Evidence-first Visual Truth Interface

XPScerpto zeigt operative Wahrheit vor Behauptungen.

XPScerpto ist ein gesteuertes souveränes Kryptografie-Infrastrukturportal. Diese Startseite zeigt Nachweise, aktuelle NO-Flags, Produktsurfaces und gate-gebundene Security-Posture vor Claim-Sprache.

Truth gate

Truth Before Claims

Claims are displayed only when a gate, report or source is linked. NO flags remain visible.

Explicit NO flags

Not Currently Claimed

The public website does not soften or hide missing external evidence.

Production-ready deployment

NOT CLAIMED

PRODUCTION_READY=NO

Live external IMAP mailbox verification

NOT CLAIMED

LIVE_EXTERNAL_IMAP_MAILBOX_VERIFIED=NO

Full universal closure of all modules

NOT CLAIMED

evidence required per module

External credential-dependent gates

FAIL-CLOSED WHERE APPLICABLE

no real mailbox credentials provided

Product surfaces

Real application surfaces, not stock artwork.

Each card links to an actual route and uses real local screenshots after browser replay.

App Shell local browser screenshot

App Shell

SCOPED

Scoped user workspace for projects, capsules and bounded requests.

  • Scoped workspace
  • Capsule history
  • No global authority
Open route
Admin Control Room local browser screenshot

Admin Control Room

AUTH REQUIRED

Governed editorial, evidence, runtime and deployment control plane.

  • Auth boundary
  • Evidence manager
  • Deployment readiness
Open route
Correspondence Center local browser screenshot

Correspondence Center

FAIL-CLOSED LIVE

Admin correspondence operations with live IMAP truth boundary preserved.

  • Threading view
  • Live status gate
  • No private cache
Open route
Evidence Center local browser screenshot

Evidence Center

EVIDENCE

Public proof plane for reports, runtime truth and closure evidence.

  • Evidence cards
  • Report links
  • Truth flags
Open route
Root Control local browser screenshot

Root Control

LOCAL GATED

Local/VPN/hardware-gated root authority outside normal admin power.

  • Root token gate
  • Local authority
  • No public access
Open route
Docs / Architecture local browser screenshot

Docs / Architecture

PUBLIC DOCS

Architecture, authority model, threat model and validation policy.

  • Architecture docs
  • Threat model
  • CI gates
Open route

Evidence Center preview

Evidence cards with explicit status and source links.

Unavailable values remain unavailable; missing artifacts are not fabricated.

Deployment identity

Release identity and hashes wrap safely.

The deployment fingerprint endpoint remains the source of truth for live identity.

release id9b0d4ba89dac0dc5058cbff3
deploy fingerprintd6884e606073726abce43464a7728f124aebf1d819aac1f1e849b723ab38d38b
source package hashunavailable
final package hashunavailable
build identityruntime_tree
evidence bundle hashunavailable
current deployment statenot production-ready; evidence-first public surface

Security / integrity posture

Gate-bound posture, not trust theater.

Security cards point to the corresponding route, API or service-worker source.

Service Worker Private Cache Blocked

VERIFIEDgate source

Operational timeline

Recent phases remain linked to evidence.

Timeline entries avoid unsupported closure language.

  1. Responsive UX all devices closurePASSartifact
  2. Deploy identity repairVERIFIEDartifact
  3. Live content parity repairUNAVAILABLEartifact
  4. Admin/cache safety gatesFAIL-CLOSEDartifact
  5. Evidence/product gatesUNAVAILABLEartifact

Evidence-gated status

Claims remain locked until runtime evidence proves them.

Native runtime and qualifying production evidence are not both proven.

Production claimLocked
Native runtimeDetached
BackendReal
Last verified2026-07-13T08:20:14Z
Open Evidence Center
Public SurfaceEvidence-first read planeNo hidden production claim
User RouteScoped capsule workspaceGlobal authority blocked
Admin ControlEditorial + runtime governanceRoot powers excluded
Root-ControlLocal/hardware gatedOffline release authority

Mobile installable web shell

Install XPScerpto as a safe PWA shell.

The mobile shell may cache only public UI assets and safe public shells. Admin, correspondence, evidence, live IMAP status, API responses, cookies, CSRF tokens, message content, raw MIME, and attachments remain network-only/no-store.

Browser install prompt appears only when the browser exposes it.
PWA_INSTALLABLEYES
HOME_SCREEN_INSTALL_OBSERVEDYES_FROM_USER_SCREENSHOT
STANDALONE_MODEYES_FROM_USER_SCREENSHOT_OR_BROWSER_SIGNAL
OFFLINE_PUBLIC_SHELLYES
NATIVE_ANDROID_APKNO
NATIVE_IOS_APPNO
APP_STORE_READYNO
PLAY_STORE_READYNO
PRODUCTION_READYNO

P6.9.4-WEB-PWA-ADMIN-OPERATIONS-TRUTH-GATED

XPScerpto Souveränes Ausführungsportal

Eine souveräne Startseite für Plattformarchitektur, Autoritätsgrenzen, Nutzer-/Admin-/Root-Ebenen und Nachweise ohne externe Abhängigkeiten oder ungeprüfte Produktionsbehauptungen.

platformplatform.apiHWDomains
Evidence-bound claimsNo native claim unless attachedAdmin-editable homepageNo CDN / no external script
NO_CDNlocal-only assets
FULL_NAVcomplete public routes
TRUTH_GATEproduction claim locked
Runtime Truth Contract
backend_realTrue
backend_modedetached
native_runtime_attachedFalse
production_readyFalse
Platformplatform.apiHWDomains
production_ready is computed by backend policy, not by editorial toggle.

Sovereign Authority Chain

Platform → platform.api → HW → Domains

The front page now makes the sovereign authority path visible before any marketing claim.

01Platform

external world boundary, provider gating, public facts

02platform.api

filtered authorized facts and sealed runtime claims

03HW authority

capability truth, routing envelopes and native attachment status

04Domains

SIMD / VeloSeal64 / Integrity / PQC / FHE consume capability capsules

HSMD / HSM Evidence Gate

HSMD: from HSM presence to verifiable claim

A dedicated hardware-trust admission section that keeps HSM/PKCS#11 inside XPScerpto authority and evidence boundaries.

HSMD places HSM and PKCS#11 in a strict admission path: discovery, fingerprinting, challenge-sign verification, receipt binding, drift monitoring, then scoped admission or fail-closed rejection.

PlatformHWHSMDDomains
01Provider discovery

Identify providers and slots without granting ambient trust.

02Device fingerprint

Bind slot, provider and policy identity beyond a file path.

03Challenge-sign

Verify a live cryptographic response from the expected hardware path.

04Receipt binding

Record an auditable admission receipt.

05Drift monitor

Provider, slot or identity drift returns the claim to fail-closed.

06Scoped admission

Domains consume only the admitted claim within explicit authority boundaries.

What HSMD refuses

PKCS#11 config alone

Configuration is not evidence.

Software fallback

It is not real HSM proof.

Mock provider

Testing only; never a live trust claim.

Stale evidence

Old receipts or unresolved drift fail closed.

Module Constellation

Sovereign module constellation

The homepage shows the platform as a governed system, not as disconnected feature cards.

Studio-grade control plane

Sovereign portal command center

A production-style interface for public review, editorial control and evidence inspection.

01

Truth-gated runtime

backend_real is separated from native_runtime_attached and production_ready.

02

Advanced Admin Control Center

Pages, blocks, SEO, language content, navigation, footer, theme and evidence are governed from /admin.

03

Live runtime demo

A backend-backed demonstration emits JSON evidence without claiming native C++ attachment.

04

EU presentation posture

Strong public narrative with clear limits: presentation-ready, not technical-audit-final.

Public interfaceresponsive, multilingual, evidence-aware
Admin studiopages, blocks, SEO, theme, preview, history
Runtime truthbackend_real and native status stay separate

Evidence Wall

Evidence Wall

The page foregrounds what is proven, gated, or explicitly not production-ready.

backend_realtrue
native_runtime_attachedfalse
production_readyfalse
backend_modedetached
NO_CDNlocal CSS/JS only
NO_EXTERNAL_FONTsystem font stack only
NO_EXTERNAL_SCRIPTno external script authority
SEALED_ASSET_MANIFESTstatic asset hashes sealed
FAKE_TELEMETRY_BLOCKEDbackend truth contract wins
FINAL_PUBLIC_PRODUCTION_RELEASENO

Authority lineage

Four separated control planes

Public, app, admin and root-control are intentionally split to prevent governance collapse.

Publicevidence-facing read surfacesealed
Appscoped sandbox execution workspacesealed
Admincontent/runtime/threat governancesealed
Root-Controllocal offline release authoritysealed

Separated Control Planes

User / Admin / Root Plane Map

The landing page now explains which plane can do what and which powers are intentionally absent.

Evidence-first UI

Evidence-first experience

The portal renders truth, lineage, capsules and rejection state before marketing claims.

NO_FAKE_TELEMETRYenforced
ROLE_BOUNDARIESenforced
ROOT_AUTHORITYisolated
READY_FOR_P7native runtime next

Homepage Readiness Dossier

Homepage readiness dossier

A sovereign front page must sell confidence without lying about runtime proof.

Navigation complete

Home, sovereignty, architecture, modules, security, performance, evidence, EU readiness, docs and contact.

Executive hierarchy

Hero, authority chain, module constellation, evidence wall and plane map are visible without scrolling through admin-only context.

Sovereign dependency posture

No CDN, no external font, no remote script and no third-party visual dependency.

Truth preserved

REAL_NATIVE_RUNTIME_EXECUTION remains gated until the native adapter exists.

Authority visual

Start

Dieses Portal trennt den realen Python-Backendbetrieb vom nativen C++-Runtime. Aussagen bleiben durch Nachweise und den Runtime-Truth-Contract begrenzt.

Platform → API

External facts enter through the public/backend boundary only.

HW authority

Native runtime is not asserted unless the configured probe and evidence allow it.

Domains

SIMD/VeloSeal64/Integrity/PQC pages consume evidence-bound status, not local claims.

Evidence

Public proof panels read from the evidence manager and runtime truth contract.

Truth contract

No unproven production claim

production_ready is computed from native runtime attachment plus qualifying evidence; it is not an editorial toggle.

Evidence-first UI

Runtime-Adapter-Dossier

Echte native Ausführung oder explizites Fail-Closed

Adapter-ProtokollDer Adapter muss JSON liefern und native_runtime_attached=true explizit bestätigen.
Keine Fake-RuntimePython-Fallback für Live-Claims ist durch Policy deaktiviert.
BeweisbindungNative Runs erzeugen nur bei echter Attachment-Bestätigung versiegelte Evidenz.

User Operations Plane

Projekte, API-Schlüssel, Kapseln und Audit-Spuren

Projekte

Projekt-Datensätze pro Nutzer für Ausführungsgruppen.

Kapseln

Jede Annahme oder Ablehnung erzeugt eine verifizierbare Kapsel.

API-Governance

Scoped Keys tragen explizite Rechte und Quoten.

Evidence Center

Öffentliche Nachweise ohne Produktionsübertreibung

Runtime Truth, Asset-Seals, Sprachparität, Security-Chain und Deployment Readiness werden als prüfbare Berichte offengelegt.