Skip to content

docs(backlog): far-future-timestamp fix + re-climb the ladder to Rung 4#36

Merged
cuihtlauac merged 1 commit into
mainfrom
backlog-future-ts-reclimb
Jun 18, 2026
Merged

docs(backlog): far-future-timestamp fix + re-climb the ladder to Rung 4#36
cuihtlauac merged 1 commit into
mainfrom
backlog-future-ts-reclimb

Conversation

@cuihtlauac

Copy link
Copy Markdown
Member

Rewrites the top backlog item so the far-future request-timestamp replay residual — surfaced during PR #35 by the Extended Rung 4 ReplayWindow model's NoFutureReplay witness — is captured as two explicit parts:

  1. The fixcheck_freshness / parse_age reject timestamps more than a small clock-skew allowance into the future, instead of clamping to age 0 with no upper bound.
  2. Re-climb the ladder to Rung 4 — re-discharge every already-climbed rung that the changed code touches, so the proofs don't trail the fix:
    • Rung 1: regression test for the rejected far-future timestamp
    • Rung 2: extend the src/prop.rs freshness property to assert rejection
    • Rung 3: re-drive the Kani ymd_hms_to_epoch monotonicity/totality proofs
    • Rung 4: flip the ReplayWindow NoFutureReplay invariant from surfaced-gap witness to a held invariant

Backlog-only doc change; no code or build impact.

🤖 Generated with Claude Code

…adder to Rung 4

The far-future request-timestamp replay residual surfaced during PR #35 (by the
Extended Rung 4 ReplayWindow model's NoFutureReplay witness). Rewrite the
top backlog item so it is explicit that the work is two-part: (1) the code fix
in check_freshness / parse_age, and (2) re-discharging every rung that covers
the touched code — Rung 1 regression test, Rung 2 freshness property, Rung 3
Kani monotonicity, Rung 4 flipping NoFutureReplay to a held invariant — so
assurance returns to the Rung 4 level rather than leaving the proofs trailing
the code.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@cuihtlauac cuihtlauac merged commit 358a925 into main Jun 18, 2026
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant