Status: Stable · Phase: Verify, Operate · Priority: P0.4 (package), P3.1 (composite)
Unified trust scoring across packages, devices, firmware, configuration, and runtime behavior.
| Input | Weight (initial) | Source |
|---|---|---|
| Package trust | 20% | spanda trust <package> (registry provenance required for official_framework factor when --project is set) |
| Device integrity | 20% | Agent attestation (package adapter) |
| Firmware integrity | 15% | Hash vs declared firmware |
| Configuration integrity | 20% | spanda integrity |
| Identity validation | 15% | Signed comm, trust_boundary |
| Safety integrity | 10% | Safety auditor + certify |
spanda trust rover.sd
spanda trust rover.sd --json
Per package: Trusted · Modified · Unknown
Feeds readiness trust factor, deployment gates (official_provenance, registry_signatures under
--policy production), scorecard security category, tamper response policies, and spanda explain
composite_trust section.
See package-trust.md · tamper-detection.md · trust-boundaries.md · platform-maturity-roadmap.md.