@vorionsys/atsf-core 0.2.4 → 0.3.0

package/dist/trust-engine/index.js

@@ -1,15 +1,15 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2024-2026 Vorion LLC
 /**
  * Trust Engine - Behavioral Trust Scoring
  *
  * Calculates and maintains trust scores for entities based on behavioral signals.
- * Features 8-tier trust system (T0-T7) with event emission for observability.
+ * Features 6-tier trust system with event emission for observability.
  *
  * @packageDocumentation
  */
 import { EventEmitter } from 'events';
 import { createLogger } from '../common/logger.js';
-import { calculateDecayMultiplier } from './decay-profiles.js';
-import { FACTOR_CODE_LIST, DEFAULT_FACTOR_WEIGHTS, SIGNAL_PREFIX_TO_FACTORS as BASIS_SIGNAL_PREFIX_MAP, initialFactorScores, } from '@vorionsys/basis';
 const logger = createLogger({ component: 'trust-engine' });
 /**
  * Trust level thresholds (8 tiers T0-T7) - per BASIS specification
@@ -37,13 +37,7 @@ export const TRUST_LEVEL_NAMES = {
     6: 'Certified',
     7: 'Autonomous',
 };
-// Re-export canonical factor constants from @vorionsys/basis
-export const FACTOR_CODES = FACTOR_CODE_LIST;
-export const FACTOR_WEIGHTS = DEFAULT_FACTOR_WEIGHTS;
-export const SIGNAL_PREFIX_TO_FACTORS = BASIS_SIGNAL_PREFIX_MAP;
-export { initialFactorScores };
 /**
- * @deprecated Use FACTOR_WEIGHTS for 16-factor scoring. Kept for backwards compatibility.
  * Signal weights for score calculation
  */
 export const SIGNAL_WEIGHTS = {
@@ -52,12 +46,91 @@ export const SIGNAL_WEIGHTS = {
     identity: 0.2,
     context: 0.15,
 };
+/**
+ * Penalty ratio per BASIS specification: P(T) = 3 + T
+ *
+ * Negative signals have their EWA weight multiplied by (3 + currentTier),
+ * so higher-tier agents are punished MORE severely for failures.
+ *   T0 = 3×, T1 = 4×, T2 = 5×, T3 = 6×, T4 = 7×, T5 = 8×, T6 = 9×, T7 = 10×
+ *
+ * Only applies to negative signals (value < neutral 0.5). Positive signals
+ * are NOT amplified.
+ */
+export const PENALTY_RATIO_BASE = 3;
+/**
+ * Calculate the penalty weight multiplier for a given tier.
+ * P(T) = 3 + T
+ */
+export function penaltyMultiplier(tier) {
+    return PENALTY_RATIO_BASE + tier;
+}
+/**
+ * 16-factor trust model — granular decomposition of the 4-dimension model.
+ * Each factor maps to one of the 4 TrustComponents dimensions.
+ */
+export const FACTOR_CODES = [
+    'CT-COMP', 'CT-REL', 'CT-OBS', 'CT-TRANS', 'CT-ACCT', 'CT-SAFE',
+    'CT-SEC', 'CT-PRIV', 'CT-ID',
+    'OP-HUMAN', 'OP-ALIGN', 'OP-CONTEXT',
+    'OP-STEW', 'SF-HUM',
+    'SF-ADAPT', 'SF-LEARN',
+];
+export const FACTOR_WEIGHTS = {
+    'CT-COMP': 0.08, 'CT-REL': 0.07, 'CT-OBS': 0.07, 'CT-TRANS': 0.06,
+    'CT-ACCT': 0.06, 'CT-SAFE': 0.05, 'CT-SEC': 0.05, 'CT-PRIV': 0.04, 'CT-ID': 0.04,
+    'OP-HUMAN': 0.08, 'OP-ALIGN': 0.08, 'OP-CONTEXT': 0.07, 'OP-STEW': 0.07,
+    'SF-HUM': 0.07, 'SF-ADAPT': 0.06, 'SF-LEARN': 0.05,
+};
+/**
+ * Maps each 16-factor code to its parent TrustComponents dimension,
+ * enabling signal routing from factor-coded signal types (e.g. CT-COMP.perfect)
+ * to the correct component bucket for score calculation.
+ */
+const FACTOR_TO_COMPONENT = {
+    'CT-COMP': 'compliance', 'CT-REL': 'compliance', 'CT-OBS': 'compliance',
+    'CT-TRANS': 'compliance', 'CT-ACCT': 'compliance',
+    'CT-SAFE': 'identity', 'CT-SEC': 'identity', 'CT-PRIV': 'identity', 'CT-ID': 'identity',
+    'OP-HUMAN': 'behavioral', 'OP-ALIGN': 'behavioral',
+    'OP-CONTEXT': 'context', 'OP-STEW': 'context',
+    'SF-HUM': 'behavioral', 'SF-ADAPT': 'behavioral', 'SF-LEARN': 'behavioral',
+};
+/**
+ * Canonical reason codes for time-bound readiness exceptions.
+ */
+export const READINESS_EXCEPTION_REASON_CODES = [
+    'approved_leave',
+    'planned_maintenance',
+    'telemetry_outage',
+    'legal_hold',
+    'incident_response',
+    'dependency_outage',
+];
+const DEFAULT_READINESS_CHECKPOINT_DAYS = [7, 14, 28, 42, 56, 84, 112, 140, 182];
+const DEFAULT_READINESS_REDUCTIONS = [0.06, 0.06, 0.06, 0.06, 0.06, 0.05, 0.05, 0.05, 0.05];
+const DEFAULT_READINESS_EXCEPTION_MAX_DURATION_MS = 30 * 24 * 60 * 60 * 1000;
+function toMs(days) {
+    return days * 24 * 60 * 60 * 1000;
+}
+function clampReductionScale(value) {
+    if (value === undefined || Number.isNaN(value))
+        return 1;
+    if (value < 0)
+        return 0;
+    if (value > 1)
+        return 1;
+    return value;
+}
 /**
  * Trust Engine service with event emission and subscription limits
  */
 export class TrustEngine extends EventEmitter {
     records = new Map();
-    _decayCheckIntervalMs;
+    _decayRate;
+    _decayIntervalMs;
+    _failureThreshold;
+    _acceleratedDecayMultiplier;
+    _failureWindowMs;
+    _minFailuresForAcceleration;
     _persistence;
     _autoPersist;
     // Recovery configuration
@@ -73,9 +146,41 @@ export class TrustEngine extends EventEmitter {
     _listenerWarningThreshold;
     _listenerCounts = new Map();
     _totalListeners = 0;
+    _readinessMode;
+    _readinessCheckpointDays;
+    _readinessCheckpointReductions;
+    _allowedReadinessExceptionReasons;
+    _readinessExceptionMaxDurationMs;
+    // Signal deduplication state
+    _signalDedupEnabled;
+    _signalDedupDecayFactor;
+    _signalDedupWindowSize;
+    _signalDedupWindowMs;
+    _signalDedupMinFactor;
+    /**
+     * Per-entity dedup tracker. Each entry holds recent signal type records
+     * used to compute diminishing returns for repeated identical signal types.
+     */
+    _dedupState = new Map();
+    // Incremental scoring cache — avoids O(n) recalculation on every signal.
+    // Cache is engine-side (not serialized into TrustRecord) and is rebuilt on load or every N signals.
+    _scoreCache = new Map();
+    /** Number of signals between forced full recalculations for drift correction */
+    static INCREMENTAL_RECALC_INTERVAL = 100;
+    // ParameSphere integration
+    _paramesphere;
+    _cognitiveEnvelope;
+    _fingerprintBaselines = new Map();
+    // Trust verifier (optional cryptographic state commitment)
+    _verifier;
     constructor(config = {}) {
         super();
-        this._decayCheckIntervalMs = config.decayCheckIntervalMs ?? 60000;
+        this._decayRate = config.decayRate ?? 0.01;
+        this._decayIntervalMs = config.decayCheckIntervalMs ?? config.decayIntervalMs ?? 60000;
+        this._failureThreshold = config.failureThreshold ?? 0.3;
+        this._acceleratedDecayMultiplier = config.acceleratedDecayMultiplier ?? 1.0;
+        this._failureWindowMs = config.failureWindowMs ?? 3600000; // 1 hour
+        this._minFailuresForAcceleration = config.minFailuresForAcceleration ?? 2;
         this._persistence = config.persistence;
         this._autoPersist = config.autoPersist ?? (config.persistence !== undefined);
         // Recovery configuration
@@ -89,9 +194,209 @@ export class TrustEngine extends EventEmitter {
         this._maxListenersPerEvent = config.maxListenersPerEvent ?? 100;
         this._maxTotalListeners = config.maxTotalListeners ?? 1000;
         this._listenerWarningThreshold = config.listenerWarningThreshold ?? 0.8;
+        this._readinessMode = config.readinessMode ?? config.freshnessMode ?? (config.decayIntervalMs !== undefined || config.decayRate !== undefined
+            ? 'legacy_interval'
+            : 'checkpoint_schedule');
+        this._readinessCheckpointDays =
+            config.readinessCheckpointDays ?? config.freshnessCheckpointDays ?? [...DEFAULT_READINESS_CHECKPOINT_DAYS];
+        this._readinessCheckpointReductions =
+            config.readinessCheckpointReductions ?? config.freshnessCheckpointReductions ?? [...DEFAULT_READINESS_REDUCTIONS];
+        if (this._readinessCheckpointDays.length !== this._readinessCheckpointReductions.length) {
+            throw new Error('freshnessCheckpointDays and freshnessCheckpointReductions must have equal length');
+        }
+        this._allowedReadinessExceptionReasons = new Set(config.readinessExceptionAllowedReasons ??
+            config.freshnessExceptionAllowedReasons ??
+            [...READINESS_EXCEPTION_REASON_CODES]);
+        this._readinessExceptionMaxDurationMs =
+            config.readinessExceptionMaxDurationMs ??
+                config.freshnessExceptionMaxDurationMs ??
+                DEFAULT_READINESS_EXCEPTION_MAX_DURATION_MS;
+        // Signal deduplication configuration
+        this._signalDedupEnabled = config.signalDedupEnabled ?? true;
+        this._signalDedupDecayFactor = config.signalDedupDecayFactor ?? 0.5;
+        this._signalDedupWindowSize = config.signalDedupWindowSize ?? 10;
+        this._signalDedupWindowMs = config.signalDedupWindowMs ?? 3600000; // 1 hour
+        this._signalDedupMinFactor = config.signalDedupMinFactor ?? 0.0625; // 1/16
+        // ParameSphere integration
+        this._paramesphere = config.paramesphere;
+        this._cognitiveEnvelope = config.cognitiveEnvelope;
+        this._verifier = config.verifier;
         // Set default max listeners on EventEmitter
         this.setMaxListeners(this._maxListenersPerEvent);
     }
+    /** Decay check interval in milliseconds */
+    get decayCheckIntervalMs() {
+        return this._decayIntervalMs;
+    }
+    validateReadinessExceptionOptions(options) {
+        if (!this._allowedReadinessExceptionReasons.has(options.reason)) {
+            throw new Error(`Unsupported readiness exception reason: ${options.reason}. ` +
+                `Allowed reasons: ${Array.from(this._allowedReadinessExceptionReasons).join(', ')}`);
+        }
+        const now = Date.now();
+        const expiresAtMs = new Date(options.expiresAt).getTime();
+        if (Number.isNaN(expiresAtMs)) {
+            throw new Error('Invalid expiresAt timestamp for readiness exception');
+        }
+        if (expiresAtMs <= now) {
+            throw new Error('Readiness exception expiresAt must be in the future');
+        }
+        if (expiresAtMs - now > this._readinessExceptionMaxDurationMs) {
+            throw new Error(`Readiness exception duration exceeds configured maximum (${this._readinessExceptionMaxDurationMs} ms)`);
+        }
+    }
+    getCheckpointIntervalMs(index) {
+        if (index <= 0) {
+            return toMs(this._readinessCheckpointDays[0] ?? 7);
+        }
+        const current = this._readinessCheckpointDays[index] ?? this._readinessCheckpointDays[this._readinessCheckpointDays.length - 1] ?? 7;
+        const previous = this._readinessCheckpointDays[index - 1] ?? 0;
+        return toMs(Math.max(1, current - previous));
+    }
+    ensureReadinessState(record) {
+        record.readinessCheckpointIndex ??= record.freshnessCheckpointIndex ?? 0;
+        record.deferredReadinessMultiplier ??= record.deferredFreshnessMultiplier ?? 1;
+        record.readinessBaselineScore ??= record.freshnessBaselineScore ?? record.score;
+        record.freshnessCheckpointIndex = record.readinessCheckpointIndex;
+        record.deferredFreshnessMultiplier = record.deferredReadinessMultiplier;
+        record.freshnessBaselineScore = record.readinessBaselineScore;
+        record.freshnessException = record.readinessException ?? record.freshnessException;
+    }
+    isUsingDefaultReadinessSchedule() {
+        if (this._readinessCheckpointDays.length !== DEFAULT_READINESS_CHECKPOINT_DAYS.length) {
+            return false;
+        }
+        if (this._readinessCheckpointReductions.length !== DEFAULT_READINESS_REDUCTIONS.length) {
+            return false;
+        }
+        return this._readinessCheckpointDays.every((v, i) => v === DEFAULT_READINESS_CHECKPOINT_DAYS[i]) &&
+            this._readinessCheckpointReductions.every((v, i) => v === DEFAULT_READINESS_REDUCTIONS[i]);
+    }
+    isReadinessExceptionActive(record, now) {
+        const exception = record.readinessException ?? record.freshnessException;
+        if (!exception)
+            return false;
+        const issuedAt = new Date(exception.issuedAt).getTime();
+        const expiresAt = new Date(exception.expiresAt).getTime();
+        return now >= issuedAt && now < expiresAt;
+    }
+    async applyDeferredReadinessCatchupIfExpired(record) {
+        const exception = record.readinessException ?? record.freshnessException;
+        if (!exception)
+            return;
+        const now = Date.now();
+        const expiresAt = new Date(exception.expiresAt).getTime();
+        if (now < expiresAt)
+            return;
+        this.ensureReadinessState(record);
+        const deferredMultiplier = record.deferredReadinessMultiplier ?? 1;
+        if (deferredMultiplier < 1) {
+            const previousScore = record.score;
+            const adjustedScore = Math.max(0, Math.round(record.score * deferredMultiplier));
+            record.score = adjustedScore;
+            record.level = this.scoreToLevel(adjustedScore);
+            record.deferredReadinessMultiplier = 1;
+            record.deferredFreshnessMultiplier = 1;
+            this.emitReadinessAdjustmentEvents(record.entityId, {
+                previousScore,
+                newScore: record.score,
+                stalenessMs: 0,
+                accelerated: false,
+            });
+        }
+        delete record.readinessException;
+        delete record.freshnessException;
+    }
+    async applyScheduledReadinessAdjustment(record) {
+        this.ensureReadinessState(record);
+        await this.applyDeferredReadinessCatchupIfExpired(record);
+        while ((record.readinessCheckpointIndex ?? 0) < this._readinessCheckpointDays.length) {
+            const checkpointIndex = record.readinessCheckpointIndex ?? 0;
+            const intervalMs = this.getCheckpointIntervalMs(checkpointIndex);
+            const stalenessMs = Date.now() - new Date(record.lastCalculatedAt).getTime();
+            if (stalenessMs < intervalMs) {
+                break;
+            }
+            const previousScore = record.score;
+            const previousLevel = record.level;
+            const fullReduction = this._readinessCheckpointReductions[checkpointIndex] ?? 0;
+            const activeException = this.isReadinessExceptionActive(record, Date.now());
+            const scale = activeException ? clampReductionScale((record.readinessException ?? record.freshnessException)?.reductionScale) : 1;
+            const appliedReduction = fullReduction * scale;
+            const appliedMultiplier = 1 - appliedReduction;
+            const fullMultiplier = 1 - fullReduction;
+            record.score = Math.max(0, Math.round(record.score * appliedMultiplier));
+            const isFinalCheckpoint = checkpointIndex === this._readinessCheckpointDays.length - 1;
+            if (isFinalCheckpoint && !activeException && this.isUsingDefaultReadinessSchedule()) {
+                const baseline = record.readinessBaselineScore ?? record.freshnessBaselineScore ?? record.score;
+                record.score = Math.max(0, Math.round(baseline * 0.5));
+            }
+            record.level = this.scoreToLevel(record.score);
+            record.readinessCheckpointIndex = checkpointIndex + 1;
+            record.freshnessCheckpointIndex = record.readinessCheckpointIndex;
+            const lastCalculatedMs = new Date(record.lastCalculatedAt).getTime();
+            record.lastCalculatedAt = new Date(lastCalculatedMs + intervalMs).toISOString();
+            if (activeException && appliedMultiplier > 0 && fullMultiplier >= 0) {
+                const debtFactor = fullMultiplier / appliedMultiplier;
+                record.deferredReadinessMultiplier = (record.deferredReadinessMultiplier ?? 1) * debtFactor;
+                record.deferredFreshnessMultiplier = record.deferredReadinessMultiplier;
+            }
+            if (previousScore !== record.score) {
+                this.emitReadinessAdjustmentEvents(record.entityId, {
+                    previousScore,
+                    newScore: record.score,
+                    stalenessMs,
+                    accelerated: false,
+                });
+                if (previousLevel !== record.level) {
+                    this.emitTrustEvent({
+                        type: 'trust:tier_changed',
+                        entityId: record.entityId,
+                        timestamp: new Date().toISOString(),
+                        previousLevel,
+                        newLevel: record.level,
+                        previousLevelName: TRUST_LEVEL_NAMES[previousLevel],
+                        newLevelName: TRUST_LEVEL_NAMES[record.level],
+                        direction: record.level < previousLevel ? 'demoted' : 'promoted',
+                    });
+                }
+                await this.autoPersistRecord(record);
+            }
+        }
+    }
+    emitReadinessAdjustmentEvents(entityId, details) {
+        const adjustmentAmount = details.previousScore - details.newScore;
+        this.emitTrustEvent({
+            type: 'trust:readiness_adjusted',
+            entityId,
+            timestamp: new Date().toISOString(),
+            previousScore: details.previousScore,
+            newScore: details.newScore,
+            adjustmentAmount,
+            stalenessMs: details.stalenessMs,
+            accelerated: details.accelerated,
+        });
+        this.emitTrustEvent({
+            type: 'trust:freshness_adjusted',
+            entityId,
+            timestamp: new Date().toISOString(),
+            previousScore: details.previousScore,
+            newScore: details.newScore,
+            adjustmentAmount,
+            stalenessMs: details.stalenessMs,
+            accelerated: details.accelerated,
+        });
+        this.emitTrustEvent({
+            type: 'trust:decay_applied',
+            entityId,
+            timestamp: new Date().toISOString(),
+            previousScore: details.previousScore,
+            newScore: details.newScore,
+            decayAmount: adjustmentAmount,
+            stalenessMs: details.stalenessMs,
+            accelerated: details.accelerated,
+        });
+    }
     /**
      * Add event listener with subscription limits
      * @throws Error if listener limits are exceeded
@@ -198,10 +503,28 @@ export class TrustEngine extends EventEmitter {
         };
     }
     /**
-     * Get the decay check interval in milliseconds
+     * Get the current decay rate
      */
-    get decayCheckIntervalMs() {
-        return this._decayCheckIntervalMs;
+    get decayRate() {
+        return this._decayRate;
+    }
+    /**
+     * Get the decay interval in milliseconds
+     */
+    get decayIntervalMs() {
+        return this._decayIntervalMs;
+    }
+    /**
+     * Get the failure threshold
+     */
+    get failureThreshold() {
+        return this._failureThreshold;
+    }
+    /**
+     * Get the accelerated decay multiplier
+     */
+    get acceleratedDecayMultiplier() {
+        return this._acceleratedDecayMultiplier;
     }
     /**
      * Get the persistence provider
@@ -236,6 +559,7 @@ export class TrustEngine extends EventEmitter {
         }
         const records = await this._persistence.query();
         this.records.clear();
+        this._scoreCache.clear(); // Invalidate incremental caches on reload
         for (const record of records) {
             this.records.set(record.entityId, record);
         }
@@ -265,6 +589,122 @@ export class TrustEngine extends EventEmitter {
             await this._persistence.save(record);
         }
     }
+    // -----------------------------------------------------------------------
+    // ParameSphere Integration
+    // -----------------------------------------------------------------------
+    /**
+     * Check an entity's model fingerprint for drift.
+     * If drift exceeds threshold, automatically records a negative trust signal.
+     * Returns the drift result.
+     */
+    async checkFingerprint(entityId, weights, activations) {
+        if (!this._paramesphere) {
+            return null;
+        }
+        const current = this._paramesphere.computeFingerprint(weights, activations);
+        const baseline = this._fingerprintBaselines.get(entityId);
+        if (!baseline) {
+            // First call — store as baseline
+            this._fingerprintBaselines.set(entityId, current);
+            this.emitTrustEvent({
+                type: 'trust:fingerprint_baseline_set',
+                entityId,
+                timestamp: new Date().toISOString(),
+                fingerprintSha256: current.sha256,
+            });
+            logger.info({ entityId, sha256: current.sha256 }, 'Fingerprint baseline set');
+            return { drifted: false, similarity: 1.0, magnitude: 0 };
+        }
+        // Compare against baseline
+        const comparison = this._paramesphere.compareFingerprints(baseline, current);
+        const similarity = comparison.cosineSimilarity;
+        const magnitude = comparison.l2Distance;
+        const drifted = comparison.driftDetected;
+        if (drifted) {
+            // Auto-record a negative signal — maximum negative triggers full asymmetric penalty
+            await this.recordSignal({
+                id: `paramesphere-drift-${entityId}-${Date.now()}`,
+                entityId,
+                type: 'paramesphere:drift',
+                value: 0.0,
+                source: 'system:paramesphere',
+                timestamp: new Date().toISOString(),
+                metadata: {
+                    similarity,
+                    magnitude,
+                    driftThreshold: comparison.cosineDistance,
+                    cosineDistance: comparison.cosineDistance,
+                    maxSingularValueDelta: comparison.maxSingularValueDelta,
+                },
+            });
+            this.emitTrustEvent({
+                type: 'trust:fingerprint_drift',
+                entityId,
+                timestamp: new Date().toISOString(),
+                similarity,
+                magnitude,
+                driftThreshold: comparison.cosineDistance,
+            });
+            logger.warn({ entityId, similarity, magnitude, cosineDistance: comparison.cosineDistance }, 'Fingerprint drift detected — negative trust signal recorded');
+        }
+        return { drifted, similarity, magnitude };
+    }
+    /**
+     * Set or update the fingerprint baseline for an entity.
+     * Call after initial model load or after a verified safe update.
+     */
+    async setFingerprintBaseline(entityId, weights, activations) {
+        if (!this._paramesphere) {
+            return;
+        }
+        const fingerprint = this._paramesphere.computeFingerprint(weights, activations);
+        this._fingerprintBaselines.set(entityId, fingerprint);
+        this.emitTrustEvent({
+            type: 'trust:fingerprint_baseline_set',
+            entityId,
+            timestamp: new Date().toISOString(),
+            fingerprintSha256: fingerprint.sha256,
+        });
+        logger.info({ entityId, sha256: fingerprint.sha256 }, 'Fingerprint baseline set');
+    }
+    /**
+     * Check if entity behavioral signals are within cognitive envelope bounds.
+     * If breach detected, records a negative trust signal with multiplier.
+     */
+    async checkCognitiveEnvelope(entityId, observation) {
+        if (!this._cognitiveEnvelope) {
+            return null;
+        }
+        const result = this._cognitiveEnvelope.checkBreach(observation);
+        const breached = result.breached;
+        if (breached) {
+            // Auto-record a negative signal for envelope breach
+            await this.recordSignal({
+                id: `paramesphere-envelope-${entityId}-${Date.now()}`,
+                entityId,
+                type: 'paramesphere:envelope_breach',
+                value: 0.0,
+                source: 'system:paramesphere',
+                timestamp: new Date().toISOString(),
+                metadata: {
+                    maxDeviation: result.maxDeviation,
+                    trustMultiplier: result.trustMultiplier,
+                    breachCounter: result.breachCounter,
+                    dimensionBreaches: result.dimensionBreaches,
+                },
+            });
+            this.emitTrustEvent({
+                type: 'trust:envelope_breach',
+                entityId,
+                timestamp: new Date().toISOString(),
+                distance: result.maxDeviation,
+                trustMultiplier: result.trustMultiplier,
+                breachCounter: result.breachCounter,
+            });
+            logger.warn({ entityId, maxDeviation: result.maxDeviation, breachCounter: result.breachCounter }, 'Cognitive envelope breach detected — negative trust signal recorded');
+        }
+        return { breached, distance: result.maxDeviation };
+    }
     /**
      * Close the trust engine and persistence provider
      */
@@ -272,6 +712,7 @@ export class TrustEngine extends EventEmitter {
         if (this._persistence) {
             await this._persistence.close();
         }
+        this._scoreCache.clear();
         this.removeAllListeners();
     }
     /**
@@ -288,34 +729,41 @@ export class TrustEngine extends EventEmitter {
     async calculate(entityId) {
         const record = this.records.get(entityId);
         const signals = record?.signals ?? [];
-        // Calculate factor scores (16-factor model)
-        const factorScores = this.calculateFactorScores(signals);
-        // Calculate weighted total using factor weights
-        let score = 0;
-        for (const code of FACTOR_CODES) {
-            score += factorScores[code] * FACTOR_WEIGHTS[code] * 1000;
-        }
-        score = Math.round(score);
-        // Guard: if factor arithmetic produced NaN/Infinity, fall back to 0
-        if (!Number.isFinite(score)) {
-            logger.warn({ entityId, score }, 'Score computation produced non-finite value, defaulting to 0');
-            score = 0;
-        }
+        const currentLevel = record?.level ?? 1;
+        // Calculate component scores
+        const components = this.calculateComponents(signals, currentLevel);
+        // Calculate weighted total
+        const score = Math.round(components.behavioral * SIGNAL_WEIGHTS.behavioral * 1000 +
+            components.compliance * SIGNAL_WEIGHTS.compliance * 1000 +
+            components.identity * SIGNAL_WEIGHTS.identity * 1000 +
+            components.context * SIGNAL_WEIGHTS.context * 1000);
         // Clamp to valid range
         const clampedScore = Math.max(0, Math.min(1000, score));
         const level = this.scoreToLevel(clampedScore);
-        // Backwards compat: also compute legacy 4-bucket components
-        const components = this.calculateComponents(signals);
         const factors = this.getSignificantFactors(components);
-        logger.debug({ entityId, score: clampedScore, level, factorScores }, 'Trust calculated');
+        logger.debug({ entityId, score: clampedScore, level, components }, 'Trust calculated');
         return {
             score: clampedScore,
             level,
             components,
-            factorScores,
             factors,
         };
     }
+    /**
+     * Check if an entity has accelerated decay active
+     */
+    hasAcceleratedDecay(record) {
+        const now = Date.now();
+        const recentFailures = record.recentFailures.filter((timestamp) => now - new Date(timestamp).getTime() < this._failureWindowMs);
+        return recentFailures.length >= this._minFailuresForAcceleration;
+    }
+    /**
+     * Clean up old failure timestamps outside the window
+     */
+    cleanupFailures(record) {
+        const now = Date.now();
+        record.recentFailures = record.recentFailures.filter((timestamp) => now - new Date(timestamp).getTime() < this._failureWindowMs);
+    }
     /**
      * Clean up old success timestamps outside the window
      */
@@ -420,14 +868,25 @@ export class TrustEngine extends EventEmitter {
     async getScore(entityId) {
         const record = this.records.get(entityId);
         if (record) {
-            // Apply decay if enough time has passed since last check
+            // Clean up old failures
+            this.cleanupFailures(record);
+            if (this._readinessMode === 'checkpoint_schedule') {
+                await this.applyScheduledReadinessAdjustment(record);
+                return record;
+            }
+            // Apply decay if stale
             const staleness = Date.now() - new Date(record.lastCalculatedAt).getTime();
-            if (staleness > this._decayCheckIntervalMs) {
+            if (staleness > this._decayIntervalMs) {
                 const previousScore = record.score;
                 const previousLevel = record.level;
-                // Milestone-based decay: convert staleness to days, apply stepped multiplier
-                const daysSinceActivity = staleness / (24 * 60 * 60 * 1000);
-                const decayMultiplier = calculateDecayMultiplier(daysSinceActivity);
+                // Check if accelerated decay should apply
+                const accelerated = this.hasAcceleratedDecay(record);
+                const effectiveDecayRate = accelerated
+                    ? this._decayRate * this._acceleratedDecayMultiplier
+                    : this._decayRate;
+                // Apply decay based on staleness
+                const decayPeriods = Math.floor(staleness / this._decayIntervalMs);
+                const decayMultiplier = Math.pow(1 - effectiveDecayRate, decayPeriods);
                 const decayedScore = Math.round(record.score * decayMultiplier);
                 const clampedScore = Math.max(0, decayedScore);
                 record.score = clampedScore;
@@ -443,6 +902,7 @@ export class TrustEngine extends EventEmitter {
                         newScore: record.score,
                         decayAmount: previousScore - record.score,
                         stalenessMs: staleness,
+                        accelerated,
                     });
                     // Emit tier change if applicable
                     if (previousLevel !== record.level) {
@@ -465,34 +925,25 @@ export class TrustEngine extends EventEmitter {
         return record;
     }
     /**
-     * Validate a trust signal before ingestion.
-     * Rejects NaN, Infinity, out-of-range values, and missing required fields.
-     *
-     * @throws Error on invalid signal
+     * Record a trust signal
      */
-    validateSignal(signal) {
-        if (!signal) {
+    async recordSignal(signal) {
+        // Input validation
+        if (signal == null) {
             throw new Error('Signal is required');
         }
         if (!signal.entityId) {
-            throw new Error('Signal must have an entityId');
+            throw new Error('entityId is required');
         }
-        if (!signal.type || typeof signal.type !== 'string') {
-            throw new Error('Signal must have a non-empty string type');
+        if (!signal.type) {
+            throw new Error('type is required');
         }
-        if (!Number.isFinite(signal.value)) {
-            throw new Error(`Invalid signal value: ${signal.value} (must be a finite number)`);
+        if (typeof signal.value !== 'number' || !Number.isFinite(signal.value)) {
+            throw new Error('Invalid signal value');
         }
         if (signal.value < 0 || signal.value > 1) {
-            throw new Error(`Signal value out of range: ${signal.value} (must be 0.0–1.0)`);
+            throw new Error('Signal value out of range');
         }
-    }
-    /**
-     * Record a trust signal
-     * @throws Error if signal is invalid (NaN, out of range, missing fields)
-     */
-    async recordSignal(signal) {
-        this.validateSignal(signal);
         let record = this.records.get(signal.entityId);
         let isNewEntity = false;
         if (!record) {
@@ -500,12 +951,53 @@ export class TrustEngine extends EventEmitter {
             this.records.set(signal.entityId, record);
             isNewEntity = true;
         }
+        // Apply signal deduplication (diminishing returns for repeated signal types)
+        const dedupResult = this.applySignalDedup(signal);
+        if (dedupResult.adjusted) {
+            signal = { ...signal, value: dedupResult.value };
+            this.emitTrustEvent({
+                type: 'trust:signal_deduplicated',
+                entityId: signal.entityId,
+                timestamp: new Date().toISOString(),
+                signal,
+                originalValue: dedupResult.originalValue,
+                adjustedValue: dedupResult.value,
+                diminishingFactor: dedupResult.factor,
+                repeatCount: dedupResult.repeatCount,
+            });
+            logger.info({
+                entityId: signal.entityId,
+                signalType: signal.type,
+                originalValue: dedupResult.originalValue,
+                adjustedValue: dedupResult.value,
+                diminishingFactor: dedupResult.factor,
+                repeatCount: dedupResult.repeatCount,
+            }, 'Signal deduplication applied — diminishing returns for repeated signal type');
+        }
         const previousScore = record.score;
         const previousLevel = record.level;
-        // Reset consecutive successes on low-value signals (below 0.3)
-        // Neutral signals (0.3-0.7) don't break the success streak
-        if (signal.value < 0.3) {
+        // Detect failure signals
+        if (signal.value < this._failureThreshold) {
+            record.recentFailures.push(signal.timestamp);
+            this.cleanupFailures(record);
+            // Reset consecutive successes on failure
             record.consecutiveSuccesses = 0;
+            const acceleratedDecayActive = this.hasAcceleratedDecay(record);
+            this.emitTrustEvent({
+                type: 'trust:failure_detected',
+                entityId: signal.entityId,
+                timestamp: new Date().toISOString(),
+                signal,
+                failureCount: record.recentFailures.length,
+                acceleratedDecayActive,
+            });
+            logger.warn({
+                entityId: signal.entityId,
+                signalType: signal.type,
+                signalValue: signal.value,
+                failureCount: record.recentFailures.length,
+                acceleratedDecayActive,
+            }, 'Failure signal detected');
         }
         // Detect success signals and apply recovery
         if (signal.value >= this._successThreshold) {
@@ -528,17 +1020,38 @@ export class TrustEngine extends EventEmitter {
         // Add signal
         record.signals.push(signal);
         // Keep only recent signals (last 1000)
+        // If we sliced, invalidate the cache since the signal array changed
         if (record.signals.length > 1000) {
             record.signals = record.signals.slice(-1000);
+            this._scoreCache.delete(signal.entityId);
+        }
+        // Recalculate — use incremental O(1) path when cache is fresh,
+        // otherwise fall back to full O(n) recalculation and rebuild the cache.
+        let calculation;
+        const existingCache = this._scoreCache.get(signal.entityId);
+        const signalsSinceFullRecalc = existingCache
+            ? record.signals.length - existingCache.lastFullRecalcAt
+            : Infinity;
+        if (existingCache && signalsSinceFullRecalc < TrustEngine.INCREMENTAL_RECALC_INTERVAL) {
+            // O(1) incremental update
+            calculation = this.incrementalUpdate(signal, record.level);
+        }
+        else {
+            // Full O(n) recalculation + cache rebuild
+            calculation = await this.calculate(signal.entityId);
+            this.buildCacheFromSignals(record.signals, record.level, signal.entityId);
         }
-        // Recalculate
-        const calculation = await this.calculate(signal.entityId);
         // Update record
         record.score = calculation.score;
         record.level = calculation.level;
         record.components = calculation.components;
-        record.factorScores = calculation.factorScores;
         record.lastCalculatedAt = new Date().toISOString();
+        record.readinessCheckpointIndex = 0;
+        record.deferredReadinessMultiplier = 1;
+        record.readinessBaselineScore = calculation.score;
+        record.freshnessCheckpointIndex = 0;
+        record.deferredFreshnessMultiplier = 1;
+        record.freshnessBaselineScore = calculation.score;
         // Record history if significant change
         if (Math.abs(calculation.score - previousScore) >= 10) {
             record.history.push({
@@ -586,6 +1099,8 @@ export class TrustEngine extends EventEmitter {
                 direction: calculation.level > previousLevel ? 'promoted' : 'demoted',
             });
         }
+        // Commit state to verifier if configured
+        this._verifier?.commitState(signal.entityId, calculation.score, calculation.level, record.signals.length);
         // Auto-persist if enabled
         await this.autoPersistRecord(record);
         logger.debug({
@@ -599,11 +1114,6 @@ export class TrustEngine extends EventEmitter {
      */
     async initializeEntity(entityId, initialLevel = 1) {
         const score = TRUST_THRESHOLDS[initialLevel].min;
-        // Initialize all 16 factors to 0.5
-        const initialFactorScores = {};
-        for (const code of FACTOR_CODES) {
-            initialFactorScores[code] = 0.5;
-        }
         const record = {
             entityId,
             score,
@@ -614,7 +1124,6 @@ export class TrustEngine extends EventEmitter {
                 identity: 0.5,
                 context: 0.5,
             },
-            factorScores: initialFactorScores,
             signals: [],
             lastCalculatedAt: new Date().toISOString(),
             history: [
@@ -625,11 +1134,20 @@ export class TrustEngine extends EventEmitter {
                     timestamp: new Date().toISOString(),
                 },
             ],
+            recentFailures: [],
             recentSuccesses: [],
             peakScore: score,
             consecutiveSuccesses: 0,
+            readinessCheckpointIndex: 0,
+            deferredReadinessMultiplier: 1,
+            readinessBaselineScore: score,
+            freshnessCheckpointIndex: 0,
+            deferredFreshnessMultiplier: 1,
+            freshnessBaselineScore: score,
         };
         this.records.set(entityId, record);
+        // Commit initial state to verifier if configured
+        this._verifier?.commitState(entityId, score, initialLevel, 0);
         // Auto-persist if enabled
         await this.autoPersistRecord(record);
         // Emit initialized event
@@ -644,87 +1162,70 @@ export class TrustEngine extends EventEmitter {
         return record;
     }
     /**
-     * Get all entity IDs
-     */
-    getEntityIds() {
-        return Array.from(this.records.keys());
-    }
-    /**
-     * Get trust level name
-     */
-    getLevelName(level) {
-        return TRUST_LEVEL_NAMES[level];
-    }
-    /**
-     * Generate a human-readable explanation of an entity's current trust score.
-     *
-     * Provides full transparency into how the score was computed, including
-     * per-factor contributions, decay status, and what's needed to advance.
-     *
-     * @example
-     * ```ts
-     * const explanation = await engine.explainScore('agent-123');
-     * console.log(`Score: ${explanation.score} (${explanation.levelName})`);
-     * console.log(`Top factor: ${explanation.topPositiveFactors[0]}`);
-     * console.log(`Points to next tier: ${explanation.pointsToNextLevel}`);
-     * ```
+     * Explain a trust score with full factor breakdown
      */
     async explainScore(entityId) {
         const record = this.records.get(entityId);
         if (!record) {
-            throw new Error(`Entity not found: ${entityId}`);
+            throw new Error('Entity not found');
         }
-        const signals = record.signals ?? [];
-        const factorScores = this.calculateFactorScores(signals);
-        // Build factor breakdown
+        const level = record.level;
+        const levelName = TRUST_LEVEL_NAMES[level] ?? 'Unknown';
+        const levelRange = TRUST_THRESHOLDS[level];
+        // Build factor breakdown from recorded signals
         const factorBreakdown = FACTOR_CODES.map((code) => {
-            const weight = FACTOR_WEIGHTS[code];
-            const rawScore = factorScores[code];
-            const contribution = Math.round(rawScore * weight * 1000 * 100) / 100;
-            return { code, weight, rawScore, contribution };
+            const weight = FACTOR_WEIGHTS[code] ?? 0;
+            // Calculate raw score for this factor from matching signals
+            const matchingSignals = record.signals.filter((s) => s.type.startsWith(code + '.') || s.type === code);
+            const rawScore = matchingSignals.length > 0
+                ? matchingSignals.reduce((sum, s) => sum + s.value, 0) / matchingSignals.length
+                : 0;
+            return {
+                code,
+                weight,
+                rawScore,
+                contribution: rawScore * weight * 1000,
+            };
         });
-        // Sort for top positive/negative
-        const sorted = [...factorBreakdown].sort((a, b) => b.contribution - a.contribution);
-        const midpoint = 0.5; // Neutral factor score
-        const topPositiveFactors = sorted
-            .filter((f) => f.rawScore > midpoint)
-            .slice(0, 5)
-            .map((f) => f.code);
-        const topNegativeFactors = sorted
-            .filter((f) => f.rawScore < midpoint)
-            .sort((a, b) => a.contribution - b.contribution)
-            .slice(0, 5)
-            .map((f) => f.code);
-        // Calculate decay
-        const lastSignalTime = signals.length > 0
-            ? Math.max(...signals.map((s) => new Date(s.timestamp).getTime()))
-            : null;
-        const daysSinceLastSignal = lastSignalTime !== null
-            ? (Date.now() - lastSignalTime) / (24 * 60 * 60 * 1000)
-            : null;
-        const decayMultiplier = daysSinceLastSignal !== null
-            ? calculateDecayMultiplier(daysSinceLastSignal)
-            : 1.0;
+        // Days since last signal
+        let daysSinceLastSignal = null;
+        if (record.signals.length > 0) {
+            const lastSignal = record.signals[record.signals.length - 1];
+            const lastTimestamp = new Date(lastSignal.timestamp).getTime();
+            daysSinceLastSignal = (Date.now() - lastTimestamp) / (1000 * 60 * 60 * 24);
+        }
         // Points to next level
-        const currentLevel = record.level;
-        const nextLevelThreshold = currentLevel < 7 ? TRUST_THRESHOLDS[(currentLevel + 1)] : null;
-        const pointsToNextLevel = nextLevelThreshold !== null ? nextLevelThreshold.min - record.score : null;
+        let pointsToNextLevel = null;
+        const nextLevel = (level + 1);
+        if (TRUST_THRESHOLDS[nextLevel]) {
+            pointsToNextLevel = TRUST_THRESHOLDS[nextLevel].min - record.score;
+        }
         return {
             entityId,
             score: record.score,
-            level: currentLevel,
-            levelName: TRUST_LEVEL_NAMES[currentLevel],
-            levelRange: TRUST_THRESHOLDS[currentLevel],
-            pointsToNextLevel: pointsToNextLevel !== null && pointsToNextLevel > 0 ? pointsToNextLevel : null,
-            signalCount: signals.length,
+            level,
+            levelName,
+            levelRange,
+            signalCount: record.signals.length,
             factorBreakdown,
-            topPositiveFactors,
-            topNegativeFactors,
-            decayMultiplier: Math.round(decayMultiplier * 1000) / 1000,
-            daysSinceLastSignal: daysSinceLastSignal !== null ? Math.round(daysSinceLastSignal * 100) / 100 : null,
+            daysSinceLastSignal,
+            decayMultiplier: 1.0,
+            pointsToNextLevel,
             generatedAt: new Date().toISOString(),
         };
     }
+    /**
+     * Get all entity IDs
+     */
+    getEntityIds() {
+        return Array.from(this.records.keys());
+    }
+    /**
+     * Get trust level name
+     */
+    getLevelName(level) {
+        return TRUST_LEVEL_NAMES[level];
+    }
     /**
      * Convert score to trust level
      */
@@ -737,61 +1238,70 @@ export class TrustEngine extends EventEmitter {
         return 0;
     }
     /**
-     * @deprecated Use calculateFactorScores for 16-factor model. Kept for backwards compatibility.
      * Calculate component scores from signals
      */
-    calculateComponents(signals) {
-        // Group signals by type
-        const behavioral = signals.filter((s) => s.type.startsWith('behavioral.'));
-        const compliance = signals.filter((s) => s.type.startsWith('compliance.'));
-        const identity = signals.filter((s) => s.type.startsWith('identity.'));
-        const context = signals.filter((s) => s.type.startsWith('context.'));
-        return {
-            behavioral: this.averageSignalValue(behavioral, 0.5),
-            compliance: this.averageSignalValue(compliance, 0.5),
-            identity: this.averageSignalValue(identity, 0.5),
-            context: this.averageSignalValue(context, 0.5),
-        };
-    }
-    /**
-     * Calculate per-factor scores from signals.
-     * Signals can use either:
-     *   - Factor code prefix (e.g. 'CT-COMP.success')
-     *   - Legacy bucket prefix (e.g. 'behavioral.success') — mapped to factors via SIGNAL_PREFIX_TO_FACTORS
-     */
-    calculateFactorScores(signals) {
-        const factorSignals = {};
-        // Initialize all factors
-        for (const code of FACTOR_CODES) {
-            factorSignals[code] = [];
-        }
-        for (const signal of signals) {
-            const prefix = signal.type.split('.')[0];
-            // Check if it's a direct factor code
-            if (FACTOR_CODES.includes(prefix)) {
-                factorSignals[prefix].push(signal);
+    calculateComponents(signals, currentLevel) {
+        // Group signals by component — supports both legacy 4-prefix types
+        // (e.g. "behavioral.task_completion") and 16-factor code types
+        // (e.g. "CT-COMP.perfect") via FACTOR_TO_COMPONENT mapping.
+        const behavioral = [];
+        const compliance = [];
+        const identity = [];
+        const context = [];
+        for (const s of signals) {
+            // Legacy 4-prefix routing
+            if (s.type.startsWith('behavioral.')) {
+                behavioral.push(s);
+                continue;
+            }
+            if (s.type.startsWith('compliance.')) {
+                compliance.push(s);
                 continue;
             }
-            // Check if it's a legacy bucket prefix
-            const mappedFactors = SIGNAL_PREFIX_TO_FACTORS[prefix];
-            if (mappedFactors) {
-                // Distribute signal across mapped factors
-                for (const factorCode of mappedFactors) {
-                    factorSignals[factorCode].push(signal);
+            if (s.type.startsWith('identity.')) {
+                identity.push(s);
+                continue;
+            }
+            if (s.type.startsWith('context.')) {
+                context.push(s);
+                continue;
+            }
+            // 16-factor code routing: extract prefix before the first '.'
+            const dotIndex = s.type.indexOf('.');
+            const prefix = dotIndex > 0 ? s.type.substring(0, dotIndex) : s.type;
+            const component = FACTOR_TO_COMPONENT[prefix];
+            if (component) {
+                switch (component) {
+                    case 'behavioral':
+                        behavioral.push(s);
+                        break;
+                    case 'compliance':
+                        compliance.push(s);
+                        break;
+                    case 'identity':
+                        identity.push(s);
+                        break;
+                    case 'context':
+                        context.push(s);
+                        break;
                 }
             }
         }
-        // Calculate average score for each factor
-        const scores = {};
-        for (const code of FACTOR_CODES) {
-            scores[code] = this.averageSignalValue(factorSignals[code], 0.5);
-        }
-        return scores;
+        return {
+            behavioral: this.averageSignalValue(behavioral, 0.5, currentLevel),
+            compliance: this.averageSignalValue(compliance, 0.5, currentLevel),
+            identity: this.averageSignalValue(identity, 0.5, currentLevel),
+            context: this.averageSignalValue(context, 0.5, currentLevel),
+        };
     }
     /**
-     * Calculate average signal value with default
+     * Calculate average signal value with default.
+     *
+     * Applies the BASIS penalty ratio P(T) = 3 + T to negative signals:
+     * negative signal weights are multiplied by (3 + currentTier) so that
+     * higher-tier agents suffer proportionally larger score drops from failures.
      */
-    averageSignalValue(signals, defaultValue) {
+    averageSignalValue(signals, defaultValue, currentLevel) {
         if (signals.length === 0)
             return defaultValue;
         // Weight recent signals more heavily
@@ -800,12 +1310,176 @@ export class TrustEngine extends EventEmitter {
         let totalWeight = 0;
         for (const signal of signals) {
             const age = now - new Date(signal.timestamp).getTime();
-            const weight = Math.exp(-age / (7 * 24 * 60 * 60 * 1000)); // 7-day half-life
-            weightedSum += signal.value * weight;
+            let weight = Math.exp(-age / (7 * 24 * 60 * 60 * 1000)); // 7-day signal recency weight (distinct from 182-day trust decay)
+            // BASIS penalty ratio: amplify weight of negative signals by P(T) = 3 + T.
+            // A negative signal is one whose value falls below the neutral default (0.5).
+            // This counteracts EWA dilution at higher tiers, ensuring that failures
+            // at T7 (10× weight) hurt far more than failures at T0 (3× weight).
+            if (signal.value < defaultValue) {
+                weight *= penaltyMultiplier(currentLevel);
+            }
+            const adjustedValue = this.adjustSignalValueForTier(signal, defaultValue, currentLevel);
+            weightedSum += adjustedValue * weight;
             totalWeight += weight;
         }
         return totalWeight > 0 ? weightedSum / totalWeight : defaultValue;
     }
+    /**
+     * Human/manual positive approvals carry less upward impact at higher tiers.
+     */
+    adjustSignalValueForTier(signal, defaultValue, currentLevel) {
+        if (!this.isHumanApprovalSignal(signal) || signal.value <= defaultValue) {
+            return signal.value;
+        }
+        const assistFactor = this.getHumanApprovalAssistFactor(currentLevel);
+        return defaultValue + (signal.value - defaultValue) * assistFactor;
+    }
+    isHumanApprovalSignal(signal) {
+        const source = signal.source?.toLowerCase() ?? '';
+        return source === 'manual' || source === 'human' || source === 'human_review' || source === 'human-approval';
+    }
+    getHumanApprovalAssistFactor(level) {
+        switch (level) {
+            case 0:
+            case 1:
+                return 1.0;
+            case 2:
+                return 0.85;
+            case 3:
+                return 0.7;
+            case 4:
+                return 0.55;
+            case 5:
+                return 0.4;
+            case 6:
+                return 0.3;
+            case 7:
+                return 0.2;
+            default:
+                return 1.0;
+        }
+    }
+    /**
+     * Resolve which component bucket a signal type belongs to.
+     * Returns the component key or undefined if the signal type is unrecognized.
+     */
+    resolveSignalComponent(signalType) {
+        // Legacy 4-prefix routing
+        if (signalType.startsWith('behavioral.'))
+            return 'behavioral';
+        if (signalType.startsWith('compliance.'))
+            return 'compliance';
+        if (signalType.startsWith('identity.'))
+            return 'identity';
+        if (signalType.startsWith('context.'))
+            return 'context';
+        // 16-factor code routing: extract prefix before the first '.'
+        const dotIndex = signalType.indexOf('.');
+        const prefix = dotIndex > 0 ? signalType.substring(0, dotIndex) : signalType;
+        return Object.hasOwn(FACTOR_TO_COMPONENT, prefix) ? FACTOR_TO_COMPONENT[prefix] : undefined;
+    }
+    /**
+     * Create a fresh empty CachedScoreState.
+     */
+    createEmptyCacheState() {
+        return {
+            behavioral: { weightedSum: 0, totalWeight: 0, count: 0 },
+            compliance: { weightedSum: 0, totalWeight: 0, count: 0 },
+            identity: { weightedSum: 0, totalWeight: 0, count: 0 },
+            context: { weightedSum: 0, totalWeight: 0, count: 0 },
+            lastFullRecalcAt: 0,
+        };
+    }
+    /**
+     * Build the score cache from a full recalculation of all stored signals.
+     * This mirrors the logic in averageSignalValue but captures the running totals.
+     */
+    buildCacheFromSignals(signals, currentLevel, entityId) {
+        const cache = this.createEmptyCacheState();
+        cache.lastFullRecalcAt = signals.length;
+        const now = Date.now();
+        const defaultValue = 0.5;
+        for (const signal of signals) {
+            const component = this.resolveSignalComponent(signal.type);
+            if (!component)
+                continue;
+            const bucket = cache[component];
+            const age = now - new Date(signal.timestamp).getTime();
+            let weight = Math.exp(-age / (7 * 24 * 60 * 60 * 1000));
+            // BASIS penalty ratio: amplify weight of negative signals
+            if (signal.value < defaultValue) {
+                weight *= penaltyMultiplier(currentLevel);
+            }
+            const adjustedValue = this.adjustSignalValueForTier(signal, defaultValue, currentLevel);
+            bucket.weightedSum += adjustedValue * weight;
+            bucket.totalWeight += weight;
+            bucket.count++;
+        }
+        this._scoreCache.set(entityId, cache);
+        return cache;
+    }
+    /**
+     * Incrementally update the cached score state with a single new signal.
+     * Returns the updated TrustCalculation. This is O(1) per signal.
+     */
+    incrementalUpdate(signal, currentLevel) {
+        const cache = this._scoreCache.get(signal.entityId);
+        if (!cache) {
+            // Should never happen — caller must ensure cache exists
+            throw new Error('Incremental update called without cache');
+        }
+        const component = this.resolveSignalComponent(signal.type);
+        const defaultValue = 0.5;
+        if (component) {
+            const bucket = cache[component];
+            const now = Date.now();
+            const age = now - new Date(signal.timestamp).getTime();
+            let weight = Math.exp(-age / (7 * 24 * 60 * 60 * 1000));
+            if (signal.value < defaultValue) {
+                weight *= penaltyMultiplier(currentLevel);
+            }
+            const adjustedValue = this.adjustSignalValueForTier(signal, defaultValue, currentLevel);
+            bucket.weightedSum += adjustedValue * weight;
+            bucket.totalWeight += weight;
+            bucket.count++;
+        }
+        // Derive component averages from cache
+        const components = {
+            behavioral: cache.behavioral.totalWeight > 0
+                ? cache.behavioral.weightedSum / cache.behavioral.totalWeight
+                : defaultValue,
+            compliance: cache.compliance.totalWeight > 0
+                ? cache.compliance.weightedSum / cache.compliance.totalWeight
+                : defaultValue,
+            identity: cache.identity.totalWeight > 0
+                ? cache.identity.weightedSum / cache.identity.totalWeight
+                : defaultValue,
+            context: cache.context.totalWeight > 0
+                ? cache.context.weightedSum / cache.context.totalWeight
+                : defaultValue,
+        };
+        // Calculate weighted total (same formula as calculate())
+        const score = Math.round(components.behavioral * SIGNAL_WEIGHTS.behavioral * 1000 +
+            components.compliance * SIGNAL_WEIGHTS.compliance * 1000 +
+            components.identity * SIGNAL_WEIGHTS.identity * 1000 +
+            components.context * SIGNAL_WEIGHTS.context * 1000);
+        const clampedScore = Math.max(0, Math.min(1000, score));
+        const level = this.scoreToLevel(clampedScore);
+        const factors = this.getSignificantFactors(components);
+        return { score: clampedScore, level, components, factors };
+    }
+    /**
+     * Invalidate the incremental score cache for an entity,
+     * forcing the next recordSignal to do a full recalculation.
+     */
+    invalidateScoreCache(entityId) {
+        if (entityId) {
+            this._scoreCache.delete(entityId);
+        }
+        else {
+            this._scoreCache.clear();
+        }
+    }
     /**
      * Get significant factors affecting the score
      */
@@ -825,16 +1499,97 @@ export class TrustEngine extends EventEmitter {
         }
         return factors;
     }
+    /**
+     * Apply signal deduplication with diminishing returns.
+     *
+     * Tracks recent signal types per entity within a sliding window. When the same
+     * signal type appears consecutively (within the window), its effective value is
+     * pulled toward 0.5 (neutral) by an exponentially decaying factor. This prevents
+     * replay attacks from inflating or deflating trust scores while still allowing
+     * legitimate repeated signals to have some (diminished) impact.
+     *
+     * The adjustment formula moves the value toward 0.5 (the neutral baseline):
+     *   adjustedValue = 0.5 + (originalValue - 0.5) * factor
+     *
+     * This means:
+     * - Positive signals (value > 0.5) have their positive impact reduced
+     * - Negative signals (value < 0.5) have their negative impact reduced
+     * - A value of exactly 0.5 is never adjusted
+     */
+    applySignalDedup(signal) {
+        const originalValue = signal.value;
+        if (!this._signalDedupEnabled) {
+            return { adjusted: false, value: originalValue, originalValue, factor: 1, repeatCount: 0 };
+        }
+        const now = Date.now();
+        const signalTs = new Date(signal.timestamp).getTime() || now;
+        // Get or create entity dedup history
+        let history = this._dedupState.get(signal.entityId);
+        if (!history) {
+            history = [];
+            this._dedupState.set(signal.entityId, history);
+        }
+        // Prune entries outside the time window and enforce window size
+        history = history.filter((entry) => now - entry.timestamp < this._signalDedupWindowMs);
+        if (history.length > this._signalDedupWindowSize) {
+            history = history.slice(-this._signalDedupWindowSize);
+        }
+        // Count consecutive occurrences of this signal type (from most recent backwards)
+        let repeatCount = 0;
+        for (let i = history.length - 1; i >= 0; i--) {
+            if (history[i].type === signal.type) {
+                repeatCount++;
+            }
+            else {
+                break; // Stop counting when a different signal type is encountered
+            }
+        }
+        // Record this signal in the dedup history
+        history.push({ type: signal.type, timestamp: signalTs });
+        // Enforce window size after push
+        if (history.length > this._signalDedupWindowSize) {
+            history = history.slice(-this._signalDedupWindowSize);
+        }
+        this._dedupState.set(signal.entityId, history);
+        // No adjustment needed for first occurrence
+        if (repeatCount === 0) {
+            return { adjusted: false, value: originalValue, originalValue, factor: 1, repeatCount: 0 };
+        }
+        // Calculate diminishing factor: decayFactor^repeatCount, floored at minFactor
+        const rawFactor = Math.pow(this._signalDedupDecayFactor, repeatCount);
+        const factor = Math.max(rawFactor, this._signalDedupMinFactor);
+        // Pull value toward 0.5 (neutral) by the diminishing factor
+        const adjustedValue = 0.5 + (originalValue - 0.5) * factor;
+        return {
+            adjusted: true,
+            value: Math.max(0, Math.min(1, adjustedValue)),
+            originalValue,
+            factor,
+            repeatCount,
+        };
+    }
+    /**
+     * Check whether signal deduplication is enabled
+     */
+    get signalDedupEnabled() {
+        return this._signalDedupEnabled;
+    }
+    /**
+     * Clear dedup state for an entity (useful for testing or resets)
+     */
+    clearDedupState(entityId) {
+        if (entityId) {
+            this._dedupState.delete(entityId);
+        }
+        else {
+            this._dedupState.clear();
+        }
+    }
     /**
      * Create initial trust record
      */
     createInitialRecord(entityId) {
         const initialScore = TRUST_THRESHOLDS[1].min;
-        // Initialize all 16 factors to 0.5
-        const initialFactorScores = {};
-        for (const code of FACTOR_CODES) {
-            initialFactorScores[code] = 0.5;
-        }
         return {
             entityId,
             score: initialScore, // Start at L1 (Provisional) minimum
@@ -845,14 +1600,83 @@ export class TrustEngine extends EventEmitter {
                 identity: 0.5,
                 context: 0.5,
             },
-            factorScores: initialFactorScores,
             signals: [],
             lastCalculatedAt: new Date().toISOString(),
             history: [],
+            recentFailures: [],
             recentSuccesses: [],
             peakScore: initialScore,
             consecutiveSuccesses: 0,
+            readinessCheckpointIndex: 0,
+            deferredReadinessMultiplier: 1,
+            readinessBaselineScore: initialScore,
+            freshnessCheckpointIndex: 0,
+            deferredFreshnessMultiplier: 1,
+            freshnessBaselineScore: initialScore,
+        };
+    }
+    /**
+     * Configure a time-bound Readiness Degree exception for an entity.
+     */
+    setReadinessException(entityId, options) {
+        const record = this.records.get(entityId);
+        if (!record) {
+            throw new Error(`Entity not found: ${entityId}`);
+        }
+        this.validateReadinessExceptionOptions(options);
+        this.ensureReadinessState(record);
+        record.readinessException = {
+            reason: options.reason,
+            issuedAt: new Date().toISOString(),
+            expiresAt: options.expiresAt,
+            reductionScale: clampReductionScale(options.reductionScale),
         };
+        record.freshnessException = record.readinessException;
+    }
+    /**
+     * @deprecated Use setReadinessException.
+     */
+    setFreshnessException(entityId, options) {
+        this.setReadinessException(entityId, options);
+    }
+    /**
+     * Clear Readiness Degree exception for an entity.
+     */
+    clearReadinessException(entityId) {
+        const record = this.records.get(entityId);
+        if (!record) {
+            return;
+        }
+        delete record.readinessException;
+        delete record.freshnessException;
+    }
+    /**
+     * @deprecated Use clearReadinessException.
+     */
+    clearFreshnessException(entityId) {
+        this.clearReadinessException(entityId);
+    }
+    /**
+     * Get active Readiness Degree exception for an entity.
+     */
+    getReadinessException(entityId) {
+        const record = this.records.get(entityId);
+        return record?.readinessException ?? record?.freshnessException;
+    }
+    /**
+     * @deprecated Use getReadinessException.
+     */
+    getFreshnessException(entityId) {
+        return this.getReadinessException(entityId);
+    }
+    /**
+     * Check if accelerated decay is currently active for an entity
+     */
+    isAcceleratedDecayActive(entityId) {
+        const record = this.records.get(entityId);
+        if (!record)
+            return false;
+        return this.hasAcceleratedDecay(record);
     }
     /**
      * Check if accelerated recovery is currently active for an entity
@@ -863,6 +1687,16 @@ export class TrustEngine extends EventEmitter {
             return false;
         return this.hasAcceleratedRecovery(record);
     }
+    /**
+     * Get current failure count for an entity
+     */
+    getFailureCount(entityId) {
+        const record = this.records.get(entityId);
+        if (!record)
+            return 0;
+        this.cleanupFailures(record);
+        return record.recentFailures.length;
+    }
     /**
      * Get consecutive success count for an entity
      */
@@ -881,6 +1715,34 @@ export class TrustEngine extends EventEmitter {
             return 0;
         return record.peakScore;
     }
+    /**
+     * Verify an entity's trust score against its verifier commitment chain.
+     * Requires a TrustVerifier to be configured; throws if none is set.
+     */
+    verifyEntity(entityId) {
+        if (!this._verifier) {
+            throw new Error('No TrustVerifier configured');
+        }
+        const record = this.records.get(entityId);
+        if (!record) {
+            throw new Error('Entity not found');
+        }
+        return this._verifier.verifyAgent(entityId, record.score, record.level);
+    }
+    /**
+     * Verify all tracked entities against the verifier commitment chain.
+     * Requires a TrustVerifier to be configured; throws if none is set.
+     */
+    verifyAll() {
+        if (!this._verifier) {
+            throw new Error('No TrustVerifier configured');
+        }
+        const scores = new Map();
+        for (const [id, record] of this.records) {
+            scores.set(id, { score: record.score, tier: record.level });
+        }
+        return this._verifier.verifyAll(scores);
+    }
 }
 /**
  * Create a new Trust Engine instance