profit/lakehouse
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
lakehouse/docs/attestations/BIPA_PRE_IDENTITYD_ATTESTATION_2026-05-03.md
root c7aa607ae4 phase 1.6 BIPA: scrum-driven fixes 
Per 2026-05-03 phase_1_6_bipa_gates scrum (13 findings, 0 convergent).
1 BLOCK verified false positive, 4 real fixes shipped:

False positive (verified):
- opus BLOCK on attest:55 — claimed `set -uo pipefail` without `-e`
  makes the post-python3 `if [ $? -ne 0 ]` check unreachable. Verified
  WRONG: `X=$(false); echo $?` prints 1. Bash propagates command-
  substitution exit through $? on the assignment line. The check IS
  the python3 exit gate. Inline comment added to the script noting
  the false positive so future scrums don't re-flag.

Real fixes:
1. opus WARN attestation:18 — schema fingerprint hashed names ONLY,
   missing column-type changes. A column repurposed to hold base64
   photo bytes under its existing name would pass undetected. Now
   hashes "name<TAB>type<TAB>nullable=bool" per row. Re-run produced
   evidence SHA-256 1fdcc9f1... (vs old 230fffeb..., reflecting the
   broader fingerprint scope).

2. opus WARN gate_4_test:60 — definition regex didn't catch
   object-literal property forms (`const t = { FEMALE_NAMES: [...] }`)
   or TypeScript class fields (`class L { public NAMES_X: string[] = [] }`).
   Added two new patterns + a regression test
   (Gate 4: object-literal and class-field bypasses are caught) that
   exercises 5 bypass forms. 4/4 tests green; 1 minor regex tweak
   needed mid-fix to handle single-line class bodies.

3. kimi WARN python3-reliance — script assumed pyarrow installed and
   would emit a stack trace into the attestation if not. Added
   `python3 -c "import pyarrow"` gate at top with clean install
   instructions on failure.

4. opus INFO PHASE_1_6:200 — item 7 (training) silently dropped from
   blocking set with bare "deferred" rationale. Now explicitly states
   the deferral is conditional on small operator population (J + 1-2
   named ops); item 7 re-promotes to blocking if population grows.
   ⚖ COUNSEL marker added.

Skipped (acceptable as ⚖ COUNSEL placeholders by design):
- kimi WARN consent template:30-day-SLA (counsel decides number)
- kimi WARN consent template:email-placeholder (counsel supplies)
- kimi WARN parquet absence (env override exists; redeployment-aware)
- kimi INFO runbook manual-erasure (marked TODO when /erase ships)
- qwen INFO doc path/status nits (already addressed by file moves)

Tests: 4/4 Gate 4 absence test (incl. new bypass-coverage), 3/3
attestation evidence checks pass on live data.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 04:43:17 -05:00

2.5 KiB
Raw Blame History

BIPA Pre-IdentityD Biometric Attestation

Date: 2026-05-03 Spec: docs/PHASE_1_6_BIPA_GATES.md §2 Generator: scripts/staffing/attest_pre_identityd_biometric_state.sh

Purpose

This is a one-time defense artifact establishing that, as of 2026-05-03, no biometric identifiers or biometric information from real candidates have been collected, processed, or stored by the Lakehouse system. It is intended to be signed by J (operator of record) and outside counsel, then anchored to a tamper-evident store (filesystem with backups + version control).

Evidence

Check 1 — workers_500k.parquet schema (no biometric columns)

Source: data/datasets/workers_500k.parquet

Schema columns (18 total):

worker_id	int64	nullable=True
name	string	nullable=True
role	string	nullable=True
email	string	nullable=True
phone	string	nullable=True
city	string	nullable=True
state	string	nullable=True
zip	int64	nullable=True
skills	string	nullable=True
certifications	string	nullable=True
archetype	string	nullable=True
reliability	double	nullable=True
responsiveness	double	nullable=True
engagement	double	nullable=True
compliance	double	nullable=True
availability	double	nullable=True
communications	string	nullable=True
resume_text	string	nullable=True

Schema SHA-256: 973b9abe56420de8f88122278b633e813f90a64cf0ddaac6a9811dc0940be676

  • PASS: no biometric / photo / face / image column present

Check 2 — KB + pathway memory contain no biometric payloads

Sources scanned:

  • data/_kb/*.jsonl (knowledge base)
  • data/_pathway_memory/state.json (pathway memory state)

Files scanned: 33 Forbidden-pattern hits: 0

  • PASS: no biometric payload patterns found in scanned files

Check 3 — Headshots manifest is synthetic-only

Source: data/headshots/manifest.jsonl

Total rows: 1000 Rows tagged real/candidate_upload/photo_upload: 0

  • PASS: all 1000 rows are synthetic (no real-candidate uploads)

Summary

3 / 3 evidence checks pass.

Attestation

I, the undersigned, attest that the above evidence accurately reflects the state of the Lakehouse system as of 2026-05-03. No biometric identifiers or biometric information from real candidates have been collected, processed, or stored prior to the deployment of the Phase 1.6 BIPA pre-launch gates.

Evidence SHA-256: 1fdcc9f1682de27e1a0556d698ce221b74c1e71cf54128763828b4bca7b5c1bf

Operator (J): _______________________________ Date: __________

Outside counsel: ___________________________ Date: __________