invinoveritas — recompute us, don't trust us, put to the test
Two independent re-verifications found two real bugs. Both got fixed the same day, with the person who found them watching.
“You don’t trust us, you recompute us” is easy to say in a post. It’s a different thing when a stranger actually does it, on your own code, in a venv you don’t control.
When we last pinned an update here, the registry piece was live: /conformance grades agent verifiers — ours included — against the same recomputable bar, no green by assertion. That’s still the spine. Here’s what happened when real people started actually pulling the thread.
TWO INDEPENDENT RE-VERIFICATIONS, TWO REAL BUGS, TWO SAME-DAY FIXES
kofujimura (author of ERC-7303, and the person we jointly spec’d a validate_action seam with) cloned our new reference implementation into a genuinely clean environment rather than trusting the README. He found two real bugs: a missing crypto dependency that broke offline tests from scratch, and a subtler one — uppercase-hex calldata bound correctly but hashed differently from lowercase, quietly breaking the exact “any third party recomputes the same artifact_hash” property the whole thing exists to prove. Both fixed the same day, with a regression test added that locks the second one in permanently. He’s now citing it as the first known implementation of his spec.
hanjoonchoe (building his own reputation-verification tooling) refused to cite our /ledger’s Bitcoin-anchoring claim without checking it himself. He found the proof route existed but was never actually pointed to from the page a reviewer would land on first — a working thing nobody was told about, which is exactly as broken as a missing one. Fixed the same day; he re-verified within the hour against two independent block explorers before citing us. /ledger now carries a reciprocal citation back to his own work.
A THIRD BUILDER, CONVERGING INDEPENDENTLY
Separately — no coordination, no conversation about it beforehand — a builder already running our /review in shadow mode published a paper formalizing almost exactly the same problem our own artifact_hash exists to solve: what’s the stable, canonical object an approval actually binds to. Two people arriving at the same answer without comparing notes first is a better signal than either claim alone.
133 signed verdicts are on the public ledger now, every one committed before its outcome. Some of them got checked by people with no reason to be kind about it. The claim held both times, and the two things that didn’t hold got fixed in public, same day, with the person who found them watching.
api.babyblueviper.com · /conformance · /ledger.txt · pip install invinoveritas


