diff --git a/api-docs/adr/ADR-159-cognitum-appliance-beyond-sota.md b/api-docs/adr/ADR-159-cognitum-appliance-beyond-sota.md new file mode 100644 index 00000000..2f9b2cc7 --- /dev/null +++ b/api-docs/adr/ADR-159-cognitum-appliance-beyond-sota.md @@ -0,0 +1,242 @@ +# ADR-159: Cognitum Appliance Cluster — Beyond-SOTA Sweep, Anti-"AI-Slop" Hardening + +- **Status**: accepted +- **Date**: 2026-06-11 +- **Deciders**: ruv +- **Tags**: cognitum, cogs, person-count, pose-estimation, ha-matter, drone-swarm, remote-id, manifest, prove-everything + +## Context + +This ADR records the beyond-SOTA sweep over the Cognitum appliance cluster +(`cog-person-count`, `cog-pose-estimation`, `cog-ha-matter`, `ruview-swarm`), +executed under the project's **prove-everything / anti-"AI-slop"** directive: the +claim surface every cog presents (manifests, descriptions, runtime events, +broadcast fields) must match what the code and the shipped weights actually do. + +### Headline — the "never identified anyone" accusation is REFUTED + +A read-only audit raised the worst-class accusation: that these cogs are slop that +"never identified anyone." That accusation is **refuted by byte-level evidence**: + +- `cog-pose-estimation` and `cog-person-count` ship **real, trained Candle models** + (`pose_v1.safetensors`, `count_v1.safetensors`), not placeholders. The forward + passes (`PoseNet`, `CountNet`) mirror the training scripts exactly and run on + real CSI bytes. +- The artifacts are **SHA-pinned and Ed25519-signed**: the on-disk + `manifests/x86_64/manifest.json` carries a real `binary_sha256` + (`051614ce…388b3` for person-count, `a434739a…71fa` for pose), a real + `weights_sha256`, and a `binary_signature` over `sig_algo: Ed25519`. +- The manifests are **brutally honest about accuracy**: person-count's + `build_metadata` ships `training_class1_accuracy = 0.343` and a candid + `training_caveat`; pose ships `training_pck20 = 3.0` / `training_pck50 = 18.5`. + Nothing is inflated. That honesty *is* the anti-slop win — the models are weak + in the field, and the manifests say so. + +So the cogs **do** run real trained inference and **do** disclose how weak it is. +What the audit correctly found were not fabrications but **claim-surface +overclaims** — four places where the surface said more than the weights deliver. +This ADR tightens those four (A1–A4) and cites the already-correct subsystems as +NO-ACTION positives. + +Grading vocabulary follows ADR-152 / ADR-158: +- **MEASURED** — reproduced in this worktree, command + failing-on-old test recorded. +- **DATA-GATED** — real code path present; honestly flagged where data/hardware is absent. +- **NO-ACTION (already-SOTA)** — audited, found correct, cited as a positive. +- **ACCEPTED-FUTURE** — deliberately deferred, nothing dropped. + +## Graded SOTA Landscape + +| Capability | Grade | Note | +|------------|-------|------| +| CSI person counting (`cog-person-count`) | **DATA-GATED** | Real Candle count head + Bayesian fusion; weights trained only on classes 0/1 (presence). Multi-occupant accuracy is genuinely unproven and is **not fabricated** — counts above the trained range are now flagged `low_confidence` and clamped. | +| CSI pose estimation (`cog-pose-estimation`) | **DATA-GATED** | Real Candle encoder + 17-keypoint head; field accuracy honestly weak (PCK@50 = 18.5%, disclosed in the manifest). The default-install gate bug (A1) is fixed so it actually emits frames. | +| Signed cog manifests (Ed25519 + SHA-256) | **NO-ACTION (already-SOTA)** | On-disk manifests are real, signed, SHA-pinned, and honest about accuracy. The CLI now emits them verbatim (A4). | +| HA bridge (`cog-ha-matter`) MQTT + witness | **NO-ACTION (already-SOTA)** | Real Ed25519 hash-chain witness, mDNS, embedded broker. Matter commissioning is honestly deferred to v0.8 (TLS off, LAN-only) — description softened to stop claiming Matter (honest-absence). | +| Drone-swarm MARL (`ruview-swarm`) | **DATA-GATED / honest** | `candle_ppo.rs` is real autodiff PPO; it is **untrained at runtime** (random init) by design — the swarm must be trained before deploy, which the code does not hide. | +| ASTM F3411 Remote ID | **MEASURED (A3)** | Basic ID message is real; the Location/Vector message is honestly *not* implemented (NED metres are no longer mislabelled as WGS84 lat/lon). | + +## Decision — Fixes Landed (MEASURED) + +### §A1 Pose runtime emitted ZERO frames under default config (HIGH) + +**Overclaim (silent correctness bug):** `inference.rs` hardcoded +`confidence: 0.185` for every inference, `config.rs default_min_confidence()` +returned `0.3`, and `runtime.rs` gated emission on `confidence >= min_confidence`. +A default install therefore **never emitted a single `pose.frame`** while +`health` reported healthy — the cog *claimed* to be a running pose estimator but +silently produced nothing. + +**Real fix:** `pose_v1` has **no confidence head** (the head emits 34 keypoint +coordinates only), so a real per-frame confidence is genuinely unavailable. We +took the disclosed "ok" path rather than silently lowering the threshold: +- Introduced `inference::MODEL_TYPICAL_CONFIDENCE = 0.185` (the validation PCK@50) + as the single published per-frame confidence, used by both `infer()` and the + config default. +- Pinned `default_min_confidence()` to `MODEL_TYPICAL_CONFIDENCE` so a default + install clears its own gate and emits. +- Documented the trade-off in the config field doc, the JSON schema + (`default` 0.3 → 0.185, with a description), **and** added a `run.started` + warning in `main.rs` that fires when an operator raises `min_confidence` above + the model's typical confidence — so a deliberately-high threshold is loud, not + silent. + +**Failing-on-old test:** `cog_pose_estimation` smoke +`default_config_emits_frames_with_real_model` — parses a default config and +asserts `min_confidence <= MODEL_TYPICAL_CONFIDENCE` (and, with the real model +loaded, that `infer().confidence >= min_confidence`). **Proven to fail** on the +old `default_min_confidence()=0.3`: +`default min_confidence 0.3 exceeds model typical confidence 0.185 — a default +install would emit zero pose.frame events`. + +**Grade: MEASURED.** + +### §A2 8-class count head on a 2-class-trained model (MEDIUM) + +**Overclaim:** `inference.rs COUNT_CLASSES = 8` with argmax over {0..7}, but +`count_train_results.json` has support only for classes 0 and 1 (`per_class_accuracy` +keys `"0"`/`"1"`). The model is a **presence detector**, not a calibrated +multi-occupant counter; an argmax on classes 2..=7 is out-of-distribution, yet the +cog would emit it as a confident headcount. The Cargo.toml billed it as a +"learned multi-person counter." + +**Real fix (no network change — DATA-GATED, accuracy not fabricated):** +- Added `inference::MAX_TRAINED_CLASS = 1`, plus `CountPrediction::is_low_confidence()` + (argmax beyond the trained ceiling) and `clamped_count()` (report clamped to the + trained range, raw argmax kept for audit). +- `person.count` events now carry `low_confidence` + `raw_count`, and downgrade to + `level: "warn"` when out-of-distribution; the reported `count` is clamped so we + never emit a fabricated headcount the weights can't back. +- `run.started` discloses `count_max_trained_class` and `count_classes`. +- Cargo.toml description changed from "learned multi-person counter" to + "presence detector + (data-gated) person count". + +**Failing-on-old test:** `cog_person_count` smoke +`untrained_class_argmax_is_flagged_low_confidence` — a prediction whose argmax is +class 5 is asserted `is_low_confidence() == true` and `clamped_count() == +MAX_TRAINED_CLASS`; a class-1 prediction is asserted *not* flagged. Fails on old +code (no such methods/flag existed). + +**Grade: MEASURED (mechanism); multi-occupant accuracy DATA-GATED.** + +### §A3 Remote ID broadcast NED metres as WGS84 lat/lon (MEDIUM — safety/compliance) + +**Overclaim (compliance hazard):** `security/remote_id.rs update()` stored +`state.position.x/.y` (NED **metres**) into `drone_lat`/`drone_lon`, so the Remote +ID broadcast would carry physically-impossible coordinates (e.g. "latitude = +37.5 m"). The module doc claimed a "Basic ID + Location/Vector message," but only +`encode_basic_id()` exists. + +**Real fix (honest naming — never broadcast impossible coordinates):** +- Renamed `drone_lat`/`drone_lon` → `drone_north_m`/`drone_east_m` (NED metres + relative to the operator/takeoff datum), with field docs stating they are *not* + geodetic. `operator_lat`/`operator_lon` remain true WGS84 (from the operator's + GNSS). +- Corrected the module doc to claim **Basic ID only**; the Location/Vector encoder + is explicitly deferred until a datum-anchored NED→WGS84 transform lands + (ACCEPTED-FUTURE), rather than removing a real feature. + +**Failing-on-old test:** `security::remote_id::tests::test_ned_offset_stored_as_metres_not_latlon` +— a 37.5 m north / −12.0 m east NED offset is asserted to land in +`drone_north_m`/`drone_east_m`; the operator's real WGS84 fix stays in range. Fails +on old code, where these values were stored into `drone_lat`/`drone_lon`. + +**Grade: MEASURED.** + +### §A4 Hollow CLI manifest (LOW) + +**Overclaim:** `cog-person-count main.rs cmd_manifest` emitted a null skeleton +(`binary_sha256: null`, no training metadata), making the CLI look unsigned even +though the **real signed manifest** existed at +`cog/artifacts/manifests/x86_64/manifest.json`. + +**Real fix:** new `cog_person_count::manifest` module `include_str!`-embeds the +real signed manifests (x86_64 + arm), selected by build target arch. +`cmd_manifest` now parses-then-emits the embedded signed manifest — exactly the +pattern `cog-pose-estimation`'s `manifest_roundtrips` test demonstrates. The CLI +now reports the real `binary_sha256`, `weights_sha256`, Ed25519 signature, and +honest `build_metadata` (`training_class1_accuracy = 0.343`). + +**Failing-on-old test:** `manifest::tests::embedded_manifest_has_non_null_binary_sha256` +asserts a 64-hex-char `binary_sha256`; companions assert the embedded manifest is +signed (`sig_algo == Ed25519`) and `id == COG_ID`. End-to-end verified: +`cog-person-count manifest` prints `binary_sha256: +051614ce6ba63df704fae848a67ad095df4bb88862fdff05ef3c0419cc8388b3`. + +**Grade: MEASURED.** + +### §A5 cog-ha-matter description claimed Matter before it exists (LOW — honest-labeling) + +**Overclaim:** the Cargo.toml description said "Home Assistant + Matter +integration," but Matter commissioning is deferred to v0.8 (`TlsConfig::Off`, +LAN-only, asserted by `runtime.rs tls_defaults_to_off_for_v1_lan_only`). + +**Real fix (no code change):** softened the description to "Home Assistant (MQTT) +integration … LAN-only (no TLS); Matter Bridge commissioning is deferred to v0.8 +and not yet implemented." Mirrors ADR-158 §6 honest-absence: state what isn't +there rather than implying it is. + +**Grade: MEASURED (label).** + +## Negative Results (Confirmed — NO-ACTION positives) + +Audited and found genuinely correct; cited as positives, not edited: + +- **`cog-ha-matter` witness chain** (`witness.rs` / `witness_signing.rs`) — real + Ed25519 hash-chained witness log. Already-SOTA. +- **`cog-person-count` fusion** (`fusion.rs`) — real Bayesian product-of-experts + multi-node fusion (Stoer-Wagner-bounded clip), not a heuristic. Already-SOTA. +- **`ruview-swarm` PPO** (`marl/candle_ppo.rs`) — real Candle autodiff PPO with a + genuine policy-gradient update; its `randn` uses (init, action sampling, + exploration) are all legitimate, not fake-output substitutes. Untrained at + runtime by design (the swarm must be trained before deploy), which the code + does not hide. Already-SOTA / honest. + +## Deferred Backlog (Nothing Dropped) + +- **Multi-occupant count accuracy** — DATA-GATED on labelled multi-occupant CSI. + The `low_confidence` flag + clamp (§A2) is the honest stand-in until then. +- **Remote ID Location/Vector message** — ACCEPTED-FUTURE; requires a + datum-anchored local-tangent-plane NED→WGS84 transform with an operator datum. + Basic ID ships today. +- **Matter Bridge commissioning** — ACCEPTED-FUTURE (v0.8); LAN-only MQTT ships today. +- **Criterion benches** for cog inference latency and `mesh_guard` — ACCEPTED-FUTURE + (cold-start timings are recorded in the manifests' `build_metadata`, not yet a + regression bench). +- **`wasm-edge` skill accuracy** — unvalidated; **now honestly labelled, not + claimed** (done in ADR-160: medical/affect/security/exotic claim surfaces + disclaimed, renamed, and feature-gated; per-skill accuracy remains DATA-GATED). + +## Consequences + +- A default pose-estimation install now actually emits `pose.frame` events; + raising the threshold above the model's reach is a loud `run.started` warning, + not a silent dropout. +- A person-count reading on an untrained class is flagged `low_confidence`, + clamped, and downgraded to `warn` — no fabricated headcounts. +- The Remote ID broadcast can never carry physically-impossible coordinates; NED + metres live in honestly-named metre fields. +- `cog-person-count manifest` now reports the real signed manifest instead of a + hollow null skeleton. +- No cog Cargo.toml description claims a capability (multi-person counting, Matter) + the code/weights don't yet deliver. + +## Reproduction (MEASURED) + +```bash +cd v2 +cargo test -p cog-person-count -p cog-pose-estimation -p cog-ha-matter -p ruview-swarm \ + --no-default-features +# ruview-swarm train path compiles (PPO autodiff) +cargo check -p ruview-swarm --features train +# A4 end-to-end — real signed manifest, non-null binary_sha256 +cargo run -q -p cog-person-count --no-default-features -- manifest +``` + +Result at time of writing (all 0 failed): +- `cog-person-count` — **19 passed** (lib 10 incl. 3 manifest; smoke 9) +- `cog-pose-estimation` — **8 passed** (smoke) +- `cog-ha-matter` — **64 passed** (unchanged; description-only edit) +- `ruview-swarm` — **117 passed** (default features); `--features train` compiles clean. + +Scope was limited to the four named crates. NO-ACTION positives (witness chain, +fusion, PPO + randn audit) were verified by inspection and left untouched. diff --git a/api-docs/adr/ADR-160-edge-skill-library-honest-labeling.md b/api-docs/adr/ADR-160-edge-skill-library-honest-labeling.md new file mode 100644 index 00000000..90672aa7 --- /dev/null +++ b/api-docs/adr/ADR-160-edge-skill-library-honest-labeling.md @@ -0,0 +1,228 @@ +# ADR-160: Edge Skill Library (`wifi-densepose-wasm-edge`) — Honest Labeling & Soundness Cleanup + +- **Status**: accepted +- **Date**: 2026-06-11 +- **Deciders**: ruv +- **Tags**: wasm-edge, esp32, edge-skills, claim-surface, medical-overclaim, affect, prove-everything, soundness, static-mut +- **Amends**: ADR-159 (deferred-backlog line for wasm-edge now TRUE) + +## Context + +Beyond-SOTA sweep Milestone 6, over `v2/crates/wifi-densepose-wasm-edge` only, +executed under the project's **prove-everything / anti-"AI-slop"** directive. + +### Headline — 0 stubs, 0 theater, all real DSP (REFUTES the slop accusation) + +A read-only audit found this crate has **zero stubs and zero fake-output theater: +every one of the ~70 edge skills runs real DSP** (Welford statistics, +autocorrelation, DTW, sliced-Wasserstein, ISTA-style recovery, Kalman/HNSW, etc.). +The forward paths are genuine signal processing on real CSI-derived inputs. That +is the anti-slop win and it is cited here as a positive, not a fabrication. + +What the audit correctly found was **not fake code but an over-confident claim +surface**: skill *names* and doc-comments asserting clinical/affective/security +capabilities that the **unvalidated** code cannot back, concentrated in the +medical (`med_*`) and affect (`exo_happiness`/`exo_emotion`) skills. The fix is +**honest labeling — making the labels TRUE — NOT making the claimed capability +real.** You cannot validate seizure detection, affect inference, or weapon +discrimination without clinical/labelled data and reference standards; this ADR +does not pretend to. It disclaims, renames, softens, and feature-gates so the +surface matches what the DSP actually delivers. + +Grading vocabulary follows ADR-152 / ADR-158 / ADR-159: +- **MEASURED** — reproduced in this worktree, command + failing-on-old test recorded. +- **DATA-GATED** — real code path present; honestly flagged where data is absent. +- **NO-ACTION (already-honest)** — audited, found correct, cited as a positive. +- **ACCEPTED-FUTURE** — deliberately deferred, nothing dropped. + +## Per-prefix classification + +| Prefix | Class | Note | +|--------|-------|------| +| `sig_*` (signal intelligence) | **REAL-DSP, honest** | Algorithm-named (flash-attention, sparse-recovery, optimal-transport, temporal-compress, mincut). Names describe the math, not an overclaimed outcome. NO-ACTION on labels; A5 soundness applied. | +| `lrn_*` (adaptive learning) | **REAL-DSP, honest** | DTW/EWC/meta-adapt/attractor — algorithm-named. NO-ACTION on labels; A5 applied. | +| `spt_*` / `tmp_*` | **REAL-DSP, honest** | PageRank/HNSW/spiking-tracker; LTL-guard/GOAP/pattern-sequence. Algorithm-named. NO-ACTION on labels; A5 applied. | +| `qnt_*` | **REAL-DSP, honest (disclosed analogy)** | "quantum-**inspired**" / Grover-**inspired** are already disclosed analogies. NO-ACTION (DO-NOT-touch); A5 applied (mechanical, no label/behavior change). | +| `bld_*` / `ret_*` / `ind_*` / `occupancy`/`intrusion` | **REAL-DSP, honest** | Occupancy/queue/forklift/clean-room etc. describe physical observables. NO-ACTION on labels; A5 applied. | +| `sec_weapon_detect` | **REAL-DSP, overclaiming NAME** → fixed (A3) | Variance-ratio reflectivity renamed off "weapon". | +| `med_*` (5) | **REAL-DSP, overclaiming NAME/DOC** → fixed (A1) | Clinical detection asserted as fact; now disclaimed + softened + feature-gated. | +| `exo_happiness` / `exo_emotion` | **REAL-DSP, overclaiming NAME/DOC** → fixed (A2) | Affect outputs reframed as proxies; uncited stat removed. | +| `exo_dream_stage` / `exo_gesture_language` | **REAL-DSP, quasi-medical/over-named** → fixed (A4) | Disclaimers added; Research tag promoted to header. | +| `exo_time_crystal` / `exo_ghost_hunter` | **REAL-DSP, honest novelty** | Disclosed exploratory/novelty skills. NO-ACTION (DO-NOT-touch); A5 applied. | +| `nvsim` | out of scope | Disclaimer gold standard; copied its tone. | + +## Decision — Fixes Landed + +### §A1 Medical overclaim (HIGH) — MEASURED + +The five `med_*` modules (`med_seizure_detect`, `med_cardiac_arrhythmia`, +`med_respiratory_distress`, `med_sleep_apnea`, `med_gait_analysis`) stated clinical +detection as fact with no disclaimer ("Detects tonic-clonic seizures…"). + +**Real fix (honest labeling — the DSP is kept, untouched):** +- **(a)** Every module's `//!` header now carries a mandatory disclaimer block, + modelled on `sec_weapon_detect.rs` and `nvsim/src/lib.rs`: *"EXPERIMENTAL + RESEARCH MODULE — NOT VALIDATED AGAINST CLINICAL DATA. NOT A MEDICAL DEVICE. + Flags candidate -like signatures only,"* citing ADR-160. +- **(b)** Doc verbs softened: *"Detects tonic-clonic seizures"* → + *"Flags candidate tonic-clonic-seizure-like motion signatures (experimental)"*; + similarly for cardiac/respiratory/apnea/gait. +- **(c)** All five gated behind a new **non-default** cargo feature + `medical-experimental` (`#[cfg(feature = "medical-experimental")]` in `lib.rs`, + `medical-experimental = []` in `Cargo.toml`, **not** in `default`) so they cannot + be silently built into a shipping artifact. + +**Failing-on-old tests** (`tests/honest_labeling.rs`): +`a1_med_modules_have_clinical_disclaimer`, +`a1_med_modules_gated_behind_medical_experimental`, +`a1_seizure_verbs_softened`. All fail on the old, undisclaimed, ungated source. +**Grade: MEASURED (label); per-skill clinical accuracy DATA-GATED.** + +### §A2 Affect overclaim (HIGH) — MEASURED + +`exo_happiness_score.rs` carried an **uncited** "Happy people walk ~12% faster" +statistic and emits `HAPPINESS_SCORE`; `exo_emotion_detect.rs` emits +`STRESS_INDEX`/`CALM_DETECTED`/`AGITATION_DETECTED`. + +**Real fix (honest labeling — math kept):** +- Deleted the uncited "12% faster" / "~12% above" / "Happy people walk" statements. +- Added a prominent *"speculative, unvalidated affect heuristic; outputs are NOT + measurements of emotion"* disclaimer to both `//!` headers, citing ADR-160. +- Reframed `HAPPINESS_SCORE` in the docs as a **"gait-energy proxy, not a validated + affect measure."** + +**Failing-on-old tests:** `a2_affect_modules_have_unvalidated_disclaimer`, +`a2_uncited_12_percent_stat_removed`, `a2_happiness_reframed_as_proxy`. +**Grade: MEASURED (label); affect validity DATA-GATED.** + +### §A3 Security event-name overclaim (MEDIUM) — MEASURED + +`sec_weapon_detect.rs`'s module doc was already honest (research-grade, +calibration-required), but the event/const names claimed weapon-grade +discrimination a variance ratio cannot deliver. + +**Real fix (honest physical-quantity naming — behavior unchanged):** +- `EVENT_WEAPON_ALERT` → `EVENT_HIGH_METAL_REFLECTIVITY` (event id 221 unchanged). +- `WEAPON_RATIO_THRESH` → `HIGH_REFLECTIVITY_THRESH`. +- Internal fields/consts renamed (`weapon_run`→`high_refl_run`, + `cd_weapon`→`cd_high_refl`, `WEAPON_DEBOUNCE`→`HIGH_REFLECTIVITY_DEBOUNCE`). +- `lib.rs` `event_types` registry: `WEAPON_ALERT` → `HIGH_METAL_REFLECTIVITY`. +- A reflectivity-vs-weapons honest-naming note added to the header. +The detector still flags a high amplitude-variance/phase-variance ratio (real RF +reflectivity); it just no longer *names* that "weapon". + +**Failing-on-old tests:** `a3_weapon_names_renamed_to_reflectivity`, +`a3_registry_no_longer_exports_weapon_alert` (registry no longer exports a +`WEAPON_ALERT` name). **Grade: MEASURED.** + +### §A4 Quasi-medical / sign-language exotic modules (MEDIUM) — MEASURED + +`exo_dream_stage.rs` ("sleep stage classification", quasi-medical) and +`exo_gesture_language.rs` ("sign language letter recognition"). + +**Real fix (honest labeling — DSP kept):** added an experimental "NOT VALIDATED" +disclaimer to each `//!` header (citing ADR-160) and promoted the +**Exotic/Research** registry tag into the header where a reader sees it. +`exo_gesture_language` additionally states it is a coarse gesture-cluster +classifier that **does not recognize true sign language** (never evaluated on a +labelled ASL set). + +**Failing-on-old test:** `a4_exotic_modules_have_experimental_disclaimer`. +**Grade: MEASURED (label); accuracy DATA-GATED.** + +### §A5 `static mut` event-buffer soundness (MEDIUM) — the one real code fix — MEASURED + +~61 per-call event scratch buffers across the crate used a module-level +`static mut EVENTS: [(i32,f32); N]` (a handful named `EV`/`TE`/`EMPTY`) and returned +`&EVENTS[..n]`. On a `cdylib`+`rlib` linkable into multithreaded/reentrant host +code this is latent aliasing UB, and `static_mut_refs` is deny-by-default on newer +Rust. + +**Real fix (mechanical, behavior-preserving):** moved each scratch buffer off +`static mut` into an **owned per-instance field** (`events: [(i32,f32); N]` on the +detector struct, written via `&mut self` and returned as `&self.events[..n]`). The +public `-> &[(i32, f32)]` signature is **unchanged**, so no caller (in-module +tests, `ghost_hunter` bin, `budget_compliance`) needed editing. Two helper methods +that built events under `&self` (`spt_pagerank_influence::build_events`, +`spt_spiking_tracker::build_events`) and `sig_temporal_compress::on_timer` were +promoted to `&mut self`. Leftover now-redundant `unsafe { }` wrappers were removed. + +**Count: 61 scratch buffers across 60 module files fixed** (the only `static mut` +left in `src/` are the two **legitimate WASM module singletons** — `lib.rs STATE` +and `bin/ghost_hunter.rs DETECTOR` — `#[cfg(target_arch="wasm32")]`, +`#[no_mangle]`, accessed via `core::ptr::addr_of_mut!`, single-threaded by the +wasm runtime contract; these are *not* the aliasing-UB scratch pattern and are +left as-is). + +**Verification:** the full host build (`--features std` and +`std,medical-experimental`) compiles with **0 warnings** — there is no longer any +`static mut ` + `&` source for `static_mut_refs` to fire on in the 60 +fixed modules. (The pure-`wasm32-unknown-unknown` build, where the lint is +deny-by-default, could not be run in this worktree because the `wasm32` target is +not installed on the build toolchain; the source-level elimination is the +evidence, asserted per-module by `a5_claim_bearing_modules_have_no_static_mut_event_buffer`.) +**Grade: MEASURED (source-eliminated; residual = 2 legitimate singletons).** + +## Negative Results (NO-ACTION positives — cited, not edited for labels) + +Audited and found genuinely honest; cited as positives: +- **`qnt_quantum_coherence.rs`** — discloses "quantum-**inspired**" analogy. +- **`exo_time_crystal.rs`**, **`exo_ghost_hunter.rs`** — disclosed exploratory/novelty. +- **`qnt_interference_search.rs`** — disclosed "Grover-**inspired**". +- **`sig_*` / `lrn_*`** algorithm-named skills — names describe the DSP, not an outcome. +- **`nvsim`** — out of scope; the project's disclaimer gold standard (its tone was + copied into the A1/A2/A4 disclaimers). + +(These were A5-soundness-fixed mechanically where they used `static mut`, with no +label or behavior change, consistent with leaving their claim surface intact.) + +## Deferred Backlog (Nothing Dropped) + +- **Per-skill accuracy validation** — **DATA-GATED**. Validating any med_*/affect/ + sign-language claim requires labelled clinical/affective/ASL data and reference + standards that do not exist in this repo. The disclaimers + feature gate are the + honest stand-in. Nothing is claimed that is not measured. +- **Criterion benches for `process_frame` budget claims** — **ACCEPTED-FUTURE**. + `tests/budget_compliance.rs` asserts L/S/H tier wall-clock budgets (25 tests, + passing), but a regression-grade criterion bench is not yet wired. +- **`wasm32-unknown-unknown` `static_mut_refs` confirmation** — **ACCEPTED-FUTURE** + (toolchain): the source pattern is eliminated; a CI job on the wasm target should + assert zero `static_mut_refs` once the target is added to the build image. +- **The 2 residual `static mut` singletons** (`lib.rs STATE`, `ghost_hunter DETECTOR`) + — **ACCEPTED-FUTURE**: these are the canonical wasm module-state pattern; migrating + them to a safe cell is a separate, larger change with no current UB (single-threaded + wasm runtime, `addr_of_mut!` access). + +## Reproduction (MEASURED) + +```bash +cd v2/crates/wifi-densepose-wasm-edge # excluded from the v2 workspace; build here +cargo test --features std # default +cargo test --features std,medical-experimental # med_* skills enabled +cargo test --no-default-features --features std # no default-pipeline +cargo test --features std --test honest_labeling # A1–A5 label invariants +``` + +(`std` is required for host tests — the crate is `no_std` for `wasm32`; pure +`--no-default-features` builds only on `wasm32-unknown-unknown`, where it +intentionally has no panic handler on the host.) + +Result at time of writing (all 0 failed): +- **DEFAULT** (`--features std`) — **615 passed** (lib 504; budget 25; honest_labeling 10; bench 1; vendor 75) +- **MEDICAL** (`--features std,medical-experimental`) — **653 passed** (lib 542; +38 med_* tests; others unchanged) +- **NO-DEFAULT** (`--no-default-features --features std`) — **615 passed** +- Full host build emits **0 warnings**; **61** `static mut` scratch buffers eliminated, **2** legitimate wasm singletons remain. + +## Consequences + +- No edge skill's name or doc-comment claims a clinical, affective, security, or + sign-language capability the unvalidated DSP cannot back. +- The five medical skills cannot be silently compiled into a shipping artifact + (non-default `medical-experimental` gate). +- The security skill can never emit a "weapon alert" — it reports + `HIGH_METAL_REFLECTIVITY`, the physical quantity it actually measures. +- The latent `static mut` aliasing-UB / `static_mut_refs` exposure is removed from + 60 modules; the public API and all runtime behavior are unchanged (615/653 tests + prove behavior preservation). +- ADR-159's deferred-backlog statement *"wasm-edge … honestly labelled, not + claimed"* is now actually TRUE.