edut/web

Joshua 669e01da31 Add conformance vectors for membership and entitlement gating

2026-02-17 11:45:14 -08:00

3.6 KiB

Raw Blame History

EDUT Membership and Entitlement Gating Conformance Vectors (v1)

This document defines deterministic pass/fail vectors for membership-gated commerce.

Vector Group A: Wallet Intent and Signature

A1 intent_success

Given valid wallet address, origin, and chain
When POST /secret/wallet/intent is called
Then status is pending_signature and nonce+deadline are returned

A2 intent_replay_blocked

Given an already consumed intent_id
When verify is called again
Then request is rejected and state does not regress

A3 signature_address_mismatch

Given signature recovered to wallet X and request address wallet Y
When verify executes
Then state becomes rejected and no membership quote is issued

A4 intent_expired

Given intent past deadline
When verify executes
Then result is intent_expired

Vector Group B: Membership Mint Activation

B1 quote_requires_verified_signature

Given designation not in signature_verified
When quote is requested
Then quote is denied

B2 quote_expired

Given quote past deadline
When confirm is called
Then membership remains inactive

B3 confirm_tx_success

Given valid tx hash with expected currency/amount/recipient
When confirm executes
Then state transitions to membership_active

B4 confirm_tx_wrong_amount

Given tx amount does not match quote
When confirm executes
Then state remains pending_membership_mint

B5 confirm_tx_wrong_recipient

Given tx recipient is not membership contract
When confirm executes
Then state remains pending_membership_mint

B6 confirm_wrong_chain

Given tx on disallowed chain
When confirm executes
Then request fails closed

Vector Group C: Checkout Membership Gate

C1 checkout_block_no_membership

Given wallet with no active membership
When checkout quote is requested
Then checkout is denied

C2 checkout_allow_active_membership

Given wallet with active membership
When checkout quote is requested
Then quote is returned

C3 checkout_block_suspended_membership

Given suspended membership
When checkout is requested
Then checkout is denied

C4 checkout_block_revoked_membership

Given revoked membership
When checkout is requested
Then checkout is denied

Vector Group D: Entitlement Activation Gate

D1 activation_allow_active_entitlement

Given entitlement state ACTIVE
When runtime activation is requested
Then activation succeeds

D2 activation_block_suspended

Given entitlement state SUSPENDED
When runtime activation is requested
Then activation fails closed

D3 activation_block_revoked

Given entitlement state REVOKED
When runtime activation is requested
Then activation fails closed

D4 activation_block_expired

Given entitlement state EXPIRED
When runtime activation is requested
Then activation fails closed

Vector Group E: Evidence Integrity

E1 receipt_fields_complete

Every successful membership and purchase receipt contains:
- wallet
- membership status snapshot
- offer_id
- policy_hash
- quote_id
- tx_hash
- chain_id
- entitlement_id (for purchase)

E2 receipt_hash_stable

Given identical input payload
Receipt hash must be identical across replays

E3 audit_non_regression

Once state reaches membership_active, audit log cannot be removed or mutated without append-only evidence entry

Pass Criteria

A build is conformant only when all vectors pass.

Fail-Closed Rule

Any uncertainty in chain confirmation, quote validity, policy hash, or state sync must block activation/purchase by default.