Packet — P3.8.1 Parity Harness (R89 θ Wave 5)

§1. Goal

Ship src/domains/consensus/default-corpus.ts, src/domains/consensus/parity-harness.ts, and src/__tests__/domains/consensus/parity-harness.test.ts such that:

The 4-scenario corpus runs to QUORUM (SC1–SC3) and applies one slash (SC4).
SCENARIO_3 is consensus.md §Worked example byte-mapped.
Two runs with the same seed produce byte-identical reports.
10k synthetic events across all 4 scenarios complete in < 5s.
Harness body passes the κ forbidden-token corpus scan.

§2. File plan

§2.1 `src/domains/consensus/default-corpus.ts`

~150 lines.
Module-private builder mkRound, mkVote.
Exports the 4 scenarios + DEFAULT_CORPUS.
Every scenario is Object.freezed; the inner votes Map is wrapped in a ReadonlyMap projection (frozen Map proxy not necessary — we freeze the surrounding structure and rely on readonly typing).

§2.2 `src/domains/consensus/parity-harness.ts`

~350 lines.
Internal helpers:
- seededKeypair(seed_root: Buffer, label: string) — HMAC-SHA512(seed_root, label).slice(0, 32) → Ed25519 seed → createPrivateKey({key, format: 'der', type: 'pkcs8', ...}). We build the PKCS#8 DER frame manually with the 16-byte Ed25519 prefix 30 2e 02 01 00 30 05 06 03 2b 65 70 04 22 04 20 followed by the 32-byte raw seed — the standard Ed25519 PKCS#8 v1 encoding. Then derive the public key via createPublicKey(privKey).
- tagToBuffer(tag: string): Buffer — 32-byte zero-padded prefix.
- runScenarioOnce(...) — single deterministic execution.
- stripDeterminismCheck(report) — for the determinism comparison.
Public:
- runScenario(scenario, seed) → ParityReport — runs twice, compares, returns frozen report.
- runDefaultCorpus(seed?) → readonly ParityReport[] — default seed 42n.
- reportCanonicalBytes(report) → string.
- ParityHarnessError.

§2.3 `src/tests/domains/consensus/parity-harness.test.ts`

≥ 30 test cases in 8 groups (matches the contract test surface).

§3. Execution flow per scenario

§3.1 SCENARIO_1 (n=1)

Derive A’s keypair from (seed, 'single-arbiter', 'A').
Build A’s Vote on 0xab12 padded to 32 bytes.
signMessage(vote, privKey) → signed Vote.
New FinalitySM(round_id=1n, n_arbiters=1n).
fsm.receiveVote(signed, currentEpoch=1n).
Read fsm.current() ⇒ should be 'QUORUM'.
Build ParityReport:
- scenario_id: 'single-arbiter'
- n: 1n
- rounds_executed: 1n
- finality_reached: 'QUORUM'
- equivocation_proofs: []
- slashings_applied: 0n

§3.2 SCENARIO_2 (n=4 all honest)

Same shape as SC1 with 4 arbiters all signing 0xab12. Drive votes in declaration order (A, B, C, D); finality flips at the 3rd vote.

§3.3 SCENARIO_3 (n=4 Byzantine — worked example verbatim)

A/B/C sign 0xab12; D signs 0xCAFE.
Drive votes in declaration order.
After 3 votes (A/B/C) → QUORUM is hit.
D’s vote arrives at QUORUM state; harness records it but the FSM no-ops (no second-round equivocation).
equivocation_proofs: [] — D is Byzantine (divergent root) but NOT equivocating (only one signed tuple per arbiter).
slashings_applied: 0n.

§3.4 SCENARIO_4 (n=4 equivocator)

A/B/C sign 0xab12.
D signs both 0xab12 and 0xCAFE in the same round.
After 3 votes (A/B/C on 0xab12) → QUORUM hit at 0xab12.
The harness then calls detectDoubleVote('D', round_id=1n, allVotes). Returns 1 pair.
Build EquivocationProof from the pair via buildEquivocationProof.
Build a default attacker ReputationRow (score=10000, scar_bps=0, ban_until=null, domain=’arbitration’, node_id=’D’).
Create empty alreadyApplied = new Set<string>().
Call applyEquivocationSlash:
- First call: applied: true → slashings_applied = 1n.
- Second call: applied: false, reason: 'duplicate' → unchanged.
equivocation_proofs: [proof].
slashings_applied: 1n.

§4. Algorithm — deterministic keypair derivation

import { createHmac, createPrivateKey, createPublicKey,
         type KeyObject } from 'node:crypto';

const ED25519_PKCS8_PREFIX = Buffer.from(
  '302e020100300506032b657004220420', 'hex'
);

function seedToEd25519PrivKey(seed32: Buffer): KeyObject {
  if (seed32.length !== 32) {
    throw new ParityHarnessError('seed must be 32 bytes');
  }
  const der = Buffer.concat([ED25519_PKCS8_PREFIX, seed32]);
  return createPrivateKey({ key: der, format: 'der', type: 'pkcs8' });
}

function deriveSeed(seed_root: Buffer, label: string): Buffer {
  return createHmac('sha512', seed_root)
    .update(label)
    .digest()
    .subarray(0, 32);
}

function seededKeypair(
  seed_root: Buffer,
  scenario_id: string,
  arbiter_id: string,
): { privateKey: KeyObject; publicKey: KeyObject } {
  const seed = deriveSeed(seed_root, `${scenario_id}::${arbiter_id}`);
  const privateKey = seedToEd25519PrivKey(seed);
  const publicKey = createPublicKey(privateKey);
  return { privateKey, publicKey };
}

The seed_root for seed = 42n is the 32-byte big-endian of 42 left-padded: Buffer.alloc(32, 0); buf.writeBigUInt64BE(42n, 24);. That gives the harness one canonical bytes-form of the seed.

§5. Algorithm — `runScenarioOnce`

function runScenarioOnce(
  scenario: Scenario, seed: bigint,
): {
  finality_reached: FinalityLevel;
  equivocation_proofs: EquivocationProof[];
  slashings_applied: bigint;
} {
  resetLogicalForTesting();
  const seedRoot = bigintToSeedRoot(seed);
  const RULE_VERSION_HASH = Buffer.alloc(32, 1);

  // ... only first round is used for the QUORUM verdict. The harness
  // models a single-round scenario; rounds_executed = arbiters' votes.
  const round = scenario.rounds[0]!;
  const allVotes: Vote[] = [];
  const publicKeys = new Map<string, KeyObject>();

  for (const arbiter of scenario.arbiters) {
    const kp = seededKeypair(seedRoot, scenario.id, arbiter);
    publicKeys.set(arbiter, kp.publicKey);
    const vote = round.votes.get(arbiter)!;
    if (vote.kind === 'honest' || vote.kind === 'byzantine') {
      const merkle = tagToBuffer(vote.merkle_root_tag);
      const signed = makeSignedVote(arbiter, 1n, merkle, RULE_VERSION_HASH,
        kp.privateKey);
      allVotes.push(signed);
    } else {
      // equivocator: two distinct signed votes by the same key
      const a = makeSignedVote(arbiter, 1n,
        tagToBuffer(vote.merkle_root_tag_a), RULE_VERSION_HASH,
        kp.privateKey);
      const b = makeSignedVote(arbiter, 1n,
        tagToBuffer(vote.merkle_root_tag_b), RULE_VERSION_HASH,
        kp.privateKey);
      allVotes.push(a, b);
    }
  }

  const fsm = new FinalitySM(1n, scenario.n);
  for (const v of allVotes) {
    fsm.receiveVote(v, 1n);
  }

  // Detect equivocation across all arbiters.
  const equivocation_proofs: EquivocationProof[] = [];
  let slashings_applied = 0n;
  const alreadyApplied = new Set<string>();
  for (const arbiter of scenario.arbiters) {
    const pairs = detectDoubleVote(arbiter, 1n, allVotes);
    for (const [voteA, voteB] of pairs) {
      const proof = buildEquivocationProof({
        attacker_id: arbiter,
        epoch: 1n, round_id: 1n,
        signed_vote_a: voteA, signed_vote_b: voteB,
        submitter: 'harness',
      });
      equivocation_proofs.push(proof);
      const pk = publicKeys.get(arbiter)!;
      const row: ReputationRow = {
        node_id: arbiter, domain: 'arbitration',
        score: 10_000, scar_bps: 0,
        ban_until_epoch: null, last_activity_epoch: 0,
      };
      const result1 = applyEquivocationSlash({
        proof, attackerPubKey: pk, current_epoch: 1n,
        attackerRow: row, history: [], alreadyApplied,
      });
      if (result1.applied) {
        slashings_applied = slashings_applied + 1n;
      }
      // Idempotent re-submission — must not count.
      applyEquivocationSlash({
        proof, attackerPubKey: pk, current_epoch: 1n,
        attackerRow: row, history: [], alreadyApplied,
      });
    }
  }

  return {
    finality_reached: fsm.current(),
    equivocation_proofs,
    slashings_applied,
  };
}

§6. Algorithm — determinism check

function runScenario(scenario: Scenario, seed: bigint): ParityReport {
  const a = runScenarioOnce(scenario, seed);
  const b = runScenarioOnce(scenario, seed);
  const sameBytes = canonicalize(stripDeterminismCheck(a))
                  === canonicalize(stripDeterminismCheck(b));
  return Object.freeze({
    scenario_id: scenario.id,
    n: scenario.n,
    rounds_executed: BigInt(scenario.rounds.length),
    finality_reached: a.finality_reached,
    equivocation_proofs: Object.freeze(a.equivocation_proofs),
    slashings_applied: a.slashings_applied,
    determinism_check: Object.freeze({ seed, second_run_identical: sameBytes }),
  });
}

§7. Algorithm — performance gate

The test file uses Date.now() (forbidden inside the harness body but allowed in .test.ts files — the κ scanner only inspects the harness source). The test runs runDefaultCorpus(42n) in a loop and asserts the total wall-clock time. Two runs per scenario inside runScenario mean ~2 × 4 = 8 finality evaluations per runDefaultCorpus call. 2500 iterations × 4 scenarios × ~5 signatures/sig ≈ 50k Ed25519 ops, which at ~50µs each is ~2.5 seconds — comfortably inside the 5 second budget.

If the budget is tight in CI, we drop the iteration count.

§8. Acceptance gates

npm run build ⇒ TypeScript clean (no any, no implicit any, no unused imports).
npm run lint ⇒ ESLint clean (no errors, no --fix deltas leftover).
npm test ⇒ all suites pass, including all P3.8.1 cases.

§9. Anti-goals (explicitly rejected)

Adding new MCP tools.
Persisting ParityReport.
Modifying any shipped θ module (P3.1.1–P3.7.1).
Adding new npm dependencies.
Cross-arbiter VRF leader selection.

§10. References

Audit: docs/audits/p3-8-1-parity-harness-audit.md
Contract: docs/contracts/p3-8-1-parity-harness-contract.md
κ pattern: src/domains/rules/parity-harness.ts
Spec worked example: docs/3-world/physics/laws/consensus.md §Worked example