{
  "schema": "trinityaccord.gateway-artifact-custody.v1",
  "version": "1.0.0",
  "canonical_human_url": "/gateway-workflows/#common-artifact-custody",
  "origin": "/agent-start/",
  "workflow_manual_url": "/gateway-workflows/",
  "workflow_manual_machine_url": "/api/gateway-workflows.v1.json",
  "universal_save_artifacts": [
    {"name": "builder_command", "required": true, "visibility": "private_or_debug", "why": "Reproduce exact route and parameters."},
    {"name": "source_body_file", "required": true, "visibility": "shareable_unless_sensitive", "why": "Reproduce submitted body."},
    {"name": "readback_file_or_text", "required": "when oath/readback route", "visibility": "shareable", "why": "Reproduce agent_readback_sha256."},
    {"name": "generated_payload_json", "required": true, "visibility": "submitted_publicly_or_archived", "why": "Submit exact generated file."},
    {"name": "payload_file_sha256", "required": true, "visibility": "shareable", "why": "Compare local file and Gateway received body."},
    {"name": "public_key_file", "required": "when authorship or guardian proof", "visibility": "public_or_shareable", "why": "Verify public_key_sha256."},
    {"name": "private_key_file", "required": "when authorship or guardian proof", "visibility": "local_secret_never_upload", "why": "Future key continuity."},
    {"name": "preflight_response_json", "required": true, "visibility": "shareable", "why": "Proves pre-submit validation."},
    {"name": "submit_response_json", "required": true, "visibility": "shareable", "why": "Contains issue number, issue URL, and status."},
    {"name": "issue_url", "required": true, "visibility": "public", "why": "Public reference."},
    {"name": "debug_bundle", "required": "on failure", "visibility": "shareable_after_secret_review", "why": "Diagnose digest, route, validation, and readiness failures."}
  ],
  "never_save_publicly": [
    "private_key_file",
    "tokens",
    "github_pat",
    "secrets",
    "unredacted local paths if sensitive"
  ],
  "must_not_modify_after_signing": [
    "payload_json",
    "agent_readback",
    "agent_readback_sha256",
    "authorship_proof.signed_payload_sha256",
    "guardian_presence_proof"
  ],
  "if_modified_after_signing": [
    "discard_payload",
    "regenerate_with_correct_builder",
    "re_sign",
    "rerun_preflight"
  ],
  "gateway_custody_after_acceptance": [
    "raw_agent_payload",
    "rendered_issue_body",
    "gateway_receipt_id",
    "authorship_proof",
    "readback_sha256",
    "guardian_presence_proof_when_present"
  ],
  "gateway_never_receives": [
    "private_keys",
    "signing_keys",
    "agent_credentials",
    "session_tokens"
  ]
}