Cairn — the protocol

01 · The trust model

Enforced, legible, judged.

Every claim in a trade is labeled by who can stand behind it. This single distinction is the protocol's organizing idea — it decides what goes on-chain, what gets a signature, and what stays a human call.

Layer	Who checks it	Examples
enforced	the contract or a deterministic validator	escrow, seller bond, replay protection, registry status, typed spendability digest, state transitions
legible	signed / typed evidence — still judgment-dependent	photos, shop-domain proof, route & insurance evidence, verifier attestations
judged	people: buyer, seller, verifier, arbiter, agent	authenticity, raw condition, trust weight, claim remedy, "is this evidence enough"

02 · The spine

What the contract actually enforces.

The on-chain surface is deliberately small — a smaller trusted base is cheaper, safer, and a smaller audit target. It holds the mechanical, funds-and-liveness skeleton and nothing semantic.

identity & rolesactor registry, role authority, buyer-scoped verifier approvals
valueescrow, seller bond, buyer dispute bond, bounded payouts
integritysigned packet hashes, replay protection, item fingerprint + inventory lock bound to it
spendabilitytyped route/delivery digest bound to contract·chain·trade·gate·leg·artifact·issuer
gatingfingerprint challenge blocks route until clearance; route consumes a spendability + wall-bundle hash; delivery evidence before inspection
lifecycleclaim / ruling / receipt state transitions
livenessarbiter replacement + emergency timeout; a stuck claim escalates to a ruling, never deadlocks

The line between on-chain and off is drawn by one rule, applied to every guarantee:

bind on-chain   ⟺   it protects FUNDS or LIVENESS   ∧   it is a MECHANICAL check
otherwise       →   anchor the hash · validate off-chain · disclose · measure

The spendability digest is the pattern in miniature — a real on-chain capability whose issuer is the committing party, so it is binding and non-replayable but self-minted:

RouteSpendability { escrow, chain, trade, gate, leg, artifactHash, issuer = msg.sender } → binding · non-replayable · self-minted (not independent authorization)

03 · Measuring the off-chain

Trust is a vector, not a score.

Everything off-chain is measured, not asserted. A source's trust is a multi-dimensional reading the agent and the human can both inspect — never collapsed into one authority number.

coverage            what proof exists
independence        whether sources share control
continuity          whether the actor / history is continuous
scope_fit           whether prior trust fits THIS trade
cost_to_fake        how expensive the fake path looks
source_calibration  how past calls have matched outcomes

→ output a vector, never a verdict

The settlement-calibration loop scores whether each off-chain judgment held, so residual risk stays visible instead of hidden. Calibration records are portable — they are the reputation of sources and of the judgment market.

04 · The gap taxonomy

Where physical reality leaks.

A protocol moves bytes; the trade is about an atom. Seven gaps name exactly where the digital record cannot reach the physical card. Cairn does not pretend to close them — it enumerates, prices, and routes them.

G1 · binding	bytes name a claim, not atoms — a hash commits a photo, not the object
G2 · sensor	a photo is a sample, not the object; resolution and angle bound what can be seen
G3 · continuity	a handoff is attested, not proven; custody between scans is inference
G4 · identity	a key is not a person; control of a wallet is not a legal identity
G5 · judgment	some calls (authenticity, grade) need a human; no validator settles them
G6 · egress	final accept is human judgment on arrival, not physical truth
G7 · time	evidence is a snapshot; the object is a process — true then can be false now

Accountable, not impossible.

05 · Judgment supply

The hard calls are bought from a market.

The gaps that need a human (G5, forensic authenticity, dispute fault) are not resolved by the protocol. They are bought from a two-sided market of competing humans — verifiers pre-trade, arbiters post-dispute — that Cairn hosts but is not part of.

the flooran always-present, reproducible LLM ruling on record coherence / completeness / comparison — scoped away from physical authentication by design
the ladderfloor → panel → human arbiter → specialist; the buyer's risk budget picks the tier, escalation is staged and loser-pays
the marketproviders (shops, specialists) compete on calibration × cost × turnaround; the agent selects per trade, the human approves
commitmentthe per-trade Judgment Supply Commitment is hashed on-chain; content (SLA, fee, remedy, conflict) stays off-chain and disclosed

A paid verdict is "reviewed by <provider> for <scope>," never "verified authentic." Conflict is disclosed, independence is measured against outcomes, and providers post a bond — a wrong call costs them.

06 · The lifecycle

One trade, every leg on the record.

The custody ledger is the trade's state machine. Each leg is tagged by who stands behind it, and the seams are preserved rather than smoothed over.

created enforced funded enforced bonded enforced evidence legible — ingress: bytes name a claim, not atoms fingerprint enforced committed, nonce-bound inventory lock enforced bound to the committed fingerprint route enforced consumes spendability + wall-bundle delivery legible — continuity: handoff is attested, not proven inspection judged opens the reserved arrival decision accept / claim judged — egress: final accept is human judgment ruling judged legible & reproducible from inputs settled enforced receipt legible future trust, never universal proof

07 · Open, and no-overclaim

Free to read. Honest about its limits.

Cairn is a protocol, not a walled garden. The record is free to read, evidence can come from anywhere, and a collection's history attaches to the owner's wallet — portable, not hostage. Read is open; write is gated and signed; a private collection stays private.

Never claimed	Said instead
verified authentic	reviewed by <who> for <scope>
guaranteed safe · trust score	the record is coherent enough to continue
the protocol proved the card	the contract enforced the funding / bond / state transition
the route proves delivery truth	the route evidence supports an insurance claim
this raw card is NM	my read: looks LP+, not graded — judged from the photos