Security • Integrity Model

Tamper-evident by design

NeuroPoS is a trust-grade integrity pipeline: deterministic derivations, cryptographic commitments, publisher signatures, and optional on-chain anchoring — enabling independent verification without centralized trust.

Threat model Trust boundaries Disclosure
We guarantee
  • Tamper evidence: any mutation changes hashes/roots/signatures.
  • Reproducibility: same finalized inputs produce the same outputs.
  • Independent verification: you can verify without trusting NeuroPoS servers.
  • Clear provenance: published artifacts are bound to a signed trust policy.
We do NOT claim
  • Intent attribution or guilt (“who is bad”).
  • Protocol-level security guarantees (economic / governance attacks).
  • Slashing decisions or punishment mechanisms.
  • Real-time monitoring accuracy (NeuroPoS is finalized/range-scoped).
Threat model
What the design detects or mitigates, and what is explicitly out of scope.
Threats addressed
  • API manipulation (proof mismatch reveals tampering)
  • Storage tampering (content-addressed hashes fail)
  • Dataset mutation (Merkle roots diverge)
  • Serialization ambiguity (canonical bytes prevent drift)
  • Single RPC drift (quorum inputs reduce single-source errors)
Out of scope
  • Consensus-level economic attacks
  • Governance/social attacks
  • Collusion beyond the observable finalized data
  • Attributing intent or “blame”
Trust boundaries
No single component is trusted alone. Integrity is established through reproducible computation + cryptographic commitments. 
[ RPC Providers ]          (untrusted individually)
		  ↓
  [ Quorum collector ]       (strict 2/3 policy over finalized artifacts)
		  ↓
  [ Deterministic derivations ] (pure functions; canonical ordering; fixed-point rules)
		  ↓
  [ Merkle commitments ]     (roots_v2)
		  ↓
  [ Checkpoint hash ]        (canonical serialization → stable bytes)
		  ↓
  [ Publisher signatures ]   (verified via trust_store.json, KID-only)
		  ↓
  [ Optional on-chain anchor ] (envelope_hash + trust_store_hash)
		  ↓
  [ Verifier ]               (independent; can run offline with mirrored blobs)
Key point: If any layer lies or mutates data, verifiers detect it via mismatched hashes/roots/signatures (and anchoring, if used).
Trust store & key governance
Trust is explicit: keys are referenced by KID, policies are versioned, and rotation is safe.
KID-only identity
Verifiers pin keys by KID from trust_store.json, not by mutable labels.
Policy-driven signatures
Signature requirements are defined by policy (e.g., hybrid + required).
Rotation-safe
New keys can be introduced without changing verifier code; policy changes are explicit.
Anchoring can pin policy
On-chain anchoring may include trust_store_hash to bind the verification policy to time.
On-chain anchoring (optional)
Anchoring adds an independent public timestamp and immutability check. Proofs remain verifiable without anchoring.
  • Anchoring commits to envelope_hash (bundle/manifest/checkpoint/roots) and optionally trust_store_hash.
  • Verifiers recompute envelope_hash locally and compare with on-chain values.
  • Reorg/confirmation policy is part of the anchoring worker state machine.
Neutrality & anti-shaming policy
Evidence-first does not mean harassment-first. Defaults are designed to avoid “name-and-shame” dynamics.
No public rankings
No leaderboards of “bad validators”. Signals are range-scoped.
Neutral language
Outputs are “verified / mismatch / requires review”, not accusations.
Evidence portability
Proof references allow operators and auditors to verify and discuss facts.
Range context
Every signal is tied to a specific epoch/range (context-first, not blame-first).

IP notice

NeuroPoS includes proprietary techniques for deterministic derivations and scoring. Client-side UI does not ship proprietary formulas; verification relies on cryptographic commitments and reproducible evidence.

  • Certain pipeline components, including aspects of scoring/derivation methods and their parameterization, may be subject to one or more patent applications.
  • This notice does not grant any license. Any rights are reserved to the extent permitted by applicable law.
  • NeuroPoS avoids exposing proprietary scoring logic in the browser; the UI renders results returned by the API along with evidence fields, model identifiers, and hashes.
  • Independent verification remains possible: recompute commitments and validate signatures/anchoring—without relying on hidden client-side logic.
Transparency boundary: We publish verifiable commitments, roots, and proof references. We do not publish proprietary scoring formulas client-side.
“Patent pending” means an application may be filed and/or pending; it does not imply that a patent has been granted.
What is verifiable vs proprietary
Verifiable (public contract)
  • Bundle hash (content-addressed)
  • Merkle roots + checkpoint hash
  • Publisher signatures + trust store policy
  • Optional on-chain anchoring hashes
Proprietary (not shipped in UI)
  • Scoring/weighting formula internals
  • Parameterization beyond published hashes
  • Non-essential heuristics not required for verification
  • Implementation details outside the verification contract
For IP/licensing inquiries: ip@neuropos.io
Responsible disclosure
If you find a vulnerability or integrity issue, report it with minimal public exposure.
Security contact
security@neuropos.io
What to include
Repro steps, affected endpoints/pages, expected vs observed behavior, and any proof references.
Policy: Coordinated disclosure. Fix first, publish details after mitigation. No public blame.