Documentation

Frozen schemas

Three structures are frozen: changing any field requires a suite-version bump and a new verifier, never an in-place edit. The freeze is what makes trust-tier upgrades pure verifier substitution. Machine-readable JSON Schemas ship in the protocol repositories.

Claims manifest (drydock/manifest/v1)

The founder's binding declaration of the token: name, symbol, decimals, total supply, the full allocation split, powers (mintPostConstructor and upgrade must befalse in suite v1), tax bounds, build settings, ABI-encoded constructor args, and the property class (A: template tier with semantic guarantees; B: open tier, syntactic only). Committed on-chain as hM = keccak256(canonicalJson(manifest)) per RFC 8785.

Journal

{ hS, hM, compilerVersion, nSLOC, hI, hB, propertyBitmap, suiteVersion }

What every verification tier attests: the guest read source hashing to hS and a manifest hashing to hM, ran the pinned compiler, produced initcode hashing tohI and runtime bytecode hashing to hB, counted nSLOC by the rate card's rule, and evaluated the property suite. On-chain identity:keccak256(abi.encode(journal)). Byte-identical at T0, T1, and T2.

Report trailer

{ engagementId, reportHash, hSFinal, critical, high, medium, low }

A machine-readable block the auditor embeds verbatim in the final report and signs via EIP-712 (domain DrydockEscrow, version 1, the escrow as verifying contract).engagementId = keccak256(escrow ‖ hM) binds the report to one campaign;hSFinal names the exact audited bundle, which CP4 must re-prove.

Property suite v1

Tier A (semantic; template campaigns): fixed supply, no mint post-constructor, no owner, no pause, no upgrade, tax within declared bounds, no transfer hooks — by construction of a pre-audited template plus an instantiation check.Tier B (syntactic; arbitrary source): pinned compiler, opcode absences (SELFDESTRUCT, DELEGATECALL, CALLCODE), declared selector set, bytecode binding. Tier B bits render with the qualifier "syntactic" everywhere, because that is all they are: semantic assurance for arbitrary code is what the human audit is for.