{
  "artifact": "glasshouse-attestation-tamper-20260515",
  "generatedAt": "2026-05-15T17:04:37.116Z",
  "status": "passed",
  "scope": "Local Glasshouse attestation server tamper scenarios. No provider API keys, package keys, encrypted payload bytes, or tunnel URLs are included.",
  "summary": {
    "scenarios": 10,
    "rejectedTamperScenarios": 9,
    "verifiedControlScenarios": 1,
    "failClosed": true,
    "keyReleaseOnlyAfterValidAttestation": true
  },
  "scenarios": [
    {
      "name": "composite hash mismatch",
      "status": "rejected",
      "expected": "fail closed",
      "message": "Composite hash is not self-consistent"
    },
    {
      "name": "manifest hash mismatch",
      "status": "rejected",
      "expected": "fail closed",
      "message": "Manifest hash does not match registered deployment"
    },
    {
      "name": "container id mismatch",
      "status": "rejected",
      "expected": "fail closed",
      "message": "Container ID does not match registered deployment"
    },
    {
      "name": "stale timestamp",
      "status": "rejected",
      "expected": "fail closed",
      "message": "Attestation timestamp outside freshness window"
    },
    {
      "name": "anti-debug disabled",
      "status": "rejected",
      "expected": "fail closed",
      "message": "Anti-debug protection must be active before key release"
    },
    {
      "name": "runtime state spoofed",
      "status": "rejected",
      "expected": "fail closed",
      "message": "Attestation request must originate from the measured enclave state"
    },
    {
      "name": "anti-debug profile downgraded",
      "status": "rejected",
      "expected": "fail closed",
      "message": "Anti-debug profile does not match manifest execution policy"
    },
    {
      "name": "valid measured attestation",
      "status": "verified",
      "expected": "key release allowed",
      "message": "fresh measured manifest released one encrypted package key"
    },
    {
      "name": "nonce replay",
      "status": "rejected",
      "expected": "fail closed",
      "message": "Nonce replay detected"
    },
    {
      "name": "jwt claim mismatch",
      "status": "rejected",
      "expected": "fail closed",
      "message": "JWT claims do not match registered deployment"
    }
  ],
  "caveats": [
    "This is a local attestation-server tamper test, not a live provider GPU run.",
    "The live GPU lifecycle artifacts separately prove provider acceptance, execution, and zeroized cleanup."
  ]
}