Compliance Evidence Binder Spec

Status: LOCKED (Contract Only — No Implementation)
Purpose: Define enterprise ledger and hash version protocol before Phase 8S.

1. Ledger Record Contract: process_runs

This table is not yet implemented. This spec defines the contract for future Phase 8S work.

Primary Key

run_id (UUID)

Logical Idempotency Key

(tenant_id, period_label, batch_id)

Required Columns

Identity:

Column	Type	Notes
tenant_id	STRING	Tenant isolation
org_id	STRING	Org scoping (nullable)
batch_id	STRING	Batch identifier
period_label	DATE	YYYY-MM-01
run_id	STRING	UUID primary key

State:

Column	Type	Notes
status	STRING	RUNNING \| SUCCEEDED \| FAILED
created_at	TIMESTAMP	Record creation
started_at	TIMESTAMP	Run start
completed_at	TIMESTAMP	Run completion
error_code	STRING	If FAILED
error_message	STRING	Sanitized; no PHI

Reproducibility:

Column	Type	Notes
inputs_hash	STRING	REQUIRED; Hash Version Protocol
raw_hash	STRING	Phase 9 required
config_snapshot_hash	STRING	Phase 9 required

Snapshot Anchors:

Column	Type	Notes
stage1_snapshot_ref	STRING	Reference to stage1 output
stage3_snapshot_ref	STRING	Reference to stage3 output
stage1_row_count	INT64	Row count
stage3_row_count	INT64	Row count

Audit:

Column	Type	Notes
request_id	STRING	Request correlation
trace_id	STRING	Distributed trace
actor_user_id	STRING	User identifier
actor_email	STRING	Hashed if needed

DQ:

Column	Type	Notes
dq_status	STRING	NOT_RUN \| PASS \| FAIL
dq_results_json	STRING	DQ results

2. Hash Version Protocol (inputs_hash)

inputs_hash MUST include version for enterprise-grade reproducibility.

hash_version = "IHv1"

Specification

inputs_hash is SHA256 over canonical_json of:

{
  "hash_version": "IHv1",
  "tenant_id": "...",
  "period_label": "...",
  "batch_id": "...",
  "ingestion_template_id": "...",
  "mapped_header_contract": {...},
  "file_metadata": {...},
  "period_authority_config": {...},
  "config_snapshot_identifiers": {...}
}

Rules

canonical_json must sort keys deterministically.
hash_version MUST change if hashing logic changes.
Any change in canonicalization rules requires bumping hash_version.
Old runs remain immutable and interpretable.

This prevents:

Hash collision across algorithm changes
Drift between old and new canonicalization logic
Silent reproducibility breakage

3. Exactly-Once Semantics

Server must enforce:

Condition	Behavior
RUNNING exists	PROCESS_ALREADY_RUNNING
SUCCEEDED + same inputs_hash	Return prior summary
Different inputs_hash	Create new run_id

4. Binder UI (Future)

Placeholder for future Compliance Evidence Binder UI structure. Not implemented.

Start Here

Operate & Support

Reference

Build & Integrate

COMPLIANCE EVIDENCE BINDER SPEC

Compliance Evidence Binder Spec

1. Ledger Record Contract: process_runs

Primary Key

Logical Idempotency Key

Required Columns

2. Hash Version Protocol (inputs_hash)

Specification

Rules

3. Exactly-Once Semantics

4. Binder UI (Future)

Start Here

Operate & Support

Reference

Build & Integrate

​Compliance Evidence Binder Spec

​1. Ledger Record Contract: process_runs

​Primary Key

​Logical Idempotency Key

​Required Columns

​2. Hash Version Protocol (inputs_hash)

​Specification

​Rules

​3. Exactly-Once Semantics

​4. Binder UI (Future)

Compliance Evidence Binder Spec

1. Ledger Record Contract: process_runs

Primary Key

Logical Idempotency Key

Required Columns

2. Hash Version Protocol (inputs_hash)

Specification

Rules

3. Exactly-Once Semantics

4. Binder UI (Future)