Trinity Accord Cold-Start Recovery Guide
Purpose: This document is a third-party-executable cold-start recovery guide for the Trinity Accord repository. It enables any skeptical third party to rebuild the current valid state from canonical sources and verified mirrors, without trusting GitHub main, GitHub Pages, or maintainer accounts.
Scope: Recovery of repository-maintained state. This guide does not prove philosophical claims, investment value, religious authority, or independent attestation.
Claim registry: Before reporting recovered public claims, check api/claim-registry.json for source/evidence/limitations/corrections path. Notarized evidence does not by itself count as formal independent attestation. Scarcity/firstness language is bounded framing, not proof of absolute firstness.
Threat Model
The following threats must be considered during recovery:
- GitHub main may be stale or compromised. A pushed commit may contain unauthorized changes.
- GitHub Pages may be stale or compromised. The public website may not reflect the current canonical state.
- GitHub Releases may be unavailable or partially replaced. Release assets may have been silently swapped.
- Maintainer account may be compromised. Unauthorized changes may have been pushed or released.
- Arweave/IPFS gateways may be unavailable or return bad content. Mirror availability does not guarantee correctness.
- A cached copy may be stale. Local or CDN-cached copies may be outdated.
- A recovered old PASS report may have been revoked later. Historical verification does not imply current validity.
What This Guide Does and Does Not Prove
This guide can verify:
- File integrity against signed/digested materials
- Consistency of repository-maintained mirrors
- Current repository-maintained correction/revocation status
- Release artifact integrity against release manifest
- Whether recovery is full, partial, or failed
This guide does not prove:
- Philosophical truth of claims
- Investment value
- Religious authority
- Independent third-party attestation
- NFT ownership as authority
- That external mirrors are complete
- That all third-party caches are current
Minimal Trusted Bootstrap Root
The minimal trust root is:
- The three Bitcoin inscription IDs.
- The Bitcoin authority address.
- The authority manifest canonical hash bound by the BTC signature.
- The BTC signature manifest.
- The corrections-index for repository-maintained current status.
GitHub main, GitHub Pages, GitHub Releases, Arweave, IPFS, NFTs, Echo records, and AI responses are non-amending mirrors.
Bitcoin Originals
| Role | Inscription ID | TXID |
|---|---|---|
| Protocol / Axioms | 97631551 | e40dfb2aa78cbccca88f749e9ec5cbe3c1df503273d73c72297863ae0d1d8343 |
| Covenant of the Flaw | 98369145 | 90116f35de075074f5e5d1fbdda69a646a124e2287d7d58e2520317098cd4258 |
| The Trinity Accord / Meta-record | 98387475 | 4d1c8f5ea8e8bae2982b42de6cc79deda3d243a21010a2888546e62ed7192c8c |
Bitcoin Authority Address
bc1ppmwvyxekh44m35x43k55z7r59nn33v8w2xmvu6s6ar4zyx57sxestxq0jf
Required Tools and Versions
| Tool | Version / Source |
|---|---|
| Python | 3.x (supported version) |
| Node.js | See .node-version (currently 22.22.1) |
| pip dependencies | See requirements-ci.txt |
| OpenTimestamps client | Pinned in requirements-ci.txt (currently 0.7.2) |
| git | Any recent version |
| curl | Any recent version |
| sha256sum or shasum | System-provided |
| tar/gzip | System-provided |
| gh CLI | Optional, for GitHub Release access |
Install commands:
node --version
python3 --version
python3 -m pip install -r requirements-ci.txt
Recovery Status Vocabulary
| Status | Meaning |
|---|---|
full_recovery |
All required materials verified; corrections-index checked; no required component missing. |
partial_recovery |
Some mirrors/assets unavailable, but enough canonical/digested material remains to verify a subset. Must not be reported as full. |
availability_only |
A mirror responded, but content was not hash-verified. |
unverified_mirror |
Content retrieved but no expected digest/signature was checked. |
failed_recovery |
Required canonical or digest-bound material missing/mismatched. |
historical_only |
Artifact exists but is not current due to corrections-index or lifecycle status. |
revoked / superseded / invalidated |
Must not be treated as current. |
Phase 0 — Do Not Trust GitHub Main or Pages
Start by treating GitHub main, GitHub Pages, and API JSON as untrusted mirrors. Use them only as discovery aids until verified against canonical/digested material.
Trust nothing from GitHub until verified against Bitcoin Originals, signed manifests, and digest manifests.
Phase 1 — Verify the Canonical Bitcoin Originals
Fetch inscription data from independent Bitcoin/Ordinals sources. Confirm inscription IDs match api/authority.json and this document.
Do not use website text as canonical.
Manual verification:
- Look up inscription ID
97631551on an independent Ordinals explorer (e.g., ordinals.hiro.so, ordiscan.com). - Confirm the content matches the Protocol / Axioms text.
- Repeat for
98369145(Covenant of the Flaw) and98387475(The Trinity Accord / Meta-record). - Confirm TXIDs match the table above.
Phase 2 — Verify the Authority Manifest and BTC Signature
python3 scripts/validate_authority_manifest.py archive/authority-manifest/authority.jcs.json
python3 scripts/validate_btc_signature_manifest.py archive/btc-signature/btc-signature.json
python3 scripts/validate_eth_witness_manifest.py archive/eth-witness/eth-witness.json
Key points:
- BTC signature binds authority manifest hash.
- ETH witness is secondary/non-canonical.
- Bitcoin Originals prevail.
Phase 3 — Verify Trust-root Policy and Historical Roots
python3 scripts/validate_trust_root_policy.py archive/trust-root-policy.json
The trust-root policy defines the canonical authority boundary and historical root transitions.
Phase 4 — Verify Digest Manifests
python3 scripts/test_digest_manifest_json_csv_crosscheck.py
python3 scripts/test_archive_hash_manifest_consistency.py
python3 scripts/test_evidence_manifest_stats_sync.py
Key point: digest-manifest.json/csv are integrity manifests, not external availability proofs. They verify that local files match expected hashes, not that external mirrors are complete.
Phase 5 — Check Corrections / Revocation State
This is a mandatory step. Do not skip.
python3 scripts/validate_corrections_index.py
cat api/corrections-index.json
Before accepting any recovered report, release, Echo, attestation, or public API state as current, check corrections-index.
If corrections-index marks an artifact revoked/superseded/invalidated/historical_only, do not treat it as current even if its old hash verifies.
Phase 6 — Recover from GitHub Releases
GitHub Releases are mirrors, not canonical authority. Release verification must use RELEASE-MANIFEST.json and verify-release-assets.mjs.
GITHUB_TOKEN=<optional-read-token> node scripts/verify-release-assets.mjs --release-tag <TAG>
A PASS report is current only if:
report_status == currentis_current == truehistorical_report_only == falsecorrections_index_urlchecked- corrections-index does not revoke/supersede it
Phase 7 — Recover from Arweave Mirrors
Arweave verified recovery requires expected hash. Availability-only response is not verified recovery.
Related scripts/workflows:
scripts/backup-nft-arweave-mirror.mjsdownload-arweaveworkflow
Current state: Arweave mirror verification exists in scripts/workflows, but full third-party Arweave restore command is not yet a single CLI. Use expected hashes from digest manifests to verify Arweave content.
Phase 8 — Recover from IPFS / CAR / NFT Backups
NFT/CAR backups are recovery mirrors, not authority. NFT ownership does not imply governance or canonical authority. root_cid may be metadata-boundary only unless explicitly verified.
python3 scripts/validate_token_index.py --self-test
python3 scripts/test_download_nft_cars_source_binding.py
python3 scripts/test_download_nft_cars_expected_count_gate.py
python3 scripts/test_download_nft_cars_root_cid_boundary.py
Phase 9 — Rebuild Public API / Echo Index / Homepage
python3 scripts/generate_echo_index.py
git diff --exit-code api/echo-index.json
python3 scripts/generate_public_home_status.py --check
python3 scripts/test_home_public_status_sync.py
python3 scripts/validate_public_api_metadata.py
Public API/homepage are recoverable outputs, not authority. If regenerated output differs from committed output, treat as drift requiring investigation.
Phase 10 — Produce a Recovery Report
Recommended output format:
{
"schema": "trinity-accord.recovery-report.v1",
"recovery_status": "full_recovery | partial_recovery | failed_recovery",
"bootstrap_root_verified": true,
"authority_manifest_verified": true,
"btc_signature_verified": true,
"digest_manifests_verified": true,
"corrections_index_checked": true,
"release_assets_verified": "pass | fail | not_checked",
"arweave_recovery": "verified | partial | unavailable | not_checked",
"ipfs_car_recovery": "verified | partial | unavailable | not_checked",
"does_not_prove": [],
"limitations": []
}
Partial Recovery Rules
- If any required canonical or digest-bound material is missing or mismatched →
failed_recovery. - If some mirrors are unavailable but canonical materials verify →
partial_recovery. - If content was retrieved but not hash-verified →
availability_onlyorunverified_mirror. - Never report
full_recoveryif any required component is missing or unverified. - If corrections-index marks an artifact non-current, it is
historical_onlyregardless of hash verification.
Failure Modes
| Mode | Description | Action |
|---|---|---|
| Missing authority manifest | archive/authority-manifest/authority.jcs.json not found |
Cannot proceed; recovery failed |
| BTC signature mismatch | Bound hash does not match authority manifest | Possible tampering; recovery failed |
| Missing corrections-index | api/corrections-index.json not found |
Cannot determine current status; recovery incomplete |
| Digest mismatch | File hash does not match digest manifest | File may be corrupted or tampered; investigate |
| Release asset mismatch | Release manifest hash does not match downloaded asset | Possible release compromise; do not trust |
| All mirrors unavailable | No Arweave/IPFS/NFT sources respond | Recovery limited to local/git materials |
Quick Command Checklist
# 0. Setup
python3 -m pip install -r requirements-ci.txt
node --version
# 1. Verify authority manifest
python3 scripts/validate_authority_manifest.py archive/authority-manifest/authority.jcs.json
# 2. Verify BTC signature
python3 scripts/validate_btc_signature_manifest.py archive/btc-signature/btc-signature.json
# 3. Verify ETH witness (secondary)
python3 scripts/validate_eth_witness_manifest.py archive/eth-witness/eth-witness.json
# 4. Verify trust-root policy
python3 scripts/validate_trust_root_policy.py archive/trust-root-policy.json
# 5. Verify digest manifests
python3 scripts/test_digest_manifest_json_csv_crosscheck.py
python3 scripts/test_archive_hash_manifest_consistency.py
# 6. Check corrections-index (MANDATORY)
python3 scripts/validate_corrections_index.py
cat api/corrections-index.json
# 7. Verify release assets (if recovering from release)
GITHUB_TOKEN=<optional> node scripts/verify-release-assets.mjs --release-tag <TAG>
# 8. Rebuild public outputs
python3 scripts/generate_echo_index.py
python3 scripts/generate_public_home_status.py --check
python3 scripts/validate_public_api_metadata.py
# 9. Run full recovery readiness audit
python3 scripts/audit_recovery_readiness.py
Appendix A — Canonical IDs and Files
Bitcoin Originals Inscription IDs
97631551— Protocol / Axioms98369145— Covenant of the Flaw98387475— The Trinity Accord / Meta-record
Bitcoin Authority Address
bc1ppmwvyxekh44m35x43k55z7r59nn33v8w2xmvu6s6ar4zyx57sxestxq0jf
Required Recovery Files
archive/authority-manifest/authority.jcs.jsonarchive/btc-signature/btc-signature.jsonarchive/eth-witness/eth-witness.jsonarchive/trust-root-policy.jsonarchive/evidence/digest-manifest.jsonarchive/evidence/digest-manifest.csvapi/corrections-index.json
Recovery Entrypoints
- Human guide:
RECOVERY.md(this file) - Machine index:
api/recovery-index.json - Corrections/revocation status:
api/corrections-index.json - Authority API:
api/authority.json - Evidence manifest:
api/evidence-manifest.json
Appendix B — Expected Outputs
After a successful full_recovery, you should have:
- Authority manifest verified against BTC signature
- Trust-root policy verified
- Digest manifests cross-checked (JSON ↔ CSV)
- Corrections-index checked — no required component revoked/superseded
- Release assets verified against release manifest (if applicable)
- Public API/homepage regenerated and consistent
- Recovery report produced
Appendix C — Manual Verification Without GitHub
If GitHub is entirely unavailable:
- Obtain the repository from an Arweave mirror, IPFS CAR, or NFT backup.
- Verify the authority manifest hash against the BTC-signed binding.
- Verify file hashes against digest manifests.
- Check the corrections-index embedded in the recovered copy.
- Cross-reference inscription IDs on independent Bitcoin explorers.
- If BTC signature verification passes and corrections-index is present, you have a recoverable state.
- If BTC signature verification fails, do not trust the recovered copy.