# SPARTAN Sample Capsule v0.1 — Claims and Non-Claims

This document is the explicit, line-by-line list of what SPARTAN Evidence Capsule v0.1 claims about the bundled `evidence.tar.gz`, and what it deliberately does not claim.

The honesty of the non-claims block is a load-bearing part of the product. If you find a SPARTAN surface — website, deck, doc, demo — that contradicts this list, treat that surface as wrong, not this list.

## What this capsule claims

Each claim below is supported and locally checkable today. `spartan capsule verify evidence.tar.gz` reports the outcome on a per-level basis.

| Claim | Verification level | How to check |
|---|---|---|
| **Capsule structure can be verified.** Every file declared in `manifest.json` exists on disk, sizes match, SHA-256 hashes match, no forbidden filenames are present, and the recomputed `content_root_hash` matches the manifest. | `STRUCTURE: PASS` | `spartan capsule verify evidence.tar.gz` |
| **Redaction residue checks passed.** The two-pass residue scan finds nothing forbidden (no local paths, hostnames, usernames, git remotes, or suspected-secret patterns) across every JSON file rendered or referenced by `spartan capsule view`. | `REDACTION: PASS` | Same command |
| **Audit digest is internally consistent.** The audit digest's `algorithm` is `sha256`, every entry has non-empty `event_id` / `event_hash` / `chain_hash`, and `digest_root_hash` recomputes from the sorted entries. | `AUDIT_DIGEST: PASS` | Same command |
| **Static report renders from the verified capsule.** `spartan capsule view evidence.tar.gz --format html --out report.html` produces a static HTML document that only renders content from a capsule that verified cleanly. The bundled `report.html` is the literal output of this command. | n/a (renderer property) | Open `report.html` in any browser; verify there is no `<script>` tag and no external `http://` or `https://` asset reference |

## What this capsule does NOT claim

| Non-claim | Verification surface | Why |
|---|---|---|
| **Not signed.** SPARTAN does not sign Capsule v0.1. There is no operator signature, no signing key, and no trust-root assumption. A recipient cannot infer who built this capsule. | `SIGNATURE: NOT_PRESENT` | Capsule v0.1 has no signing layer. Reserved as a verification level for a future schema. |
| **Not replay-bearing.** This capsule does not contain the validator container image, the runtime artifact bundle, or replay tuples. A recipient cannot re-execute the validators against the original repository state from this capsule alone. | `REPLAY: NOT_PRESENT` | Same — reserved level. SPARTAN's separate `spartan replay-verify` flow operates against persisted runs and runtime artifact bundles, not against capsules. |
| **Not hermetic execution.** SPARTAN's hermetic-execution and hermetic-replay specifications are `DESIGN_ONLY / NON_AUTHORIZING`. This capsule does not assert hermetic execution. | n/a | See `docs/spartan/hermetic_*.md` in the SPARTAN source. |
| **Not compliance certification.** This capsule is not a SOC 2, ISO 27001, PCI, HIPAA, or any other compliance attestation. It is evidence; compliance is a separate process performed by an auditor. | n/a | SPARTAN packages evidence. It does not audit. |
| **Not production / deploy gating.** Building or verifying this capsule does not block, gate, or alter any deploy, PR, promotion, or trade in any system. | n/a | The capsule has no live-system effect. |
| **Not universal DLP.** SPARTAN's redaction is a configured pattern set (paths, hostnames, usernames, git remotes, and a known-pattern denylist of suspected secrets). It is not a generic DLP engine. AWS secret keys, for example, are detected only when adjacent to a known label. | n/a (limitation) | See the reviewer brief's known-limitations section for the full list. |
| **Not a vulnerability scanner replacement.** SPARTAN packages findings produced by other tools (or by SPARTAN's own bounded validator set); it is not a substitute for Semgrep, Snyk, GitHub code scanning, SonarQube, or any other dedicated scanner. | n/a (positioning) | The product boundary at `docs/spartan/PRODUCT_BOUNDARY.md` is explicit on this. |

## What "PASS" means and what it does NOT mean

`STRUCTURE: PASS` means the bytes on disk match the bytes the builder wrote. It does not mean the capsule is signed, it does not mean the underlying repository is secure, and it does not mean a human has reviewed the findings.

`REDACTION: PASS` means the configured residue patterns find nothing forbidden in the capsule. It does not mean the capsule is free of all conceivable sensitive material — only that the configured patterns did not match.

`AUDIT_DIGEST: PASS` means the audit digest in this capsule is internally consistent. It does not mean the audit digest reproduces the global SPARTAN audit ledger; it is a local consistency proof, not a global ledger replay.

`SIGNATURE: NOT_PRESENT` and `REPLAY: NOT_PRESENT` are part of the v0.1 contract, not absent diagnostics. Every Capsule v0.1 verification reports them as `NOT_PRESENT`.

## The single rule

The capsule proves. The view explains. Anything beyond that is not part of Capsule v0.1.