ccf-core
ccf-core is the canonical CCF v1 Rust library for filed-Prov6 trust-update
and runtime-certificate primitives.
Install:
[]
= "1.0.1"
What It Provides
- QAC log-geodesic trust updates over strict-positive 3x3 matrices.
- Hard min-gate coupling:
C_eff = min(C_inst, C_ctx), thenalpha_t = rho(C_eff). - Runtime certificate computation from update matrices:
kappa_hat_t,E_t, dynamic floor, threshold, and fail-closed status. - Endpoint, precheck, forbidden-policy, context-isolation, envelope, partition, Sinkhorn-presentation, and no_std core surfaces used by the public v1 SpecFlow contracts.
#![no_std]and#![forbid(unsafe_code)]for the core crate.
Example
use ;
use ;
let prior_a_t = new;
let reference_r_t = new;
let alpha_t = 0.32;
let realized_a_next = qac_update_3x3
.expect;
let certificate = certify_update
.expect;
assert_eq!;
assert!;
Evidence And Limits
The v1 implementation was merged through branch-protected CI. The computed
runtime path was exercised on real Seed-class armv7l hardware by CI run
28032713872, Gate C job 82980476112, with the assertion
on_device_computed_certificate=PASS kappa_hat<1e-6 C_eff+E_t_evolve cross_consistent=PASS.
That evidence means the computed certificate runtime executed on real ARM hardware with driver-fed runtime input. It does not claim real sensor ingestion, direct device-store validation, universal safety, universal convergence, or production appliance readiness.
Public contract evidence lives under
docs2/contracts/ccf-core-v1/ in the repository.
License
BUSL-1.1. See the repository for the current license text and contract evidence.