edut/web
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
8f349a899a
web/docs/conformance/membership-gating-vectors.md

142 lines
4.0 KiB
Markdown
Raw Blame History

# EDUT Membership and Entitlement Gating Conformance Vectors (v1)
This document defines deterministic pass/fail vectors for membership-gated commerce.
## Vector Group A: Wallet Intent and Signature
1. A1 `intent_success`
- Given valid wallet address, origin, and chain
- When `POST /secret/wallet/intent` is called
- Then status is `pending_signature` and nonce+deadline are returned
2. A2 `intent_replay_blocked`
- Given an already consumed `intent_id`
- When verify is called again
- Then request is rejected and state does not regress
3. A3 `signature_address_mismatch`
- Given signature recovered to wallet X and request address wallet Y
- When verify executes
- Then state becomes `rejected` and no membership quote is issued
4. A4 `intent_expired`
- Given intent past deadline
- When verify executes
- Then result is `intent_expired`
## Vector Group B: Membership Mint Activation
1. B1 `quote_requires_verified_signature`
- Given designation not in `signature_verified`
- When quote is requested
- Then quote is denied
2. B2 `quote_expired`
- Given quote past deadline
- When confirm is called
- Then membership remains inactive
3. B3 `confirm_tx_success`
- Given valid tx hash with expected currency/amount/recipient
- When confirm executes
- Then state transitions to `membership_active`
4. B4 `confirm_tx_wrong_amount`
- Given tx amount does not match quote
- When confirm executes
- Then state remains `pending_membership_mint`
5. B5 `confirm_tx_wrong_recipient`
- Given tx recipient is not membership contract
- When confirm executes
- Then state remains `pending_membership_mint`
6. B6 `confirm_wrong_chain`
- Given tx on disallowed chain
- When confirm executes
- Then request fails closed
## Vector Group C: Checkout Membership Gate
1. C1 `checkout_block_no_membership`
- Given wallet with no active membership
- When checkout quote is requested
- Then checkout is denied
2. C2 `checkout_allow_active_membership`
- Given wallet with active membership
- When checkout quote is requested
- Then quote is returned
3. C3 `checkout_block_suspended_membership`
- Given suspended membership
- When checkout is requested
- Then checkout is denied
4. C4 `checkout_block_revoked_membership`
- Given revoked membership
- When checkout is requested
- Then checkout is denied
## Vector Group D: Entitlement Activation Gate
1. D1 `activation_allow_active_entitlement`
- Given entitlement state `ACTIVE`
- When runtime activation is requested
- Then activation succeeds
2. D2 `activation_block_suspended`
- Given entitlement state `SUSPENDED`
- When runtime activation is requested
- Then activation fails closed
3. D3 `activation_block_revoked`
- Given entitlement state `REVOKED`
- When runtime activation is requested
- Then activation fails closed
4. D4 `activation_block_expired`
- Given entitlement state `EXPIRED`
- When runtime activation is requested
- Then activation fails closed
## Vector Group F: Ownership Wallet vs Payment Wallet
1. F1 `quote_allow_distinct_payer_with_proof`
- Given ownership wallet A, payer wallet B, and valid ownership proof
- When checkout quote is requested
- Then quote is issued for ownership wallet A and records payer wallet B
2. F2 `quote_block_distinct_payer_without_proof`
- Given ownership wallet A and payer wallet B without ownership proof
- When checkout quote is requested
- Then quote is denied
## Vector Group E: Evidence Integrity
1. E1 `receipt_fields_complete`
- Every successful membership and purchase receipt contains:
- wallet
- membership status snapshot
- offer_id
- policy_hash
- quote_id
- tx_hash
- chain_id
- entitlement_id (for purchase)
2. E2 `receipt_hash_stable`
- Given identical input payload
- Receipt hash must be identical across replays
3. E3 `audit_non_regression`
- Once state reaches `membership_active`, audit log cannot be removed or mutated without append-only evidence entry
## Pass Criteria
A build is conformant only when all vectors pass.
## Fail-Closed Rule
Any uncertainty in chain confirmation, quote validity, policy hash, or state sync must block activation/purchase by default.
Reference in New Issue View Git Blame Copy Permalink