The vectors are the authority.

Content addressing (b3: + base64url over BLAKE3-256) and the canonical forms — deterministic CBOR for the receipt core, JCS for the attestation core — reproduce byte-for-byte. No float appears in any canonical form.

Given a grant set, the deny-by-default Enforcer returns the fixed decision for every query, including the negatives: a dispatch to an ungranted device class, a write to a read-only path, an egress to an unlisted endpoint — all denied.

A receipt round-trips through its JCR-1 envelope and verifies under the steward key. The per-device records sum to the total, the measured-coverage rule holds, and the provenance ↔ measured coupling holds for every record.

An attestation core canonicalizes to fixed JCS bytes and produces the fixed Ed25519 signature; verification accepts it and rejects a single-bit mutation. The attestation's device classes match the bound receipt's.

Given a grant set and isolation flags, the host selects the lowest tier whose guarantees satisfy it. A host that runs above or below the required tier fails.

Malformed artifacts a conformant host MUST reject: a HwShunt reading with no measured figure, a folded-accelerator total, an unnamed accelerator, an S6 attestation without TEE evidence, a divergent or truncated replay, and a detectable mid-run grant mutation.

SEV-SNP report verification — a valid report that verifies against policy and VCEK, plus negatives (wrong launch measurement, a tampered body that fails the ECDSA-P384 signature) — and a hash-chained audit-log vector that must verify.