## Canonical Broad Audit Contract
- DSFB emits one canonical broad audit rather than primary profile-specific reports.
- The audit keeps one shared evidence set and one shared denominator, then renders domain and standards interpretations as conclusion lenses at the end of the report.
- The locked score method is `dsfb-assurance-score-v1` with one overall score plus visible advisory subscores.
- The score is a broad code-improvement and review-readiness target for Rust developers.
- The score is not runtime correctness, not a certification result, and not a standards certificate.
- The DSFB audit includes standards- and certification-relevant structural checks, but it does not certify compliance with IEC, ISO, RTCA, MIL, NIST, or other standards.
- The report contract includes remediation guidance, verification suggestions, evidence IDs, SARIF, in-toto, DSSE, and static-to-runtime prior derivation.