Architecture Attestation

Vauban architecture publique attestée. Pour la profondeur strategist Pair 1 (76K), voir docs/architecture/proof-stack/00-vision-framework.md (RETAINED inchangé).

4 Piliers Non-Négociables

Pilier	Garantie	Evidence
ZK Privacy-First	Aucune donnée sensible on-chain non chiffrée	Commitment schemes Poseidon hash + salt, ZK redaction selective disclosure
Post-Quantum (STARKs)	Algos résistants quantum uniquement	STARKs only (no SNARKs Groth16/PLONK), Stwo prover, SHARP prover Starknet native
Zero Trust	Vérification systématique, jamais d’implicite	OAuth 2.1 + DPoP RFC 9449 + JWT ES256, MCP tool input strict + allowlist
Sovereignty	Exit plan documenté chaque dépendance externe	Self-hosted infrastructure prioritaire, fork-able open-source dependencies, no SaaS lock-in Phase 0

Vauban Proof Stack Framework (PSF) Sextuplet

Element	Définition	Implémentation référence
Sujet (S)	L’entité dont la claim est faite	user, transaction, agent, document
Prédicat (P)	La propriété asserted	vérifié, signé, anchored, transferred
Évidence (E)	La preuve cryptographique	signature ES256, ZK proof STARK, Merkle path
Cadre temporel (T)	La validité temporelle	issued_at, expires_at, revocation status
Masque révélation (M)	Privacy filter	selective disclosure, ZK redaction, full reveal
Ancrage (A)	Anchor on-chain	Cairo MerkleAnchor Starknet mainnet (sprint-483 sealed pattern)

6 Propriétés Non-Négociables PSF

Toute instance PSF dans tout produit Vauban garantit :

Auditable ; chain of custody complete, queryable post-hoc
Verifiable ; independently verifiable sans accès produit (open-source verifier)
Composable ; claims can be chained (claim A = predicate of claim B)
Privacy-preserving ; selective disclosure default, ZK redaction available
Post-quantum ; STARKs only
Sovereignty-preserving ; exit plan documented, no vendor lock-in

Reference Implementation

sprint-483 universal proof-layer (sealed 2026-04-23, 10/10 tasks) :

proof_anchor_leaf PostgreSQL table
TypeScript SDK @vauban-org/proof-anchor (Phase 2+ public release)
Cairo MerkleAnchor.cairo contract (Starknet mainnet, tx confirmé 0x4262d48...)
Python verifier vauban_proof_verifier (Phase 2+ open-source)

Pattern propagation : sprint-483 = canonical reference implementation pour toutes futures instances per-product (per governance/architecture/per-product-instances.md).

Tripartite Governance-as-Code (GaC)

Layer	Role	Tech Stack
L1 Sémantique	Authority Layer	Versioned Git docs (`governance/strategy/`, `governance/decisions/`, `governance/charters/`)
L2 Agentique	Execution Layer	`.claude/rules/` (39 rules) + `.claude/skills/` (10 skills) + Cedar policies + OPA Rego + Microsoft Agent Governance Toolkit (Phase 1+)
L3 Protocolaire	Immutability Layer	Cairo MerkleAnchor on Starknet mainnet (sprint-483 sealed)

Cryptographic Stack

Signatures : ES256 (P-256 ECDSA) for JWT, SNIP-12 for Starknet wallet
Hashes : Poseidon (privacy-critical, ZK-friendly), Pedersen (legacy compat only)
ZK proofs : STARKs via Stwo + SHARP prover (Starknet native)
Transport : TLS 1.3
Auth : OAuth 2.1 + DPoP RFC 9449

Smart Contract Stack

Cairo OZ 2.0.0 (audited)
Starknet mainnet + sepolia (RPC vauban.tech endpoints)
Stwo prover post-quantum
AVNU paymaster (per ADR-ECO-010 USE Starknet primitives, paymaster-cairo deprecated sunset Phase 1)
StarkZap provider (per ADR-ECO-010)

Per-product PSF instances

Voir governance/architecture/per-product-instances.md pour table 14 produits × PSF instance status.

L3 anchoring active : 6/14 (Brain Protocol, Glacis Protocol, Vauban Finance, Rempart, Starknet MCP, Intent Engine).

Cross-references

Canonical : governance/architecture/00-vision-framework-canonical.md
Per-product instances : governance/architecture/per-product-instances.md
Deep strategist Pair 1 (76K) : docs/architecture/proof-stack/00-vision-framework.md (RETAINED)
Compliance : compliance.md
Security : security.md
Governance attestation : governance-attestation.md