[ddfproof]

looked at the repo — the bypass attack test caught my eye.

strip job_snapshot, recompute hashes, rebuild manifest — hash-only verifier passes silently.

how common is this attack in practice? like do you actually see people trying to game verification systems this way or is it more of a theoretical concern you're protecting against?

[ddfproof]

Also, just wanted to say the site itself looks really well put together. The layout is clean, everything is easy to follow, and the overall presentation feels polished. It’s genuinely pleasant to browse through and explore the project. Nice work on that.

[Lama9901]

spent a lot of time on that. the whole idea of the site was proof not trust, so it had to actually feel like that, not just say it.

[Lama9901]

mostly theoretical right now — but that's the point of building it before it's needed.

anyone submitting results for audit or regulatory review has an incentive to make numbers look right. strip the evidence, recompute hashes — if only integrity is being checked, the attack is silent and undetectable.

i kept asking myself "what would i do if i wanted to cheat this?" that was the first answer. so it became an adversarial test: tests/steward/test_cert02_*

the protocol shouldn't assume good faith. especially not in regulated domains.

and thanks on the site — built that solo too.