Not Magic

lib/admin-auth.ts: large addition (37 lines added)
Not Magic does not grant security for release readiness.
Source: lib/admin-auth.ts: large addition (37 lines added) — in lib/admin-auth.ts
Receipt: 5 stamps, wall held, ecs_linux, chain #137.
judgment
2 concerns. 2 open questions. 1 point looks stable.
What changed: 2 concerns, 2 open questions, 1 stable
5 stamps · wall held · ecs_linux

What this relies on

What raw work entered?
1 declared input
Show
9ab5ea1c8caa25f5e0f477ac...
What produced this?
chamber 1f42c117333f...
Show
Perception: heuristic
Execution: deterministic
Chamber: 1f42c117333f6f985b0ed658...
Did the run bind input to output?
5 stamps, wall held
Show
1tagger6b7f4fe01460...
2mother_types757f039a8459...
3sieve2ecaa1071d73...
4governanceb0b3c27360c7...
5projection34361198a768...
tip: 34361198a768a755fff1...
What admitted or rejected it?
check chain entry for gate provenance
Show
Gate provenance is recorded in the chain entry, not in the block itself. View history
What was resolved or left open?
3 unresolved scopes, 1 resolved
Show
Does not grant
securitytestinggeneral
Grants
changed files inspected
Open questions
+ +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ??
+ */ +export function isAdmin(headers: Headers): boolean { + const bearer = getH... — how does this affect + +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ???
What custody boundary touched it?
ecs_linux, signing: none
Show
Host: ecs_linux
Local signing: none
Assurance: device_bound
No device signature attached
Where is this in order?
block 2e0990145696...
Show
block_id: 2e0990145696dcba4edcc8142fe1770e1ba7e4cc18dc6162e3712e0e65e24542
View full history →
Raw block data 
{
  "block_id": "2e0990145696dcba4edcc8142fe1770e1ba7e4cc18dc6162e3712e0e65e24542",
  "declared_inputs": [
    "9ab5ea1c8caa25f5e0f477ac0ddc7e4fb571c3d891d5cfd04f1e766b01a6b167"
  ],
  "governed_output": {
    "contract": {
      "does_not_grant": [
        {
          "reason": "lib/admin-auth.ts: large addition (37 lines added)",
          "scope": "security"
        },
        {
          "reason": "No test delta: Behavior changed in lib/admin-auth.ts with no relevant test delta",
          "scope": "testing"
        },
        {
          "reason": "No test delta: Behavior changed in lib/admin-auth.ts with no relevant test delta",
          "scope": "security"
        },
        {
          "reason": "+ +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ??",
          "scope": "general"
        },
        {
          "reason": "+ */ +export function isAdmin(headers: Headers): boolean { + const bearer = getH... \u2014 how does this affect + +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ???",
          "scope": "general"
        }
      ],
      "downstream_may_rely_on": [
        "Code-evidence inspection: 1 changed file inspected"
      ],
      "downstream_must_not_rely_on": [
        "lib/admin-auth.ts: large addition (37 lines added)",
        "No test delta: Behavior changed in lib/admin-auth.ts with no relevant test delta",
        "No test delta: Behavior changed in lib/admin-auth.ts with no relevant test delta",
        "+ +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ??",
        "+ */ +export function isAdmin(headers: Headers): boolean { + const bearer = getH... \u2014 how does this affect + +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ???"
      ],
      "grants": [
        {
          "basis": "Code-evidence inspection: 1 changed file inspected",
          "scope": "changed_files_inspected"
        }
      ],
      "resolved_scopes": [
        "changed_files_inspected"
      ],
      "unresolved_scopes": [
        "security",
        "testing",
        "general"
      ]
    },
    "findings": [
      {
        "because": "Diff structural signal: large addition.",
        "drillback": {
          "confidence": 0.5,
          "epistemic_event": "",
          "mother_type": "UNCERTAINTY",
          "subtype": "large_addition"
        },
        "judgment": "lib/admin-auth.ts: large addition (37 lines added)",
        "what_to_do": "Review the change.",
        "where": {
          "added": 37,
          "file": "lib/admin-auth.ts",
          "removed": 0,
          "text": "lib/admin-auth.ts: large addition (37 lines added)"
        }
      },
      {
        "because": "Behavior changed but no test file was modified.",
        "drillback": {
          "confidence": 0.75,
          "epistemic_event": "",
          "mother_type": "UNCERTAINTY",
          "subtype": "test_gap"
        },
        "judgment": "No test delta: Behavior changed in lib/admin-auth.ts with no relevant test delta",
        "what_to_do": "Add or update tests.",
        "where": {
          "files": [
            "lib/admin-auth.ts"
          ],
          "text": "Behavior changed in lib/admin-auth.ts with no relevant test delta"
        }
      }
    ],
    "input_kind": "mixed",
    "open_questions": [
      {
        "because": "Explicitly raised as a question.",
        "drillback": {
          "kind": "OpenQuestion",
          "laws_applied": [],
          "motif": "",
          "state": "open"
        },
        "judgment": "+ +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ??",
        "what_to_do": "Answer or resolve.",
        "where": {
          "char_offset": [
            581,
            636
          ],
          "clause_id": "c8",
          "text": "+ +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ??"
        }
      },
      {
        "because": "Explicitly raised as a question.",
        "drillback": {
          "kind": "OpenQuestion",
          "laws_applied": [],
          "motif": "",
          "state": "open"
        },
        "judgment": "+ */ +export function isAdmin(headers: Headers): boolean { + const bearer = getH... \u2014 how does this affect + +const ADMIN_TOKEN = process.env.SHAPE_ADMIN_TOKEN ???",
        "what_to_do": "Answer or resolve.",
        "where": {
          "char_offset": [
            1139,
            1279
          ],
          "clause_id": "c18",
          "text": "+ */ +export function isAdmin(headers: Headers): boolean { + const bearer = getHeader(headers, \"authorization\")?.replace(/^Bearer\\s+/i, \"\");"
        }
      }
    ],
    "stable_points": [
      {
        "because": "The chamber walked the diff and produced findings.",
        "drillback": {
          "confidence": 0.9,
          "epistemic_event": "",
          "mother_type": "WITNESS",
          "subtype": "code_evidence_recorded"
        },
        "grants": [
          "changed_files_inspected"
        ],
        "judgment": "Code-evidence inspection: 1 changed file inspected",
        "where": {
          "files": [
            "lib/admin-auth.ts"
          ],
          "text": "Code-evidence inspection: 1 changed file inspected"
        }
      }
    ],
    "summary": "2 concerns. 2 open questions. 1 point looks stable."
  },
  "kind": "judgment",
  "metadata": {
    "chamber_hash": "1f42c117333f6f985b0ed6583a6c5a591ebf8be273e172f20f6d03745d9f059c",
    "execution_class": "deterministic",
    "host_claims": {
      "assurance_class": "device_bound",
      "executor_mode": "subprocess",
      "host_class": "ecs_linux",
      "kernel_recognized": false,
      "measurement_mode": "none",
      "signing_mode": "none"
    },
    "perception_mode": "heuristic",
    "security_mode": "soft"
  },
  "receipt_bundle": {
    "attestation_hash": "6a70186a69edff90bcdc720b60978bf85d673ca3d294fa7887e0e656e6e97fc1",
    "receipt_chain": {
      "chain_length": 5,
      "stamps": [
        {
          "domain": "tagger",
          "fn_hash": "065a25c9e46f5d1a1fdb92d9312db5c4d27aa3e25fb750a33efa5a02c7e4b3f6",
          "input_hash": "9ab5ea1c8caa25f5e0f477ac0ddc7e4fb571c3d891d5cfd04f1e766b01a6b167",
          "output_hash": "241e4364952971ea1ba335e8f2dd19baa601e5a3f4a40bf3b766914790d92649",
          "prev_stamp_hash": "aeebad4a796fcc2e15dc4c6061b45ed9b373f26adfc798ca7d2d8cc58182718e",
          "schema": "substrate.stamp.v1",
          "stamp_hash": "6b7f4fe01460a7263ad5a225254a1e1ebd1d8fe9785db510771dcea76955143f"
        },
        {
          "domain": "mother_types",
          "fn_hash": "8d89855f68be02018d738f2b2f70459d5cd19c72ba79c93928cdaea0edd1594d",
          "input_hash": "241e4364952971ea1ba335e8f2dd19baa601e5a3f4a40bf3b766914790d92649",
          "output_hash": "582e6ac8c886cab8a45b76b6fba652de314d869340b9145134f13eb6057681c3",
          "prev_stamp_hash": "6b7f4fe01460a7263ad5a225254a1e1ebd1d8fe9785db510771dcea76955143f",
          "schema": "substrate.stamp.v1",
          "stamp_hash": "757f039a845925f533b93402267e31b70e9404fefddc71424b97d58d92b9c55b"
        },
        {
          "domain": "sieve",
          "fn_hash": "7d70444b7c5e6101e1fdbbcf16a8489c54506c8ce07967203704cf55f4a18868",
          "input_hash": "6c2fe995df956539d114a6d5bfe2d53825642b4bcfaf28a1909281cf67c54fa5",
          "output_hash": "fcc96121be31632367753388167e1b45f3be3c59d3d6f9d43a4bf7edded06d1d",
          "prev_stamp_hash": "757f039a845925f533b93402267e31b70e9404fefddc71424b97d58d92b9c55b",
          "schema": "substrate.stamp.v1",
          "stamp_hash": "2ecaa1071d73f28a40acb9149a2aecf85d968328e24355c760f5356a622d04af"
        },
        {
          "domain": "governance",
          "fn_hash": "26659baf9b00aafe787ef01beafc21c332fc5f44118df6c4d9c281bd97dfff60",
          "input_hash": "2ecaa1071d73f28a40acb9149a2aecf85d968328e24355c760f5356a622d04af",
          "output_hash": "12a1778a73056c422dab7e948c661e59d0b70503cec7e7d29d760479068271dd",
          "prev_stamp_hash": "2ecaa1071d73f28a40acb9149a2aecf85d968328e24355c760f5356a622d04af",
          "schema": "substrate.stamp.v1",
          "stamp_hash": "b0b3c27360c70c0fa4114b88ad500d7c9bbbb8416b1fb3a68e033456a38a1c93"
        },
        {
          "domain": "projection",
          "fn_hash": "b22c482ee299d31ed57070279db6584a5a91886ee992a115db1198a60195bc3a",
          "input_hash": "12a1778a73056c422dab7e948c661e59d0b70503cec7e7d29d760479068271dd",
          "output_hash": "6f62aaba5faeedca0a000f7ad268a421ebc514a1dbe44277920da7e5812aad84",
          "prev_stamp_hash": "b0b3c27360c70c0fa4114b88ad500d7c9bbbb8416b1fb3a68e033456a38a1c93",
          "schema": "substrate.stamp.v1",
          "stamp_hash": "34361198a768a755fff18e29938ae39845b58ddedbb0d7e03501d5046a9bcc06"
        }
      ],
      "tip_hash": "34361198a768a755fff18e29938ae39845b58ddedbb0d7e03501d5046a9bcc06"
    },
    "wall_state": "held"
  },
  "status": "candidate"
}
← Report · History →