+    witnessSimulationValidation(options) {
+        const fa = options.simulationsRun;
+        const fb = options.simulationsPassed;
+        const fc = SIMULATION_TYPE_CODES[options.simulationType] ?? 6;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-ENG.2", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-ENG.2", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `sim-${options.simulationType}`;
+            const ctx = { provider: "simulation-validation", simulation_type: options.simulationType };
+            if (options.simulationHash)
+                ctx.simulation_hash = options.simulationHash;
+            if (options.acceptanceCriteria)
+                ctx.acceptance_criteria = options.acceptanceCriteria;
+            payload.ai_context = ctx;
+        }
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness safety-critical review gate (AI-ENG.3).
+     * DO-178C 7.2, FDA 21 CFR 11.10(g), ISO 26262-2.
+     */
+    witnessSafetyReview(options) {
+        const fa = options.reviewersRequired;
+        const fb = options.reviewersApproved;
+        const fc = APPROVAL_TYPE_CODES[options.approvalType] ?? 0;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-ENG.3", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-ENG.3", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `review-${options.approvalType}`;
+            const ctx = { provider: "safety-review", approval_type: options.approvalType };
+            if (options.reviewId)
+                ctx.review_id = options.reviewId;
+            if (options.peLicense)
+                ctx.pe_license = options.peLicense;
+            payload.ai_context = ctx;
+        }
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness material specification compliance (AI-ENG.4).
+     * ASME V&V 10 3.3, DO-254 5.3, ISO 26262-8.
+     */
+    witnessMaterialCompliance(options) {
+        const fa = options.specificationsChecked;
+        const fb = options.specificationsMet;
+        const fc = MATERIAL_STANDARD_CODES[options.standard] ?? 6;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-ENG.4", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-ENG.4", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `material-${options.standard}`;
+            const ctx = { provider: "material-compliance", standard: options.standard };
+            if (options.materialId)
+                ctx.material_id = options.materialId;
+            if (options.specificationRef)
+                ctx.specification_ref = options.specificationRef;
+            payload.ai_context = ctx;
+        }
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness design revision chain (AI-ENG.5).
+     * DO-178C 7.3, FDA 21 CFR 11.10(e), ASME V&V 10 2.4.
+     */
+    witnessDesignChain(options) {
+        const fa = options.totalRevisions;
+        const fb = options.aiGeneratedRevisions;
+        const fc = CHAIN_STATUS_CODES[options.chainStatus] ?? 0;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-ENG.5", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-ENG.5", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `design-chain-${options.chainStatus}`;
+            const ctx = { provider: "design-revision-chain", chain_status: options.chainStatus, ai_revision_ratio: options.aiGeneratedRevisions / Math.max(options.totalRevisions, 1) };
+            if (options.designId)
+                ctx.design_id = options.designId;
+            if (options.finalHash)
+                ctx.final_hash = options.finalHash;
+            payload.ai_context = ctx;
+        }
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    /**
+     * Witness fabrication release attestation (AI-ENG.6).
+     * DO-178C 5.5, FDA 21 CFR 11.10(f), ISO 26262-4 7.4.4.
+     */
+    witnessFabricationRelease(options) {
+        const fa = options.designHashVerified ? 1 : 0;
+        const fb = options.authorizationCount;
+        const fc = RELEASE_TYPE_CODES[options.releaseType] ?? 0;
+        const [ts, epoch] = timestampMs();
+        const fp = mintFingerprint(this.config.tenantId, "AI-ENG.6", fa, fb, fc, ts);
+        const payload = {
+            procedure_id: "AI-ENG.6", factor_a: fa, factor_b: fb, factor_c: fc,
+            clearing_level: this.config.clearingLevel,
+            anchor_fingerprint: fp, anchor_epoch: epoch, fingerprint_timestamp_ms: ts,
+        };
+        if (this.config.clearingLevel <= 1) {
+            payload.ai_model_id = `fabrication-${options.releaseType}`;
+            const ctx = { provider: "fabrication-release", release_type: options.releaseType, design_hash_verified: options.designHashVerified };
+            if (options.productionSystemId)
+                ctx.production_system_id = options.productionSystemId;
+            if (options.approvedDesignHash)
+                ctx.approved_design_hash = options.approvedDesignHash;
+            if (options.finalDesignHash)
+                ctx.final_design_hash = options.finalDesignHash;
+            payload.ai_context = ctx;
+        }
+        this.buffer.enqueueMany([payload]);
+        return payload;
+    }
+    // ── Trust Mesh (AI-TRUST.1 / AI-TRUST.2) ────────────────────────
+    _trustRegistry;
     _witnessedProcedures = new Set();
     get trustRegistry() {
         if (!this._trustRegistry)
@@ -2115,4 +3393,81 @@ export class Witness {
         return this.buffer.receipts;
     }
 }
+/**
+ * Validate a governance rule graph for circular dependencies (AI-METAGOV.4).
+ *
+ * Uses Kahn's algorithm (BFS topological sort) to detect cycles in governance
+ * rule dependency graphs. Returns validation results including any detected cycles.
+ */
+export function validateGovernanceGraph(rules) {
+    // Build adjacency list and in-degree map
+    const adj = new Map();
+    const inDegree = new Map();
+    for (const rule of rules) {
+        if (!adj.has(rule.id))
+            adj.set(rule.id, []);
+        if (!inDegree.has(rule.id))
+            inDegree.set(rule.id, 0);
+        for (const dep of rule.dependencies ?? []) {
+            if (!adj.has(dep))
+                adj.set(dep, []);
+            if (!inDegree.has(dep))
+                inDegree.set(dep, 0);
+            adj.get(dep).push(rule.id);
+            inDegree.set(rule.id, (inDegree.get(rule.id) ?? 0) + 1);
+        }
+    }
+    // Kahn's algorithm
+    const queue = [];
+    for (const [node, deg] of inDegree) {
+        if (deg === 0)
+            queue.push(node);
+    }
+    const sorted = [];
+    const depths = new Map();
+    for (const node of queue)
+        depths.set(node, 0);
+    while (queue.length > 0) {
+        const node = queue.shift();
+        sorted.push(node);
+        for (const neighbor of adj.get(node) ?? []) {
+            const newDeg = (inDegree.get(neighbor) ?? 1) - 1;
+            inDegree.set(neighbor, newDeg);
+            depths.set(neighbor, Math.max(depths.get(neighbor) ?? 0, (depths.get(node) ?? 0) + 1));
+            if (newDeg === 0)
+                queue.push(neighbor);
+        }
+    }
+    // Nodes not in sorted = part of cycles
+    const cycleNodes = new Set();
+    for (const [node, deg] of inDegree) {
+        if (deg > 0)
+            cycleNodes.add(node);
+    }
+    // Extract cycle paths from remaining nodes
+    const cycles = [];
+    if (cycleNodes.size > 0) {
+        const visited = new Set();
+        for (const start of cycleNodes) {
+            if (visited.has(start))
+                continue;
+            const cycle = [];
+            let current = start;
+            while (current && !visited.has(current) && cycleNodes.has(current)) {
+                visited.add(current);
+                cycle.push(current);
+                current = (adj.get(current) ?? []).find(n => cycleNodes.has(n) && !visited.has(n));
+            }
+            if (cycle.length > 0)
+                cycles.push(cycle);
+        }
+    }
+    const maxDepth = Math.max(0, ...Array.from(depths.values()));
+    return {
+        valid: cycles.length === 0,
+        cycles,
+        maxDepth,
+        ruleCount: rules.length,
+    };
+}
 //# sourceMappingURL=witness.js.map