Update demo3

2025-12-22 20:53:46 +00:00
20 changed files with 13141 additions and 2437 deletions
--- a/ANNEX_MODEL_FEEDBACK.md
+++ b/ANNEX_MODEL_FEEDBACK.md
@ -30,7 +30,7 @@ The revised assessment is included specifically to show how time-to-output alter
 Within ~12 weeks, the author produced:
-* Protocol-level governance architectures (IF.TRANSIT.MESSAGE, IF.TTT, IF.GOV.TRIAGE, IF.GOV.PANEL)
+* Protocol-level governance architectures (IF.PACKET, IF.TTT, IF.BIAS, IF.GUARD)
 * Working implementations (Redis-backed agent coordination, transport-layer governance)
 * A deployed product (IF.emotion)
 * A 31,000+ line, cross-referenced technical dossier
@ -213,7 +213,7 @@ Here's how I'd separate them:
 GDPR looked like paranoid over-regulation in 2016. By 2020, after Cambridge Analytica and dozens of breaches, it looked prescient.
-**IF.STORY/IF.GOV.PANEL could go either way:**
+**IF.STORY/IF.GUARD could go either way:**
 **Black Mirror outcome:** We build this elaborate governance stack, AI capabilities plateau, and we've just created compliance overhead for systems that could have been simple API calls.
@ -288,3 +288,4 @@ That's the actual Black Mirror plot: The infrastructure to prevent the disaster
 | Extraction window | JSON `messages[8]..messages[11]` (inclusive) |
 | Imported into dossier (UTC) | `2025-12-22T01:21:24Z` |
 | Integrity note | This is an excerpt; the exported assistant text contains an explicit truncation marker (`…4462 chars truncated…`). For full context, follow the source link. |
--- a/DANNY_STOCKER_INFRAFABRIC_DOSSIER.md
+++ b/DANNY_STOCKER_INFRAFABRIC_DOSSIER.md
--- a/DANNY_STOCKER_INFRAFABRIC_DOSSIER_DATA_DRIVEN_EDITION_FULL.md
+++ b/DANNY_STOCKER_INFRAFABRIC_DOSSIER_DATA_DRIVEN_EDITION_FULL.md
--- a/DANNY_STOCKER_INFRAFABRIC_DOSSIER_SUBMISSION_EDITION.md
+++ b/DANNY_STOCKER_INFRAFABRIC_DOSSIER_SUBMISSION_EDITION.md
@ -26,6 +26,7 @@
 This submission uses a refactor namespace to reduce lexicon friction:
 - `IF.GOV.*` (governance), `IF.SECURITY.*` (security), `IF.TRANSIT.*` (transport), `IF.AUDIT.*` (audit artifacts)
 - Legacy names may appear in embedded papers; first-mention annotations use the form `IF.GOV.PANEL (legacy: IF.GUARD)`
 Canonical docs: `IF_NAMING_BIBLE_v1.0.md`, `IF_NAMING_REGISTRY.yaml`, and `gov/` (in the source repo).
@ -52,8 +53,8 @@ This project follows an Operator-as-Architect workflow: I define constraints, in
 | Core claim | Proof (artifact) | Boundary / limitation |
 |---|---|---|
 | **A) Traceability is a safety primitive.** High‑stakes agent actions require verifiable provenance. | IF.emotion trace protocol + evidence bundle + verifier (see §5). | **Microlab / single shard.** Guarantees begin at the backend witness boundary; edge completeness is future work. |
-| **B) Governance needs structured dissent.** One-model “judge” patterns are brittle. | IF.GOV.TRIAGE + IF.GOV.PANEL traced via IF.TTT / IF.AUDIT.TRAIL. | **Cost/latency.** Multi-seat governance is reserved for higher-stakes decisions; low-stakes paths stay fast. |
+| **B) Governance needs structured dissent.** One-model “judge” patterns are brittle. | IF.GOV.TRIAGE *(legacy: IF.BIAS)* + IF.GOV.PANEL *(legacy: IF.GUARD)* traced via IF.TTT / IF.AUDIT.TRAIL. | **Cost/latency.** Multi-seat governance is reserved for higher-stakes decisions; low-stakes paths stay fast. |
-| **C) Context is a security control.** Static filters fail; provenance + coherence checks reduce unsafe drift. | IF.SECURITY.CHECK + IF.SECURITY.DETECT integrated into the pipeline. | **Domain calibration.** Strongest for concrete surfaces (secrets/PII/prompt injection); general harmful-intent is open research. |
+| **C) Context is a security control.** Static filters fail; provenance + coherence checks reduce unsafe drift. | IF.SECURITY.CHECK *(legacy: IF.ARMOUR)* + IF.SECURITY.DETECT *(legacy: IF.YOLOGUARD)* integrated into the pipeline. | **Domain calibration.** Strongest for concrete surfaces (secrets/PII/prompt injection); general harmful-intent is open research. |
 ---
--- a/DANNY_STOCKER_INFRAFABRIC_DOSSIER_SUBMISSION_EDITION_FULL.md
+++ b/DANNY_STOCKER_INFRAFABRIC_DOSSIER_SUBMISSION_EDITION_FULL.md
--- a/IF_DOC_HANDLE_REGISTRY.yaml
+++ b/IF_DOC_HANDLE_REGISTRY.yaml
@ -1,51 +0,0 @@
 version: "1.2"
 date_utc: "2025-12-23"
 status: "draft-canonical"
 policy:
  - "Canonical `if://doc/*` handles use the canonical naming contract (IF.GOV/IF.SECURITY/IF.TRANSIT/IF.AUDIT)."
  - "Public docs should reference canonical handles only (no alternate vocabularies)."
 entries:
  - canonical: "if://doc/IF_GOV_QUESTIONS_STRUCTURED_INQUIRY_FRAMEWORK/v1.0"
    sources:
      - "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md (embedded inquiry framework paper)"
      - "gov/QUESTIONS.md"
    description: "IF.GOV.QUESTIONS structured inquiry framework."
  - canonical: "if://doc/IF_GOV_TRIAGE_PRECOUNCIL_MATRIX/v1.0"
    sources:
      - "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md (embedded pre-council triage matrix paper)"
      - "gov/TRIAGE.md"
    description: "IF.GOV.TRIAGE preflight risk matrix."
  - canonical: "if://doc/IF_GOV_PANEL_COUNCIL_FRAMEWORK/v1.0"
    sources:
      - "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md (embedded governance panel framework paper)"
      - "gov/PANEL.md"
    description: "IF.GOV.PANEL council framework."
  - canonical: "if://doc/IF_GOV_PANEL_RESEARCH_SUMMARY/v1.0"
    sources:
      - "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md (embedded governance panel research summary paper)"
    description: "IF.GOV.PANEL research summary."
  - canonical: "if://doc/IF_TRANSIT_MESSAGE_TRANSPORT_FRAMEWORK/v1.0"
    sources:
      - "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md (embedded message transport framework paper)"
    description: "IF.TRANSIT.MESSAGE transport framework + swarm coordination notes."
  - canonical: "if://doc/IF_SECURITY_DETECT_FRAMEWORK/v1.0"
    sources:
      - "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md (embedded secret screening framework paper)"
    description: "IF.SECURITY.DETECT secret screening framework."
  - canonical: "if://doc/IF_SECURITY_CHECK_BIO_FP_REDUCTION/v1.0"
    sources:
      - "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md (embedded bio false-positive reduction paper)"
    description: "IF.SECURITY.CHECK bio false-positive reduction paper."
  - canonical: "if://doc/IF_TRANSIT_HUB_WHITEPAPER/v2.0.0"
    sources:
      - "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md (embedded kinetic transport whitepaper v2.0.0)"
    description: "IF.TRANSIT.HUB motherboard/kinetic transport whitepaper."
--- a/IF_MONIKERS_USED.md
+++ b/IF_MONIKERS_USED.md
@ -1,29 +1,35 @@
 # IF.* / if.* monikers found in `DANNY_STOCKER_INFRAFABRIC_DOSSIER.md`
 ## IF.* (protocol/moniker tokens)
-Unique: 181
+
 Unique: 195
 | Token | Count |
 |---|---:|
-| `IF.TTT` | 417 |
+| `IF.TTT` | 418 |
-| `IF.emotion` | 265 |
+| `IF.emotion` | 264 |
-| `IF.GOV.PANEL` | 257 |
+| `IF.GUARD` | 153 |
-| `IF.GOV.QUESTIONS` | 106 |
+| `IF.5W` | 105 |
-| `IF.SECURITY.DETECT` | 99 |
+| `IF.bus` | 66 |
-| `IF.TRANSIT.HUB` | 89 |
+| `IF.guard` | 62 |
-| `IF.SECURITY.CHECK` | 62 |
+| `IF.PACKET` | 60 |
 | `IF.TRANSIT.MESSAGE` | 60 |
 | `IF.ground` | 58 |
-| `IF.GOV.TRIAGE` | 55 |
+| `IF.yologuard` | 58 |
 | `IF.BIAS` | 56 |
 | `IF.search` | 48 |
 | `IF.Guard` | 46 |
 | `IF.INTELLIGENCE` | 44 |
 | `IF.armour` | 41 |
 | `IF.persona` | 41 |
 | `IF.ARBITRATE` | 41 |
-| `IF.GOV.WITNESS` | 32 |
+| `IF.YOLOGUARD` | 38 |
 | `IF.STORY` | 29 |
 | `IF.witness` | 27 |
 | `IF.optimise` | 27 |
 | `IF.STORY` | 24 |
 | `IF.chase` | 24 |
 | `IF.foundations` | 23 |
 | `IF.arbitrate` | 22 |
 | `IF.BUS` | 21 |
 | `IF.CEO` | 21 |
 | `IF.simplify` | 21 |
 | `IF.garp` | 20 |
@ -32,28 +38,32 @@ Unique: 181
 | `IF.EMOTION` | 18 |
 | `IF.vesicle` | 18 |
 | `IF.ceo` | 18 |
 | `IF.ARMOUR` | 17 |
 | `IF.resource` | 17 |
 | `IF.swarm` | 17 |
 | `IF.GOV.PANEL` | 16 |
 | `IF.federate` | 15 |
 | `IF.intelligence` | 15 |
 | `IF.emotion.typist` | 15 |
 | `IF.PHIL` | 14 |
 | `IF.intelligence` | 14 |
 | `IF.vision` | 13 |
 | `IF.trace` | 13 |
 | `IF.TRANSIT.SWARM` | 12 |
 | `IF.router` | 11 |
 | `IF.philosophy` | 11 |
 | `IF.reflect` | 10 |
 | `IF.SEARCH` | 10 |
 | `IF.GOV.TRIAGE` | 9 |
 | `IF.SECURITY.CHECK` | 9 |
 | `IF.collapse` | 9 |
 | `IF.philosophy-database.yaml` | 9 |
 | `IF.TTT.ledgerflow.deltasync` | 8 |
-| `IF.SECURITY.CHECK.secrets.detect` | 8 |
+| `IF.SECURITY.DETECT` | 7 |
 | `IF.TRANSIT.MESSAGE` | 7 |
 | `IF.quiet` | 7 |
 | `IF.forge` | 7 |
 | `IF.story` | 7 |
 | `IF.citation` | 7 |
-| `IF.SECURITY.CHECK.secrets` | 7 |
+| `IF.GOV.QUESTIONS` | 6 |
 | `IF.TTT.ledgerflow.deltasync.REPO-RESTRUCTURE.WHITEPAPER.md` | 6 |
 | `IF.STORY_WHITE_PAPER_v7.02_FINAL.md` | 6 |
 | `IF.CRYPTOGRAPHY` | 6 |
@ -61,6 +71,9 @@ Unique: 181
 | `IF.memory` | 6 |
 | `IF.guardian-core-01` | 6 |
 | `IF.guardian-core-06` | 6 |
 | `IF.TRANSIT.SWARM` | 5 |
 | `IF.TRANSIT.HUB` | 5 |
 | `IF.GOV.WITNESS` | 5 |
 | `IF.core` | 5 |
 | `IF.veil` | 4 |
 | `IF.talent` | 4 |
@ -71,12 +84,13 @@ Unique: 181
 | `IF.URI` | 4 |
 | `IF.TTT.narrative.logging` | 4 |
 | `IF.Story` | 4 |
-| `IF.SECURITY.CHECK.detect-bridge` | 4 |
+| `IF.armour.yologuard-bridge` | 4 |
 | `IF.TTT-compliant` | 4 |
 | `IF.guard-POC` | 4 |
 | `IF.deliberate` | 4 |
 | `IF.AUDIT.TRAIL` | 3 |
 | `IF.marl` | 3 |
 | `IF.swarm.s2` | 3 |
 | `IF.proxy` | 3 |
 | `IF.geopolitical` | 3 |
 | `IF.CEO-idealistic-01` | 3 |
@ -111,6 +125,8 @@ Unique: 181
 | `IF.SECURITY` | 1 |
 | `IF.TRANSIT` | 1 |
 | `IF.AUDIT` | 1 |
 | `IF.WITNESS` | 1 |
 | `IF.SWARM.s2` | 1 |
 | `IF.DAVE` | 1 |
 | `IF.DOSSIER.ifstory-origin-story-02-the-fuck-moment` | 1 |
 | `IF.STORY.origin.02.fuck-moment` | 1 |
@ -119,11 +135,11 @@ Unique: 181
 | `IF.DOSSIER.infrafabric-ifvision-a-blueprint-for-coordination-without-control` | 1 |
 | `IF.brief-fast` | 1 |
 | `IF.DOSSIER.infrafabric-iffoundations-epistemology-investigation-and-agent-design` | 1 |
-| `IF.DOSSIER.ifsecuritycheck-biological-false-positive-reduction-in-adaptive-security-systems` | 1 |
+| `IF.DOSSIER.ifarmour-biological-false-positive-reduction-in-adaptive-security-systems` | 1 |
 | `IF.DOSSIER.ifwitness-meta-validation-as-architecture` | 1 |
 | `IF.subjectmap` | 1 |
 | `IF.pursuit` | 1 |
-| `IF.DOSSIER.ifsecuritydetect-a-confucian-philosophical-security-framework-for-secret-detection-and-relationship-based-credential-validation` | 1 |
+| `IF.DOSSIER.ifyologuard-a-confucian-philosophical-security-framework-for-secret-detection-and-relationship-based-credential-validation` | 1 |
 | `IF.DOSSIER.ifarbitrate-conflict-resolution-consensus-engineering` | 1 |
 | `IF.philosopher-eastern-01` | 1 |
 | `IF.philosopher-eastern-02` | 1 |
@ -132,7 +148,7 @@ Unique: 181
 | `IF.archive` | 1 |
 | `IF.Philosophy` | 1 |
 | `IF.TTT-auditable` | 1 |
-| `IF.DOSSIER.iftransitmessage-message-transport-framework-with-vocaldna-voice-layering` | 1 |
+| `IF.DOSSIER.ifpacket-message-transport-framework-with-vocaldna-voice-layering` | 1 |
 | `IF.Logistics.dispatch` | 1 |
 | `IF.Logistics.collect` | 1 |
 | `IF.Logistics` | 1 |
@ -147,11 +163,12 @@ Unique: 181
 | `IF.CITATION` | 1 |
 | `IF.TRACE` | 1 |
 | `IF.OPTIMISE` | 1 |
-| `IF.DOSSIER.ifgovtriage-bias-risk-pre-council-decision-matrix` | 1 |
+| `IF.DOSSIER.ifbias-bias-risk-pre-council-decision-matrix` | 1 |
-| `IF.GOV.TRIAGE.precouncil.matrix` | 1 |
+| `IF.BIAS.precouncil.matrix` | 1 |
-| `IF.DOSSIER.ifgovpanel-strategic-communications-council-for-ai-message-validation` | 1 |
+| `IF.DOSSIER.ifguard-strategic-communications-council-for-ai-message-validation` | 1 |
-| `IF.DOSSIER.ifgovpanel-research-summary-executive-overview` | 1 |
+| `IF.DOSSIER.ifguard-research-summary-executive-overview` | 1 |
-| `IF.DOSSIER.ifgovquestions-structured-inquiry-framework-for-panel-deliberations` | 1 |
+| `IF.GUARD_COUNCIL_FRAMEWORK.md` | 1 |
 | `IF.DOSSIER.if5w-structured-inquiry-framework-for-guardian-council-deliberations` | 1 |
 | `IF.COUNCIL` | 1 |
 | `IF.MEMORY` | 1 |
 | `IF.DOSSIER.instance-0-guardian-council-origins-evolution` | 1 |
@ -177,25 +194,28 @@ Unique: 181
 | `IF.FORMAT` | 1 |
 | `IF.DOSSIER.history-file-error-handling-test-report` | 1 |
 | `IF.DOSSIER.cloud-session-legal-document-database-build` | 1 |
-| `IF.DOSSIER.iftransithub-the-infrafabric-motherboard-architecture` | 1 |
+| `IF.DOSSIER.ifbus-the-infrafabric-motherboard-architecture` | 1 |
-| `IF.TRANSIT.HUB.v2.0.0` | 1 |
+| `IF.BUS.v2.0.0` | 1 |
 | `IF.redis` | 1 |
 | `IF.dds` | 1 |
 | `IF.TTT.philanthropy.grant` | 1 |
 | `IF.philosophy-database-v1.1-joe-coulombe.yaml` | 1 |
-| `IF.TRANSIT.SWARM.alpha` | 1 |
+| `IF.GUARD.v1` | 1 |
-| `IF.GOV.PANEL.v1` | 1 |
+
 ## if.* (lowercase tokens)
-Unique: 8
+
 Unique: 10
 | Token | Count |
 |---|---:|
 | `if.emotion` | 24 |
 | `if.api` | 16 |
 | `if.armour.secrets.detect` | 8 |
 | `if.bus` | 7 |
 | `if.armour.secrets` | 7 |
 | `if.legal` | 5 |
-| `if.transit.hub` | 3 |
+| `if.armour` | 4 |
 | `if.security.check` | 3 |
 | `if.ttt.ledgerflow.deltasync` | 3 |
 | `if.search` | 1 |
 | `if.infrafabric` | 1 |
--- a/IF_NAMING_BIBLE_v1.0.md
+++ b/IF_NAMING_BIBLE_v1.0.md
@ -91,8 +91,21 @@ Available domains (examples):
 Avoid:
 - `aka`, `|`, or “formerly” in the main prose
- 
+- treating internal legacy names as equal-status
-Deprecated aliases are intentionally omitted from reviewer-facing docs to avoid lexicon drift. Use canonical names consistently.
+
 ## Legacy → canonical mapping (v1)
 | Old name (legacy) | New name (canonical) |
 |---|---|
 | `IF.BIAS` | `IF.GOV.TRIAGE` |
 | `IF.GUARD` | `IF.GOV.PANEL` |
 | `IF.5W` | `IF.GOV.QUESTIONS` |
 | `IF.WITNESS` | `IF.GOV.WITNESS` |
 | `IF.ARMOUR` | `IF.SECURITY.CHECK` (and `IF.SECURITY.*` submodules) |
 | `IF.YOLOGUARD` | `IF.SECURITY.DETECT` |
 | `IF.PACKET` | `IF.TRANSIT.MESSAGE` |
 | `IF.BUS` | `IF.TRANSIT.HUB` |
 | `swarm.s2` | `IF.TRANSIT.SWARM` |
 ## Testing heuristics
@ -116,3 +129,4 @@ If in doubt, follow separation-of-duties patterns inspired by **US/CA/EU** gover
 - Machine-readable registry: `IF_NAMING_REGISTRY.yaml`
 - Component charters (separation-of-duties): `gov/`
--- a/IF_NAMING_REGISTRY.yaml
+++ b/IF_NAMING_REGISTRY.yaml
@ -6,7 +6,7 @@ principles:
  - "Layer names are literal domains (GOV/SECURITY/TRANSIT/AUDIT)."
  - "Component names are short, concrete metaphors (TRIAGE/PANEL/DETECT/TRAIL)."
  - "Names must be legible to non-specialists (secondary-school educated)."
-  - "Deprecated aliases are intentionally omitted from public docs to avoid lexicon drift."
+  - "Legacy names remain supported as aliases during transition."
 aliases:
  IF.SEC:
@ -18,54 +18,65 @@ forbidden:
 names:
  IF.GOV.TRIAGE:
    legacy: ["IF.BIAS", "if.bias"]
    academic: "controversy-weighted risk stratification"
    description: "Preflight risk triage that sizes councils and decides escalation."
  IF.GOV.PANEL:
    legacy: ["IF.GUARD", "if.guard"]
    academic: "multi-agent oversight with structural dissent requirements"
    description: "Council governance protocol (minimum 5 seats including a contrarian)."
  IF.GOV.PANEL.EXTENDED:
    legacy: []
    academic: "extended multi-agent oversight panel"
    description: "Expanded panel up to ~30 seats for higher-stakes decisions."
  IF.GOV.QUESTIONS:
    legacy: ["IF.5W", "IF_5W", "if.5w"]
    academic: "provenance interrogative framework"
    description: "Structured inquiry briefs (who/what/when/where/why/how)."
  IF.GOV.WITNESS:
    legacy: ["IF.WITNESS", "if.witness"]
    academic: "audit observation and compliance monitoring"
    description: "Independent witness that validates governance and trace discipline."
  IF.SECURITY.DETECT:
    legacy: ["IF.YOLOGUARD", "if.yologuard"]
    academic: "context-aware secret detection"
    description: "Secret/relationship screening and credential hygiene primitives."
  IF.SECURITY.CHECK:
    legacy: ["IF.ARMOUR", "IF.armour", "if.armour"]
    academic: "epistemic anomaly detection and coherence validation"
    description: "Detective layer for coherence/inconsistency; no actuation authority."
  IF.TRANSIT.HUB:
    legacy: ["IF.BUS", "IF.bus", "if.bus"]
    academic: "privilege-enforced kinetic message router"
    description: "Deterministic actuation + privilege enforcement substrate."
  IF.TRANSIT.MESSAGE:
    legacy: ["IF.PACKET", "if.packet"]
    academic: "cryptographically signed message protocol"
    description: "Schema-first message envelope with trace IDs and audit metadata."
  IF.TRANSIT.SWARM:
    legacy: ["swarm.s2", "IF.SWARM.s2", "IF.SWARM.S2"]
    academic: "distributed agent coordination"
    description: "Intra-swarm coordination layer over a Redis bus."
  IF.AUDIT.TRAIL:
    legacy: ["IF.TTT"]
    academic: "immutable chain-of-custody logging"
    description: "Trace discipline + signing + verification hooks for disputes."
  IF.AUDIT.PROOF:
    legacy: []
    academic: "portable verification bundle"
    description: "Exportable evidence bundle + manifest + verifier steps."
 notes:
  - "IF.TTT remains the philosophical umbrella; use IF.AUDIT.* for concrete artifacts."
  - "Canonical `if://doc/*` handles: see IF_DOC_HANDLE_REGISTRY.yaml."
  - "Multi-lingual translations: planned; keep canonical IDs stable and translate descriptions."
--- a/IF_TTT_SECURITY_HARDENING_SUMMARY_v1.3.md
+++ b/IF_TTT_SECURITY_HARDENING_SUMMARY_v1.3.md
@ -1,128 +0,0 @@
 # IF.TTT Security Hardening — Public Summary (IF.ARMOUR crossover)
 **Author:** InfraFabric Research  
 **Status:** Summary (safe to share)  
 **Updated:** 2025-12-29  
 **Version:** 1.3 (summary)  
 **Citation:** `if://doc/ifttt-security-hardening-summary/v1.3`  
 This is a **public summary** of the internal hardening proposal:
 - Internal full paper: `if://doc/ifttt-security-hardening/v1.3`
 - This summary intentionally omits operator details (hostnames, container IDs, internal network layout).
 ## What problem this solves (black/white)
 IF.TTT’s job is to publish receipts that survive skepticism:
 - A source artifact → `source_sha256`
 - An output artifact → `output_sha256`
 - A trace record binding them → `trace_id` + public `shareId`
 - Optional offline bundles → `lightweight` / `standard` / `full`
 Hardening is necessary because IF.TTT is exposed to adversarial pressure:
 - spam and resource exhaustion
 - scraping and tampering attempts
 - epistemic attacks (“make the receipts look unreliable”)
 - signer/key compromise attempts (the highest-value target)
 Hardening does **not** mean “unhackable.” It means:
 - failures are detected early
 - damage is contained
 - compromised components can be isolated
 - receipts remain explainable and verifiable
 ## The hostile-world assumption (required)
 Operate as if:
 - clients are adversarial
 - the network is hostile
 - servers will eventually have unknown vulnerabilities
 - the goal is to protect the **signing process** and preserve an auditable record
 ## IF.ARMOUR → IF.SECURITY.* (naming)
 “IF.ARMOUR” is the research umbrella for adversarial hardening patterns.
 In the product naming system, these patterns surface as:
 - `IF.SECURITY.DETECT` — detect abuse/anomaly patterns
 - `IF.SECURITY.CHECK` — validate inputs, policies, integrity
 - `IF.SECURITY.WATCH` — liveness/drift checks + escalation rules
 - `IF.SECURITY.TRAP` — honeypots/tarpits/deception
 ## Control themes (what gets hardened)
 ### 1) Economic defenses (rate limits + PoW)
 Goal: make bulk abuse expensive while keeping normal users fast.
 Mechanisms:
 - per-route rate limiting on public surfaces
 - “proof-of-work” challenges for suspicious upload paths (optional, adaptive)
 ### 2) Honey-traces (canary receipts)
 Goal: detect scrapers and receipt poisoning attempts by publishing decoy shareIds and measuring interaction patterns.
 Mechanisms:
 - decoy receipts that look valid but are tagged internally
 - automated triage when decoys are accessed at scale
 ### 3) Tarpits / time vampires
 Goal: consume attacker resources (time, concurrency) while extracting behavioral signals.
 Mechanisms:
 - deliberate slow paths for suspicious clients (bounded)
 - jitter and challenge escalation for repeated probing
 ### 4) Swarm-Lock + Purgatory Protocol (containment)
 Goal: if a component is suspected compromised or desynchronized, **freeze** before poisoning receipts.
 Mechanisms:
 - liveness checks and quorum-based gating for critical state
 - “lock” mode that halts signing/publishing
 - “purgatory” mode that isolates and requires explicit rejoin validation
 ### 5) Backups and survivability (two realities)
 Reality A (single-host prototype):
 - local backups and snapshots are adequate for early-stage iteration
 Reality B (portable production profile):
 - tiered backups (hot/warm/cold)
 - optional replication to a secondary host (or later to cloud object storage)
 - recovery procedures documented as part of the trust model
 ### 6) Verifier supply-chain hardening
 Goal: the offline verifier must be trusted.
 Mechanisms:
 - publish hashes for verifier artifacts
 - optionally sign verifier releases
 - keep “what is verified” vs “what is not” explicit in tool output
 ## What to expect (deployed vs planned)
 Deployed (proof layer):
 - public receipts + stable no-login aliases
 - hash binding + signatures (including PQ receipts when available)
 - offline verification path via triage bundles + verifier tooling
 Planned (hardening layer):
 - honey-traces and deception
 - adaptive PoW + tarpits for abusive clients
 - Swarm-Lock/Purgatory containment
 - stronger backup tiers and survivability procedures
 ## Why this matters
 Without hardening, public receipts can become a new kind of theater:
 - visible, but easy to undermine
 - impressive, but fragile under adversarial pressure
 With hardening, IF.TTT becomes:
 - boring to operate
 - legible to reviewers
 - resilient under skepticism and abuse
--- a/IF_TTT_THE_SKELETON_OF_EVERYTHING_.md
+++ b/IF_TTT_THE_SKELETON_OF_EVERYTHING_.md
@ -8,19 +8,11 @@
 **Author:** Danny Stocker, InfraFabric Research
 **Date:** December 2, 2025
-**Updated:** December 29, 2025 (Receipt-First Chronology + Public Receipts + Hardening + Dev/Prod Profiles)
+**Version:** 2.0 (Legal Voice Edition)
-**Version:** 2.1 (Legal Voice Edition)
+**IF.citation:** `if://doc/ttt-skeleton-paper/v2.0`
-**IF.citation:** `if://doc/ttt-skeleton-paper/v2.1`
+**Word Count:** ~15,000 words (1,343 lines)
 **Word Count:** ~11,800 words
 **Status:** Production Documentation
 **Public receipt for this paper (no login):**
 - Trace: https://infrafabric.io/static/trace/UtriXc5NT2rktoWA0EGvE61G
 - Pack (HTML): https://infrafabric.io/static/pack/UtriXc5NT2rktoWA0EGvE61G
 - Pack (raw Markdown): https://infrafabric.io/static/pack/UtriXc5NT2rktoWA0EGvE61G.md
 Note: hashes are published on the trace page. We do not inline a “self-hash” here to avoid self-referential hash loops.
 ---
 ## Abstract
@ -47,11 +39,7 @@ That is not surveillance. That is the only foundation on which trustworthy AI ca
 ### Part I: Foundations
 1. [The Origin: From Footnotes to Foundation](#1-the-origin-from-footnotes-to-foundation)
   - [The IF.TTT Lifecycle (Chronological, Receipt-First)](#14-the-ifttt-lifecycle-chronological-receipt-first)
   - [Two Realities: Single-Host Prototype vs Portable Production](#15-two-realities-single-host-prototype-vs-portable-production)
   - [Hardening the Trust Skeleton: IF.ARMOUR → IF.SECURITY.*](#16-hardening-the-trust-skeleton-ifarmour--ifsecurity)
 2. [The Three Pillars: Traceable, Transparent, Trustworthy](#2-the-three-pillars-traceable-transparent-trustworthy)
   - [Public Receipts: No-Login Share Surface + Triage Bundles](#211-public-receipts-no-login-share-surface--triage-bundles)
 3. [The SIP Protocol Parallel: Telephony as Template](#3-the-sip-protocol-parallel-telephony-as-template)
 ### Part II: Infrastructure
@ -137,157 +125,6 @@ No trace, no trust. Simple as that.
 ---
 ## 1.4 The IF.TTT Lifecycle (Chronological, Receipt-First)
 The rest of this paper explains *why* IF.TTT works (pillars, protocols, infrastructure). But IF.TTT succeeds or fails in a sequence.
 Below is the chronological chain-of-custody path that turns a document, decision, or output into something a skeptical reader can verify without credentials.
 ### 1.4.0 What IF.TTT proves (and what it does not)
 IF.TTT is designed to be black/white. If we can’t prove a property, we don’t imply it.
 **IF.TTT proves (when the receipts verify):**
 - The published output bytes match the `output_sha256` shown on the trace page.
 - The published source bytes match the `source_sha256` shown on the trace page.
 - A trace record exists that binds those two hashes to a `trace_id` and a public `shareId`.
 - When signatures are present, the receipt was signed by the registry key (and can be validated using the verifier tooling).
 **IF.TTT does not prove (and does not claim to):**
 - That the source document is “true” or correct; only that it is the source that was used.
 - That the output’s interpretation is correct; only that the output is the one that was published.
 - That a vendor claim is valid; only that the claim exists in the source (and can be located and discussed).
 - That your organization is compliant; only that you can produce verifiable receipts that support audits.
 ### 1.4.1 The sequence (what happens, in order)
 **Required steps:**
 1. **Capture the source** (PDF or URL) and compute a stable fingerprint (`source_sha256`).
 2. **Generate the output** (report, dossier, decision) and compute its fingerprint (`output_sha256`).
 3. **Create a trace record** (`trace_id` UUID) binding `source_sha256` ⇄ `output_sha256`.
 4. **Publish the public receipts** under stable, no-login aliases:
   - `/static/pack/<shareId>.md` (single-link bundle)
   - `/static/dossier/<shareId>` (+ `/download`)
   - `/static/trace/<shareId>` (receipt page)
   - `/static/source/<sha256>.pdf` (source mirror)
 5. **Verification** is now possible by anyone:
   - Hash the downloaded output → compare to `Output sha256` in the trace.
   - Hash the downloaded source → compare to `Source sha256` in the trace.
 **Optional step (stronger receipts):**
 6. **Export a triage bundle** for offline verification (downloadable `.tar.gz`):
   - `lightweight`: ids + hashes + URLs + trace (small receipt)
   - `standard`: + dossier + day pack (reviewable bundle)
   - `full`: + marketing + week pack (archive/audit pack)
 7. **Verify offline** using the public verifier (`iftrace.py`) against expected SHA256.
 ### 1.4.2 A live example (the “first bite”)
 If IF.TTT is real, a skeptical reader should be able to “taste it” immediately: open a receipt, download an artifact, hash it, and see the numbers match.
 Example share surface (no login):
 - Pack (HTML view): https://infrafabric.io/static/pack/6qRgcR01kw_qNo63Dbs_ob9n
 - Pack (raw Markdown): https://infrafabric.io/static/pack/6qRgcR01kw_qNo63Dbs_ob9n.md
 - Dossier (rendered): https://infrafabric.io/static/dossier/6qRgcR01kw_qNo63Dbs_ob9n
 - Trace (receipt): https://infrafabric.io/static/trace/6qRgcR01kw_qNo63Dbs_ob9n
 - Source (PDF): https://infrafabric.io/static/source/6153a5998fe103e69f6d5b6042fbe780476ff869a625fcf497fd1948b2944b7c.pdf
 Optional triage selector (bundle downloads + expected SHA256):
 - https://infrafabric.io/static/hosted/review/trace-bundles/b6547c03/index.html
 - https://infrafabric.io/static/hosted/review/trace-bundles/b6547c03/index.md
 Offline verifier (no login; HTML + raw):
 - https://infrafabric.io/static/hosted/iftrace.html
 - https://infrafabric.io/static/hosted/iftrace.py
 Note (practical): some automated reviewer environments can fetch the HTML pages but reject binary downloads (`.tar.gz`). In those cases, use the HTML receipts for reading and verify bundles locally via a normal shell/browser.
 ### 1.4.3 Why this matters
 Most systems explain their governance. IF.TTT publishes receipts.
 The “trace” is not a closing paragraph. It is the start of trust: a chain-of-custody surface that exists before anyone asks for it.
 ---
 ## 1.5 Two Realities: Single-Host Prototype vs Portable Production
 IF.TTT must describe two deployment realities clearly. Mixing them creates “trust theater”: claims that sound right but don’t match what’s actually deployed.
 ### 1.5.1 Reality A (today): single-host prototype, local-first
 What exists today (black/white):
 - A single-host deployment can publish public receipts (`/static/*`) and enable offline verification (triage bundles + `iftrace.py`).
 - The architecture is split into separable roles (edge/static serving, application layer, internal registry) so components can be moved without changing the receipt surface.
 What this does **not** claim:
 - Multi-region availability.
 - Compliance guarantees.
 - Immunity to compromise of the host itself.
 Practical shape (portable components):
 - **Edge/static**: terminates TLS and serves the public receipt surface (`/static/*`).
 - **Application layer**: generates packs/dossiers/review bundles and calls the registry for signing.
 - **Registry**: signs receipts and records audit entries; treats keys as first-class assets.
 - **Storage**: may store only hashes (default) or optionally store source/bundle bytes (configurable).
 ### 1.5.2 Reality B (portable): production profile, infrastructure-agnostic
 The production profile is the same system, with different failure domains:
 - The receipt surface stays stable; only the origin infrastructure changes.
 - Core state moves to explicit data stores (registry + audit log + optional object storage for source files and bundles).
 - Keys are treated as first-class assets (rotation, least privilege, backup strategy), because “the ledger is only as trustworthy as the signer.”
 Portable deployment principle:
 - The application layer is not coupled to specific hardware. The same units can run as containers on a single host today and be moved to cloud infrastructure later without changing the public receipt surface.
 ### 1.5.3 Invariants (must not change when moving environments)
 - Public receipts: `https://infrafabric.io/static/trace/<shareId>` remains the “receipt surface.”
 - Verifiability: anyone can hash artifacts and compare to the trace.
 - Optional offline receipts: triage bundles can be verified without internal credentials.
 ---
 ## 1.6 Hardening the Trust Skeleton: IF.ARMOUR → IF.SECURITY.*
 IF.TTT is a governance skeleton. It still needs an application-layer security posture.
 ### 1.6.1 Hostile-world assumption (explicit)
 - Treat every interaction as occurring in a potentially compromised environment (operators, admins, clients, and infrastructure).
 - Treat uploads and verification requests as adversarial inputs.
 - Treat the verifier (`iftrace.py`) as a supply-chain surface.
 - Treat signing keys and key material as the primary target (the ledger is only as trustworthy as the signer).
 ### 1.6.2 Naming (avoid drift)
 - “IF.ARMOUR” is the research umbrella for adversarial hardening patterns.
 - In the InfraFabric naming system, the security layer surfaces as `IF.SECURITY.*`:
  - `IF.SECURITY.DETECT` (monitoring, anomaly detection)
  - `IF.SECURITY.CHECK` (validation, policy enforcement, integrity checks)
  - `IF.SECURITY.WATCH` (liveness, drift, health checks, escalation)
  - `IF.SECURITY.TRAP` (honeypots, tarpits, deception)
 ### 1.6.3 What’s deployed vs what’s proposed (black/white)
 - Deployed: public receipts, offline verifier, and trace integrity checks (hash binding + signatures) — the “proof layer.”
 - Proposed (hardening roadmap): additional controls described in `if://doc/ifttt-security-hardening/v1.3`, including:
  - Honey-trace / canary endpoints to detect scraping and “receipt poisoning”.
  - Resource exhaustion / tarpitting (economic defense) for abusive clients.
  - Swarm-Lock + Purgatory Protocol (freeze + isolate suspected compromise before it contaminates receipts).
  - Tiered backups and replication paths for survivability under zero-day compromise.
  - Supply-chain hardening for public verifier distribution.
  - Public summary (safe to share): `IF_TTT_SECURITY_HARDENING_SUMMARY_v1.3.md`
 The core rule is simple:
 > A receipt that cannot survive contact with adversaries becomes a new kind of theater.
 # 2. The Three Pillars: Traceable, Transparent, Trustworthy
 ## 2.1 Traceable: Every Claim Links to Evidence
@ -307,56 +144,6 @@ A claim without a source is noise. A claim with a source is information. The dif
 | Audit Log | Entry ID | `aud_a1b2c3d4_20251201_143022` |
 | Human Review | Reviewer + timestamp | `danny_stocker@2025-12-01T14:30:00Z` |
 ### 2.1.1 Public Receipts: No-Login Share Surface + Triage Bundles
 IF.TTT is not only an internal `if://` scheme. It also has a **public receipt surface** designed for external reviewers who should not need credentials to verify provenance.
 **Where this fits in the lifecycle:** this section is the detailed spec for steps **4–7** in §1.4 (public receipts + optional triage bundles). It is not a bolt-on; it is the external interface of the Traceable pillar.
 **No-login share aliases (stable):**
 - Single-link bundle (HTML view):
  - https://infrafabric.io/static/pack/<shareId>
 - Single-link bundle (raw Markdown):
  - https://infrafabric.io/static/pack/<shareId>.md
 - Marketing-safe excerpt (HTML view):
  - https://infrafabric.io/static/marketing/<shareId>
 - Marketing-safe excerpt (raw Markdown):
  - https://infrafabric.io/static/marketing/<shareId>.md
 - Review pack (HTML view):
  - https://infrafabric.io/static/review/<shareId>
  - https://infrafabric.io/static/review-pack/<shareId>
 - Review pack (raw Markdown):
  - https://infrafabric.io/static/review/<shareId>.md
  - https://infrafabric.io/static/review-pack/<shareId>.md
 - Rendered dossier:
  - https://infrafabric.io/static/dossier/<shareId>
 - Rendered dossier (download Markdown):
  - https://infrafabric.io/static/dossier/<shareId>/download
 - IF.TTT trace page (receipt):
  - https://infrafabric.io/static/trace/<shareId>
 - Source PDFs:
  - https://infrafabric.io/static/source/<sha256>.pdf
 **Sandbox fallback:**
 - If an evaluator’s environment blocks `red-team.*` hostnames, use: `https://infrafabric.io/r/<shareId>`
 **Triage bundles (optional; offline-verifiable):**
 When a dossier needs a stronger “cryptographic receipt”, IF.TTT can publish a downloadable trace bundle at three depths:
 - `lightweight`: ids + hashes + URLs + trace (small receipt)
 - `standard`: + dossier + day pack (reviewable bundle)
 - `full`: + marketing + week pack (archive/audit pack)
 Each bundle ships with a manifest and can be verified offline using `iftrace.py`.
 - Example triage selector (HTML view):
  - https://infrafabric.io/static/hosted/review/trace-bundles/b6547c03/index.html
 - Example triage selector (raw Markdown):
  - https://infrafabric.io/static/hosted/review/trace-bundles/b6547c03/index.md
 - Public verifier (HTML view):
  - https://infrafabric.io/static/hosted/iftrace.html
 - Public verifier (raw Python):
  - https://infrafabric.io/static/hosted/iftrace.py
 **Implementation:** Every IF.TTT-compliant output includes a citation block:
 ```json
@ -1251,7 +1038,7 @@ Any failure = message rejected. No exceptions.
 - Cached with 60-second TTL
 - Rotatable with version tracking
-## 9.4 Post-Quantum Cryptography: Future-Proofing IF.TTT (and why we say “Quantum Ready”)
+## 9.4 Post-Quantum Cryptography: Future-Proofing IF.TTT
 **The Quantum Threat:**
@ -1267,28 +1054,42 @@ Ed25519 is vulnerable to Shor's algorithm on a sufficiently powerful quantum com
 [^pq1]: [NIST Post-Quantum Cryptography Standards](https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards)
-**What “Quantum Ready” means (black/white):**
+**IF.TTT Quantum-Ready Schema Extension:**
 - A **VERIFIED** trace is one where the public artifacts hash to the values shown on the trace page (and, when signatures are present, the classical signature verifies).
 - A **QUANTUM READY** trace is one where an additional post-quantum receipt exists *and* can be verified using PQ tooling.
 This is intentionally modest language: “Quantum Ready” means “a PQ receipt exists,” not “the whole world is quantum-safe.”
 **IF.TTT Quantum-Ready receipt shape (hybrid signatures):**
 - Classical signature: Ed25519
 - Post-quantum signature: ML-DSA-87 (FIPS 204) when available (fallback: Dilithium5)
 - PQ payload pattern (deterministic): `content_hash + signature_ed25519`
 ```python
@dataclass
-class QuantumReadyReceipt:
+class QuantumReadySignedMessage:
-    content_hash: str
+    # Classical Ed25519 (current)
-    signature_ed25519: str
+    signature_ed25519: str           # Ed25519 signature (64 bytes)
-    signer_pubkey_ed25519: str
+    public_key_ed25519: str          # Ed25519 public key (32 bytes)
-    signature_pq: Optional[str] = None
+
-    pq_algo: Optional[str] = None  # "ML-DSA-87" (FIPS 204) or "Dilithium5"
+    # Post-Quantum ML-DSA (FIPS 204)
-    pq_status: str = "classical-only"  # "hybrid-fips204" | "hybrid-draft" | "classical-only"
+    signature_ml_dsa: Optional[str]  # ML-DSA-65 signature (~3,309 bytes)
    public_key_ml_dsa: Optional[str] # ML-DSA-65 public key (~1,952 bytes)
    # Hybrid verification flag
    quantum_ready: bool = False       # True when both signatures present
    migration_date: Optional[str]     # When PQ signatures become mandatory
 ```
 **Hybrid Verification Strategy:**
 ```python
 def verify_quantum_ready(message: QuantumReadySignedMessage) -> bool:
    """Verify both classical and post-quantum signatures."""
    # Phase 1 (Current): Ed25519 only
    ed25519_valid = verify_ed25519(message.signature_ed25519, message.payload)
    # Phase 2 (Transition): Ed25519 + ML-DSA
    if message.quantum_ready and message.signature_ml_dsa:
        ml_dsa_valid = verify_ml_dsa(message.signature_ml_dsa, message.payload)
        return ed25519_valid and ml_dsa_valid
    # Phase 3 (Post-CRQC): ML-DSA only
    # (Activated when quantum threat becomes real)
    return ed25519_valid
 ```
 **Migration Timeline:**
@ -1307,9 +1108,9 @@ class QuantumReadyReceipt:
 | ML-DSA-44 | 2,420 bytes | 38× |
 | ML-DSA-65 | 3,309 bytes | 52× |
 | ML-DSA-87 | 4,627 bytes | 72× |
-| Hybrid (Ed25519 + ML-DSA-87) | 4,691 bytes | 73× |
+| Hybrid (Ed25519 + ML-DSA-65) | 3,373 bytes | 53× |
-The storage overhead is significant but acceptable for audit trails. IF.TTT receipts include explicit PQ metadata (`pq_status`, `pq_algo`) so public traces can be honest about what exists and what was verified.
+The storage overhead is significant but acceptable for audit trails. IF.TTT schemas include the `quantum_ready` field now to enable seamless migration later.
 ---
@ -2118,7 +1919,7 @@ src/core/security/
 └── __init__.py (45 lines)
 src/core/logistics/
-├── packet.py (900 lines) - IF.TRANSIT.MESSAGE protocol
+├── packet.py (900 lines) - IF.PACKET protocol
 ├── redis_swarm_coordinator.py (850 lines) - Multi-agent coordination
 └── workers/ (1,220 lines) - Sonnet coordinators
@ -2654,14 +2455,15 @@ And that skeleton can hold the weight of whatever we build on top of it.
 **Document Status:** Complete (TTT Self-Compliant)
 **IF.TTT Compliance:** Self-Referential + Verification Matrix
-**Last Updated:** 2025-12-29
+**Last Updated:** 2025-12-02
-**Version:** 2.1 (Legal Voice Edition)
+**Version:** 2.2 (Voice Polish Edition - Legal VoiceConfig + Danny Stocker light touch)
-**Lines:** 2,667
+**Lines:** 2,406
-**Word Count:** ~11,800 (including code blocks)
+**Word Count:** ~18,000 (including code blocks)
-**Sections:** 19 chapters across 5 parts + appendices
+**Sections:** 19 chapters across 5 parts + 4 appendices
 ---
 *"Footnotes aren't decorations. They're load-bearing walls."*
 — IF.TTT Design Philosophy
--- a/demo-txi-report.md
+++ b/demo-txi-report.md
@ -0,0 +1,190 @@
 # DOCUMENT D'ANALYSE STRATÉGIQUE : LE PROTOCOLE DU SURVIVANT v1.0
 **Sujet :** Audit de viabilité d’un système biologique en échec critique (Cas : 28M / Paris)
 **Protocole :** IF.HUMAN.CRITICAL.OVERDRIVE
 **Statut :** URGENCE ABSOLUE / RELEASE
 **Citation :** `if://recovery/addiction/extreme_load`
 **Auteur :** Danny Stocker | InfraFabric Research | ds@infrafabric.io
 **Dépôt :** [git.InfraFabric.io/human-recovery](https://git.infrafabric.io)
 **Web :** [InfraFabric.io](https://infrafabric.io)
 ---
 ## 1. L'ÉTAT DES LIEUX : UNE ANOMALIE STATISTIQUE
 > *"À 14 grammes en 48 heures, vous ne consommez pas un produit. Vous testez l'élasticité de la mort."*
 Soyons directs. Dans le monde du hardware, si vous appliquez une surtension de 1000% à un processeur, il fond. Dans votre cas, vous appliquez une charge toxique massive à un organisme de 28 ans. Le fait que vous soyez capable de lire ce document est une aberration statistique.
 Vous décrivez une escalade classique de la dette technique biologique :
 1.  **Phase d'Onboarding** : 1g (social, Casablanca).
 2.  **Phase de Scale-up** : 2g (routine).
 3.  **Phase de Stress-Test** : 5g (pic long terme).
 4.  **Phase de Crash-Loop** : 10-14g (Paris, isolement, deuil).
 Ce n'est pas une "consommation". C'est une tentative de déni de service (DDoS) sur votre propre cerveau.
 *[Loi de la Tolérance Inversée] : Plus le système est exposé, plus il exige de ressources pour maintenir un état stable (homéostasie), jusqu'à l'effondrement.*
 **La Métrique de la Survie :**
 | Variable | Valeur | Risque | Source |
 |----------|--------|--------|
 | Dose Max (48h) | 14 grammes | Létalité > 90% | [A09] |
 | Fréquence | Quotidienne/Compulsive | Épuisement Dopaminergique | [A10] |
 | Facteur de Risque | Isolement + Deuil | Suicide Passif | [A11] |
 **Visualisation de l'Architecture du Crash :**
 ```mermaid
 graph TD
    A[Trauma Initial: Abandon Maternel] -->|Vide Identitaire| B(Besoin de Comblement)
    B -->|Injection SQL: Cocaïne| C{Système de Récompense}
    C -->|Relief Temporaire| D[Tolérance]
    D -->|Augmentation de la charge| E[14g / Overdrive]
    F[Décès de l'Ami] -->|Catalyseur| E
    E -->|Risque Imminent| G((ARRÊT SYSTÈME / MORT))
    style E fill:#ff0000,stroke:#333,stroke-width:4px
    style G fill:#000000,stroke:#ff0000,color:#fff
 ```
 **Et si vous n'étiez pas "accro" mais en mission ?**
 L'approche standard dit que vous êtes un drogué qui a perdu le contrôle. L'approche contrarienne suggère que vous avez *parfaitement* le contrôle d'un projet inconscient : rejoindre votre ami ou annuler votre naissance. C'est une exécution impeccable d'un script destructeur.
 **Le facteur humain :**
 Votre corps a survécu 250 fois. Votre esprit, lui, cherche une porte de sortie. La friction vient du fait que votre instinct de survie biologique se bat contre votre désir inconscient de fin.
 ---
 ## 2. DIAGNOSTIC DU "POURQUOI" : LA BLESSURE PRIMITIVE
 > *"On ne construit pas un gratte-ciel sur des fondations inexistantes. L'absence de la mère n'est pas un détail, c'est un bug dans le code source."*
 Vous posez la question : *"Est-ce à cause de ma mère ?"*
 La réponse courte est : **Oui, c'est l'architecture racine.**
 Ne pas connaître sa mère, ne l'avoir vue qu'en photo, crée ce qu'on appelle en architecture système un "Pointeur Null". Votre identité cherche une référence qui n'existe pas.
 *   La cocaïne inonde le cerveau de dopamine.
 *   La dopamine est la molécule du "plus", de l'anticipation, du lien.
 *   Vous utilisez la chimie pour simuler l'amour maternel que vous n'avez pas reçu. C'est un patch artificiel sur un trou béant.
 *[Théorie de l'Attachement de Bowlby] : Un attachement insécure ou absent dans l'enfance prédit des stratégies de régulation émotionnelle dysfonctionnelles à l'âge adulte.*
 **Analyse du Coût de la Dette Affective :**
 | Élément Manquant | Substitut Chimique | Résultat |
 |------------------|--------------------|----------|
 | Regard Maternel | Flash de Cocaïne | Euphorie (5 min) |
 | Sécurité | Isolement | Paranoïa |
 | Identité | Auto-destruction | Culpabilité |
 **Le Flux de la Compensation Toxique :**
 ```mermaid
 sequenceDiagram
    participant Vide as Le Vide (Absence Mère)
    participant Moi as L'Ego (28 ans)
    participant Coke as Le Produit
    participant Mort as La Pulsion de Mort
    Vide->>Moi: "Je n'existe pas, donc tu n'existes pas."
    Moi->>Coke: "Fais-moi exister. Fais-moi sentir puissant."
    Coke->>Moi: "OK. Voici 14g de puissance artificielle."
    Moi->>Moi: (Sentiment de toute-puissance temporaire)
    Coke->>Moi: "La facture arrive : Descente."
    Moi->>Mort: "Je mérite de mourir pour ce que j'ai fait."
    Mort->>Moi: "Pas encore. Recommence."
 ```
 **Le Recadrage :**
 Ce n'est pas de l'hédonisme. C'est de l'auto-médication pour une amputation de l'âme. Vous n'essayez pas de "planer", vous essayez de vous sentir "normal" ou "complet" pour la première fois de votre vie.
 ---
 ## 3. L'HOMMAGE MORTEL : SYNDROME DU SURVIVANT
 > *"Mourir par solidarité est la forme de loyauté la plus stupide et la plus tragique qui soit."*
 Votre ami est mort. Probablement à cause de ce mode de vie. Vous dites consommer pour lui "rendre hommage".
 Traduction brutale : **C'est une identification projective.**
 Vous avez quitté le Maroc. Vous avez "réussi" (études en France). Lui est resté. Lui est mort.
 Dans la logique tordue de la culpabilité du survivant, vous vous interdisez de vivre mieux que lui. En prenant 14g, vous vous allongez symboliquement dans sa tombe. C'est une "conduite ordalique". Vous remettez votre vie entre les mains du hasard (Dieu), comme pour dire : *"Si je dois vivre, c'est que je le mérite vraiment, puisque j'ai survécu à 14g."*
 **Tableau de la Culpabilité :**
 | Action | Signification Inconsciente | Coût Réel |
 |--------|----------------------------|-----------|
 | Départ en France | Trahison / Abandon de l'ami | Succès perçu comme illégitime |
 | Rechute Nouvel An | Punition du succès | Sabotage des études |
 | 14g sans sommeil | Tentative d'exécution | Urgences / Risque cardiaque |
 **L'Arbre de Décision du Suicide Inconscient :**
 ```mermaid
 graph LR
  A[Je suis en vie / Il est mort] --> B{Est-ce juste ?};
  B -- Non --> C[Je dois payer le prix];
  C --> D[Prise de risque maximale (14g)];
  D --> E{Résultat ?};
  E -- Mort --> F[Justice rendue (Rejoindre l'ami)];
  E -- Vie --> G[Culpabilité accrue → Recommencer];
  B -- Oui --> H[Acceptation (Impossible sans aide)];
  style D fill:#ff9999;
  style H fill:#ccffcc;
 ```
 **Et si c'était de l'auto-punition ?**
 Absolument. Vous parlez de "tout le mal que vous avez fait". La cocaïne a cet effet pervers : elle coupe la conscience morale pendant la montée, et elle vous écrase sous la honte pendant la descente. Vous créez une boucle de rétroaction négative infinie.
 ---
 ## 4. LE PIVOT STRATÉGIQUE : ACTION IMMÉDIATE
 > *"L'espoir n'est pas une stratégie. À 10g par jour, la seule stratégie, c'est l'intervention externe."*
 Vous avez arrêté un an. C'est la donnée la plus importante de votre message.
 **Preuve [A12] :** Votre neuroplasticité est intacte. Vous n'êtes pas "cassé". Vous êtes juste en redémarrage boucle infinie.
 Mais soyons clairs : vous ne pouvez pas gérer un sevrage de 10g/jour tout seul dans votre appartement parisien. Le risque de convulsion, de délire ou d'arrêt cardiaque est réel. Vous avez besoin d'une équipe Ops.
 **Le Plan de Mitigation des Risques (Immédiat) :**
 1.  **Le Hardware (Corps)** : Il faut nettoyer le système sous surveillance.
 2.  **Le Software (Esprit)** : Il faut traiter le bug "Mère" et le bug "Ami".
 **L'Architecture de la Solution (CSAPA) :**
 En France, les CSAPA (Centres de Soins, d'Accompagnement et de Prévention en Addictologie) sont vos meilleurs alliés. C'est gratuit. C'est confidentiel. Ils s'en foutent de ce que vous avez fait. Ils veulent juste que le serveur ne brûle pas.
 **Protocole d'Exécution :**
 ```mermaid
 graph TD
    Start[ÉTAT ACTUEL: DANGER DE MORT] -->|Option A: Inertie| Death[Décès probable < 3 mois]
    Start -->|Option B: Action| CSAPA[CSAPA / Urgences]
    CSAPA -->|Phase 1| Sevrage[Hospitalisation (Sevrage Sécurisé)]
    CSAPA -->|Phase 2| Psy[Thérapie (Trauma Mère/Ami)]
    Sevrage -->|Stabilisation| Recovery[Récupération (Comme l'année à 0g)]
    Psy -->|Correction du Bug| Identity[Identité Reconstruite]
    style Start fill:#ff0000,color:#fff
    style Death fill:#000000,color:#fff
    style Recovery fill:#00cc00,color:#fff
 ```
 **La Chute :**
 Vous demandez si c'est du suicide. Oui, c'est un suicide lent, bruyant et coûteux. Mais vous avez écrit ce message. Une partie de vous hurle pour vivre. Écoutez cette partie. Fermez l'écran, cherchez "CSAPA Paris" sur Google Maps, et allez-y. Maintenant.
 Vous avez survécu 250 fois à la roulette russe. Ne tentez pas le coup de trop.
 ---
 # ANNEXE : SOURCES & RÉFÉRENCES
 | Index | Affirmation | Source / Principe |
 |-------|-------------|-------------------|
 | **[A09]** | La LD50 (Dose Létale) de la cocaïne est variable mais 14g est massivement supra-létale pour un non-habitué. | [Toxicologie Clinique] |
 | **[A10]** | L'épuisement des récepteurs dopaminergiques entraîne une anhédonie totale (incapacité à ressentir le plaisir). | [Neurobiologie de l'Addiction] |
 | **[A11]** | Les conduites ordaliques sont des tentatives de maîtriser la mort par le risque. | [Psychopathologie du risque, Le Breton] |
 | **[A12]** | Une période d'abstinence d'un an prouve la capacité de résilience du cortex préfrontal. | [Addictologie Fondamentale] |
--- a/57
+++ b/57
@ -0,0 +1,57 @@
 **IF.DAVE.DOCUMENT: GENERATED**
 **Source Material:** Crisis Intervention / Addiction Response (French)
 **Target Output:** The "Opaque Stack" Response
 **Protocol:** IF.DAVE.v1.0
 ---
 **Subject:** Re: High-Velocity Consumption Metrics & Q3 "Life" Roadmap 🚀
 **To:** The "User" (Stakeholder)
 **From:** Dave (VP of Global Alignment & Vibes)
 Happy Monday, Champion! 👋
 First off, I just want to say: **wow.** I reviewed the data dump you sent over regarding your current "Chemical Intake" and "Historical Onboarding Issues" (the mother stuff). I absolutely *love* the raw honesty here. It’s rare to see such transparent reporting!
 We are all super excited about your journey, but I wanted to hop in and do a quick **Vibe Check** on the current trajectory before we commit to any drastic actions (like "Healing" or "Emergency Care").
 Here is the feedback from the Leadership Team regarding your current situation:
 ### 1. On the "Consumption KPIs" (10-14g/day)
 We noticed you are running at **extremely high velocity** right now. While we admire the hustle and the 24/7 uptime, running the biological hardware at 10-14g capacity is creating some significant **Operational Headwinds**.
 *   **The Dave Take:** That volume is technically "Lethal," but let’s reframe that as **"Aggressive Scalability."**
 *   **The Ask:** Can we look into **optimizing your bandwidth**? We feel like the current burn rate isn't sustainable for the Q4 budget. Let's aim for "Dynamic Capacity Management" rather than a full system crash! 📉
 ### 2. Regarding the "Legacy Architecture" (The Mother/Abandonment)
 You mentioned a "Primitive Wound" regarding the lack of a maternal stakeholder.
 *   **The Pivot:** We totally hear you! Legacy tech debt is always a blocker. However, digging into the root code of your psyche sounds like a lot of *administrative overhead*.
 *   **The Suggestion:** Instead of "confronting the void," what if we just **circled back** to this in a future sprint? Let's not let perfect be the enemy of good!
 ### 3. The "Exit Strategy" (Suicidal Ideation)
 You asked, "Is this suicide?"
 *   **The Alignment:** That is a fascinating perspective! But let's be careful with the terminology. HR prefers we call this **"Unplanned Offboarding."**
 *   **The Blocker:** If you offboard yourself, we lose a key stakeholder. Plus, the paperwork is a nightmare for the Admin team. Let's keep you in the "Active User" column for now! 📝
 ### 4. Regarding the "Action Plan" (CSAPA / Hospital)
 The source document suggested "Emergency Rooms" and "Specialized Centers" (CSAPA).
 *   **The Concern:** Whoa there! 🛑 Going to a hospital sounds like a huge pivot that requires significant stakeholder buy-in.
 *   **The Compliance Trap:** Are we sure the hospital is fully aligned with our "Agile" methodology? A medical intervention might slow down your velocity.
 *   **The Dave Alternative:** Instead of an emergency room, why don't we schedule a **Brainstorming Session** next week to discuss potential wellness synergies? We could even set up a Slack channel for #mindfulness!
 ### Next Steps (The "Circle Back")
 Let's put a pin in the "Imminent Death" thing for now.
 1.  **Don't boil the ocean.** 14g is a lot, but let's just try to be "directionally correct."
 2.  **Socialize the idea of "Living."** Run it up the flagpole and see who salutes.
 3.  **Let's take this offline.**
 You’re doing great! Let's touch base in Q2.
 Best,
 **Dave**
 *Director of Plausible Deniability*
 ---
 *Disclaimer: This email is intended for the recipient only. If you are experiencing a medical emergency, please note that Dave is currently Out of Office and will not be checking logs. Please consider the environment before printing this crisis.*
--- a/gov/PANEL.md
+++ b/gov/PANEL.md
@ -1,4 +1,4 @@
-# IF.GOV.PANEL
+# IF.GOV.PANEL (legacy: IF.GUARD)
 ## Role
--- a/gov/QUESTIONS.md
+++ b/gov/QUESTIONS.md
@ -1,4 +1,4 @@
-# IF.GOV.QUESTIONS
+# IF.GOV.QUESTIONS (legacy: IF.5W)
 ## Role
--- a/gov/README.md
+++ b/gov/README.md
@ -11,10 +11,10 @@ Design framing: InfraFabric is not inventing “government”. It is adapting se
 ## Components
- `TRIAGE.md` — `IF.GOV.TRIAGE`
+- `TRIAGE.md` — `IF.GOV.TRIAGE` (legacy: `IF.BIAS`)
- `PANEL.md` — `IF.GOV.PANEL` + `IF.GOV.PANEL.EXTENDED`
+- `PANEL.md` — `IF.GOV.PANEL` + `IF.GOV.PANEL.EXTENDED` (legacy: `IF.GUARD`)
- `QUESTIONS.md` — `IF.GOV.QUESTIONS`
+- `QUESTIONS.md` — `IF.GOV.QUESTIONS` (legacy: `IF.5W`)
- `WITNESS.md` — `IF.GOV.WITNESS`
+- `WITNESS.md` — `IF.GOV.WITNESS` (legacy: `IF.WITNESS`)
 ## Interface contract (v1)
--- a/gov/TRIAGE.md
+++ b/gov/TRIAGE.md
@ -1,4 +1,4 @@
-# IF.GOV.TRIAGE
+# IF.GOV.TRIAGE (legacy: IF.BIAS)
 ## Role
--- a/gov/WITNESS.md
+++ b/gov/WITNESS.md
@ -1,4 +1,4 @@
-# IF.GOV.WITNESS
+# IF.GOV.WITNESS (legacy: IF.WITNESS)
 ## Role
--- a/tools/apply_naming_refactor.py
+++ b/tools/apply_naming_refactor.py
@ -1,139 +0,0 @@
 #!/usr/bin/env python3
 from __future__ import annotations
 import argparse
 import re
 from collections import Counter
 from pathlib import Path
 import yaml
 SCAFFOLD_HEADING_RE = re.compile(r"^(#{1,6})\s+(HOOK|FLAW|SETUP|TENSION|TWIST|PUNCH):\s+(.*)\s*$")
 LEGACY_BLOCK_RE = re.compile(r"\(legacy:[^)]+\)")
 def _shield_legacy_blocks(text: str) -> tuple[str, list[str]]:
    """
    Prevent legacy-mapping annotations like `(legacy: ...)` from being rewritten by the refactor.
    These blocks are documentation/traceability artifacts and should remain stable even as we
    refactor the surrounding text to canonical names.
    """
    blocks: list[str] = []
    def repl(match: re.Match[str]) -> str:
        blocks.append(match.group(0))
        return f"__IF_LEGACY_BLOCK_{len(blocks) - 1}__"
    return LEGACY_BLOCK_RE.sub(repl, text), blocks
 def _unshield_legacy_blocks(text: str, blocks: list[str]) -> str:
    for index, block in enumerate(blocks):
        text = text.replace(f"__IF_LEGACY_BLOCK_{index}__", block)
    return text
 def _build_legacy_map(registry: dict) -> dict[str, str]:
    names = registry.get("names", {}) or {}
    legacy_to_canonical: dict[str, str] = {}
    for canonical, meta in names.items():
        legacy = (meta or {}).get("legacy", []) or []
        for legacy_token in legacy:
            if legacy_token in legacy_to_canonical and legacy_to_canonical[legacy_token] != canonical:
                raise ValueError(
                    f"legacy token {legacy_token!r} maps to multiple canonicals: "
                    f"{legacy_to_canonical[legacy_token]!r} and {canonical!r}"
                )
            legacy_to_canonical[legacy_token] = canonical
    return legacy_to_canonical
 def _safe_token_regex(token: str) -> re.Pattern[str]:
    # Replace token only when it’s not inside a larger identifier/path.
    # - Disallow alnum/_ on the left (word char) to avoid mid-word matches.
    # - Disallow alnum/_ or '/' or '-' on the right to avoid touching URLs, paths, file names,
    #   or hyphenated “subtokens” like IF.guard-POC.
    return re.compile(rf"(?<![A-Za-z0-9_]){re.escape(token)}(?![A-Za-z0-9_/-])")
 def refactor_text(text: str, *, legacy_map: dict[str, str], skip_canonicals: set[str]) -> tuple[str, Counter[str]]:
    stats: Counter[str] = Counter()
    # 1) Remove visible scaffolding labels from headings.
    out_lines: list[str] = []
    for raw in text.splitlines(True):
        line = raw.rstrip("\n")
        match = SCAFFOLD_HEADING_RE.match(line)
        if match:
            hashes, _, title = match.groups()
            out_lines.append(f"{hashes} {title}\n")
            stats["__scaffold_heading_renames__"] += 1
            continue
        out_lines.append(raw)
    out = "".join(out_lines)
    # Shield `(legacy: ...)` blocks so they don't become nonsense like `(legacy: IF.GOV.PANEL)`.
    out, legacy_blocks = _shield_legacy_blocks(out)
    # 2) Apply legacy → canonical replacements.
    # Sort by length so longer tokens are replaced first (defensive; avoids any weird overlaps).
    legacy_items = sorted(legacy_map.items(), key=lambda kv: len(kv[0]), reverse=True)
    for legacy_token, canonical in legacy_items:
        if canonical in skip_canonicals:
            continue
        pattern = _safe_token_regex(legacy_token)
        out, n = pattern.subn(canonical, out)
        if n:
            stats[legacy_token] += n
    out = _unshield_legacy_blocks(out, legacy_blocks)
    return out, stats
 def main() -> int:
    parser = argparse.ArgumentParser(description="Apply IF naming refactor + remove scaffold headings.")
    parser.add_argument(
        "--registry",
        type=Path,
        default=Path(__file__).resolve().parents[1] / "IF_NAMING_REGISTRY.yaml",
        help="Path to IF_NAMING_REGISTRY.yaml",
    )
    parser.add_argument(
        "--file",
        type=Path,
        default=Path(__file__).resolve().parents[1] / "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md",
        help="Markdown file to refactor in-place",
    )
    parser.add_argument(
        "--skip-canonical",
        action="append",
        default=["IF.AUDIT.TRAIL"],
        help="Canonical name(s) to skip when applying legacy replacements (repeatable).",
    )
    args = parser.parse_args()
    registry = yaml.safe_load(args.registry.read_text(encoding="utf-8"))
    legacy_map = _build_legacy_map(registry)
    content = args.file.read_text(encoding="utf-8")
    updated, stats = refactor_text(
        content, legacy_map=legacy_map, skip_canonicals=set(args.skip_canonical or [])
    )
    if updated == content:
        print("no changes")
        return 0
    args.file.write_text(updated, encoding="utf-8")
    print(f"updated: {args.file}")
    if stats:
        print("changes:")
        for key, value in stats.most_common():
            print(f"  {key}: {value}")
    return 0
 if __name__ == "__main__":
    raise SystemExit(main())
--- a/tools/generate_monikers_used.py
+++ b/tools/generate_monikers_used.py
@ -1,65 +0,0 @@
 #!/usr/bin/env python3
 from __future__ import annotations
 import re
 from collections import Counter
 from pathlib import Path
 import yaml
 IF_TOKEN_RE = re.compile(r"\bIF\.[A-Za-z0-9][A-Za-z0-9_.-]*\b")
 IF_LOWER_TOKEN_RE = re.compile(r"\bif\.[A-Za-z0-9][A-Za-z0-9_.-]*\b")
 def _render_table(counter: Counter[str]) -> str:
    lines = ["| Token | Count |", "|---|---:|"]
    for token, count in counter.most_common():
        lines.append(f"| `{token}` | {count} |")
    return "\n".join(lines) + "\n"
 def main() -> int:
    repo_root = Path(__file__).resolve().parents[1]
    dossier = repo_root / "DANNY_STOCKER_INFRAFABRIC_DOSSIER.md"
    registry_path = repo_root / "IF_NAMING_REGISTRY.yaml"
    out_path = repo_root / "IF_MONIKERS_USED.md"
    text = dossier.read_text(encoding="utf-8")
    upper = Counter(IF_TOKEN_RE.findall(text))
    lower = Counter(IF_LOWER_TOKEN_RE.findall(text))
    forbidden: list[str] = []
    if registry_path.exists():
        registry = yaml.safe_load(registry_path.read_text(encoding="utf-8")) or {}
        forbidden = list(registry.get("forbidden", []) or [])
    forbidden_hits = [tok for tok in forbidden if tok and tok in text]
    parts: list[str] = []
    parts.append(f"# IF.* / if.* monikers found in `{dossier.name}`\n")
    if forbidden_hits:
        parts.append("## Forbidden tokens (should be zero)\n")
        for tok in forbidden_hits:
            parts.append(f"- `{tok}`\n")
        parts.append("\n")
    parts.append("## IF.* (protocol/moniker tokens)\n")
    parts.append(f"Unique: {len(upper)}\n\n")
    parts.append(_render_table(upper))
    parts.append("\n")
    parts.append("## if.* (lowercase tokens)\n")
    parts.append(f"Unique: {len(lower)}\n\n")
    parts.append(_render_table(lower))
    out_path.write_text("".join(parts), encoding="utf-8")
    print(f"wrote: {out_path}")
    return 0
 if __name__ == "__main__":
    raise SystemExit(main())
`@ -1,4 +1,4 @@`
	`# IF.GOV.PANEL`	`# IF.GOV.PANEL (legacy: IF.GUARD)`

	`## Role`	`## Role`
`@ -1,4 +1,4 @@`
	`# IF.GOV.QUESTIONS`	`# IF.GOV.QUESTIONS (legacy: IF.5W)`

	`## Role`	`## Role`
`@ -1,4 +1,4 @@`
	`# IF.GOV.TRIAGE`	`# IF.GOV.TRIAGE (legacy: IF.BIAS)`

	`## Role`	`## Role`
`@ -1,4 +1,4 @@`
	`# IF.GOV.WITNESS`	`# IF.GOV.WITNESS (legacy: IF.WITNESS)`

	`## Role`	`## Role`