What CPHAR Does Not Prove

Status
Draft
Audience
Protocol designers, Auditors, Regulators

The explicit non-goals of CPHAR — claims that hardware-attested sealing cannot, by itself, support.

CPHAR strengthens specific cryptographic claims about physical reserve integrity. It does not transform inspection, custody, or legal facts into cryptographic ones. This page enumerates the most important things CPHAR is not designed to prove.

CPHAR does not prove honest inspection

Whoever inspected the lot before sealing could have lied about quantity or grade. CPHAR ties subsequent attestation to that inspection record, but it does not validate the record itself. Treat inspection trust as an input to the system, sourced from existing audit, regulatory, or institutional controls.

CPHAR does not prove correct material measurement

Even an honest inspector can mis-measure. CPHAR does not infer composition or quantity from a signed challenge.

CPHAR does not prove that the seal hardware is unbreakable

Every tamper-responsive device has a threat model with assumptions about adversary capability, side channels, supply-chain integrity, and firmware. A valid attestation is evidence under that threat model — not an absolute guarantee.

CPHAR does not prove liquidity or market value

The fact that a reserve exists physically and is sealed says nothing about whether it can be sold, at what price, or under what jurisdiction.

Ownership is established by contracts, registries, and courts, not by signing keys. A valid attestation may be issued by a seal whose underlying material is disputed in litigation.

CPHAR does not prove freshness without protocol care

A signed challenge proves the seal was alive at signature time only. Verifiers must keep challenges fresh and timestamp tolerances tight. See Seal Attestation.

CPHAR does not prove the absence of off-book reserves or duplicates

Without disciplined registry policy and audit, an operator could attempt to double-count the same lot under different seals or omit lots from disclosure. CPHAR helps detect tampering but does not, by itself, solve the disclosure-completeness problem. See Reserve Claims for the no-double-counting construction.

Use precise language

Prefer:

  • "Hardware-attested seal evidence"
  • "Tamper-evident reserve accounting"
  • "Privacy-preserving aggregate reserve claim"

Avoid:

  • "Trustless reserve proof"
  • "Unhackable seal"
  • "Guaranteed reserves"
  • "Zero-knowledge reserves" (CPHAR uses ZK as one tool; it is not itself a ZK protocol)