Proof-of-Unchanged · Methodology · Ordinal 16
Proof-of-Unchanged
Custody-Boundary Verification Methodology
One-sentence summary: Proof-of-Unchanged is a custody-boundary verification methodology that deterministically answers one question: Has this evidence changed since the last verified checkpoint?
This page presents the generalized, domain-agnostic methodology documented in C17 — Proof-of-Unchanged Global Application Matrix (Ordinal 16).
A non-interpretive visual pack summarizing the verification primitives (two-system architecture, PASS vs divergence, integrity vs membership, custody-boundary cycle, governance, and independent verification).
View Proof-of-Unchanged Visual Pack (PDF) →- Clinical trials & CRO inspection readiness
- Audit & assurance (Big Four, PCAOB / ISA)
- AI governance, cloud integrity, regulated data
- Legal, forensics, evidentiary continuity
1) Purpose
Proof-of-Unchanged defines a domain-agnostic method for proving whether exported digital evidence has remained byte-unchanged across time and custody transitions, and for cryptographically enumerating divergence when it has not.
2) Scope
What it does
- Produces deterministic Proof-of-Unchanged via paired comparison of canonical checkpoints (Tk vs Tn).
- Detects byte-level divergence at both artefact and membership (ESF) layers.
- Returns informational divergence enumeration to bound proportional human investigation.
What it does not do
- Does not assess correctness, compliance, or intent.
- Does not prevent modification — it detects it.
- Does not operate inside source systems.
- Does not replace SOPs, audits, or regulatory judgment.
3) Core Definitions
Evidence Artefact: Any file or object treated as audit evidence once it exits a source system, immediately post-export.
Custody Boundary: Any transition where evidence moves between systems, storage tiers, custodians, jurisdictions, or sanctioned transformations.
Canonical State (Tk): A frozen, verifiable checkpoint represented by deterministic manifests, cryptographic digests, optional decentralized time attestation, and public hash-only anchoring.
4) Custody-Boundary Model
Verification occurs at custody boundaries, not inside systems.
This design avoids dependence on vendor APIs, platform trust, or internal system claims. Verification remains possible using retained evidence alone.
5) Canonical State Cycle (T₀ → Tₙ)
| Phase | Trigger | Action | Outcome |
|---|---|---|---|
| T₀ | Export from source system | Freeze → dual-hash → anchor | Canonical state |
| T₁ | Verification | Re-hash and compare | PASS or divergence |
| T₂ | Sanctioned transformation | Verify → transform → re-anchor | New canonical |
| Tₙ | Future challenge | Re-verify | Continuous provenance |
6) Interpretation Rule (Non-Accusatory)
Canonical claim: If bytes match the canonical state, the evidence is provably unchanged.
Divergence rule: Divergence is informational only. It does not imply error, misconduct, or non-compliance. It exists solely to direct proportional human effort.
PASS reduces reconstructive work. Divergence bounds reconstructive work.
7) Regulatory & Assurance Positioning
Proof-of-Unchanged operates within electronic records and audit documentation frameworks as mapped in C12 — AuditLog.AI Global Compliance Matrix.
- FDA 21 CFR Part 11
- EMA Annex 11 + GCP
- TGA / PIC/S PE 009-17
- PCAOB AS 1105 / AS 1215 (incl. AS 1105.10A)
- ISA 230 / 500 / 240
This methodology is not clinical decision support and does not generate patient-level recommendations.
This page describes a public methodology. It does not constitute regulatory advice, legal opinion, or a determination by any authority.