Skip to main content

Proof Architectures for Presence Adjudication

Not every Presence Adjudication System contains a sophisticated proof architecture.

A witness statement is a form of evidence, but it is not usually described as a proof architecture. A regulator’s record may settle an issue, but the evidentiary form remains largely institutional rather than formally structured. A centralized digital platform may log location events, but often leaves the interpretation of those logs to internal systems and operator discretion.

Type 6 Presence Adjudication Systems are different. They operate in environments where multiple parties may need to rely on consequential claims of presence without sharing the same institution, trusting the same operator, or accepting broad disclosure of raw traces. In such settings, the architecture of proof becomes much more important.

This page is concerned with that architecture.

Its purpose is not to argue that proof systems alone solve the larger problem of presence adjudication. They do not. Proof is one part of a broader evidentiary and institutional structure. But it is an increasingly important part, because the shape of the proof architecture influences what kinds of claims can be expressed, what kinds of privacy can be preserved, what can be verified formally, and what remains dependent on trust, governance, or dispute.

PAS and PPS

A useful distinction is needed at the outset.

A Presence Adjudication System (PAS) is the broader system by which presence claims become socially and institutionally usable. It includes not only evidence formation and verification, but also adjudication, dispute, finalization, and the rules by which outcomes become durable enough for others to rely upon.

A Presence Proof System (PPS) is narrower. It is the evidentiary subsystem that transforms measurements or observations into a verifiable claim about presence.

In simplified form:

  • PPS answers: how is the claim proven?
  • PAS answers: how does the claim become relied upon?

This distinction matters because a system may have a strong PPS and still have a weak PAS. It may produce elegant proofs, yet remain fragile in dispute, poorly governed, or vulnerable to finality failure.

Why Proof Architecture Matters

A presence claim is not self-interpreting.

To say that a person, device, or asset was within a region during an interval is already to move from the physical world into a structured proposition. The question is how that proposition is supported.

In weak systems, support often takes the form of raw traces, operator logs, screenshots, manually assembled records, or private database entries. These may be usable, but they do not provide much formal discipline. They usually reveal more than necessary, depend heavily on institutional trust, and become awkward under dispute.

A proof architecture matters because it changes the evidentiary form of the claim.

Instead of asking a relying party to inspect broad telemetry and infer what happened, the system can ask a narrower question:

can this proposition be shown to hold under explicit rules, using evidence that is verifiable at the level the claim requires?

That shift is foundational.

The General Shape of a Presence Proof System

A Presence Proof System can be understood as a chain with several stages.

StageFunction
ObservationPhysical signals or observations enter the system
Claim formationThe relevant proposition is defined
Evidence constructionObservations are transformed into a provable evidentiary form
Proof generationA proof or structured evidence object is produced
Proof verificationAnother party checks that the claim follows under the relevant rules

Not every PPS makes these stages equally explicit, and not every system draws the boundaries in the same way. But this progression is useful because it shows where architectural choices arise.

A system may differ in:

  • how observations are trusted
  • how claims are bounded
  • how much data must be revealed
  • whether the proof is public or private
  • whether the proof is purely formal or partly institutional
  • whether verification is deterministic or judgment-laden

These differences define the proof architecture.

Major Architectural Families

Trace-Based Proof

In trace-based architectures, the proof is effectively the trace itself, or a large portion of it.

A prover discloses raw location data, timestamps, movement history, or device logs, and the relying party inspects these materials to infer whether the claim is satisfied.

This is still the dominant pattern in many real-world systems because it is operationally straightforward and easy to understand. But it has serious weaknesses. It over-discloses by default, scales poorly under dispute, and often leaves interpretation inseparable from institutional judgment.

It is best thought of as a low-maturity evidentiary architecture: sometimes useful, often unavoidable, but structurally weak as a long-term foundation.

Attestation-Based Proof

In attestation-based architectures, a trusted party or trusted device asserts that the claim is true or that relevant measurements were observed.

Examples may include:

  • signed device attestations
  • secure hardware reports
  • witness attestations
  • inspector certifications
  • trusted measurement providers

This architecture can improve integrity and reduce the need to expose raw traces directly. But it shifts the trust burden onto the issuer of the attestation. The proof becomes strong only to the extent that the attesting party or hardware root is itself trusted.

Attestation-based systems are therefore often useful components, but rarely complete answers on their own.

Predicate-Based Cryptographic Proof

In predicate-based architectures, the system proves not the underlying data itself, but that the data satisfies a defined condition.

This is where cryptographic proof systems become especially important. Instead of revealing all coordinates or measurements, the prover may establish that:

  • the measurements are consistent with being within a region
  • the claim falls within a time window
  • a path crossed a threshold
  • a device did not leave a zone during a bounded interval

This architecture is central to the privacy-preserving ambitions of Type 6 PAS because it allows the evidentiary object to be the claim rather than the trace.

Commitment-and-Reveal Architectures

In these architectures, underlying measurements or claim data are first committed to in a binding form and only selectively revealed later if needed.

This can be useful where:

  • the system wants to preserve evidence without exposing it immediately
  • disputes may require later escalation
  • challengers need confidence that hidden data existed at the relevant time
  • finalization depends on proving that records were not altered after the fact

Commitments can strengthen integrity and support future dispute resolution, but they do not by themselves prove that the committed data is true.

Hybrid Architectures

Most serious systems are likely to be hybrid.

A mature PPS may combine:

  • signed measurement sources
  • commitments to raw observations
  • predicate proofs for ordinary adjudication
  • selective reveal under dispute
  • verifier checks for rule compliance

The important question is not whether the architecture is pure. It is whether the different layers fit together coherently.

The Central Design Tension

Proof architectures are shaped by a central tension:

Should the system prove the data, or prove the claim?

A system that proves the data tends to maximize inspectability at the cost of privacy and boundedness.

A system that proves the claim tends to support better disclosure discipline, but also demands more sophistication in proof construction, clearer claim semantics, and stronger confidence that the underlying measurements were handled correctly.

Type 6 systems matter in part because they are among the few PAS types capable of making the second path viable at scale.

Public Proofs, Private Proofs, and Layered Disclosure

Not all proofs are disclosed in the same way.

A proof architecture may be:

  • public, meaning the relevant proof object can be checked by any party with access to it
  • private, meaning only designated parties can verify or interpret the proof
  • layered, meaning ordinary adjudication uses bounded proof, while deeper evidence remains available only under challenge or escalation

Layered disclosure is especially important for Type 6 systems because it avoids a false choice between “show everything” and “show nothing.”

Proof Architecture Does Not Remove Measurement Risk

A strong proof architecture does not make a presence claim trustworthy all the way down.

A proof system may perfectly establish that a claim follows from a set of inputs. But if those inputs were fabricated, spoofed, or poorly grounded in physical reality, the overall evidentiary result remains weak.

This is why proof architecture must always be understood in relation to:

  • measurement trust
  • prover incentives
  • verifier incentives
  • dispute design
  • governance
  • finality

A PPS is not the whole PAS.

Evaluating a Presence Proof Architecture

A PPS should be judged by questions such as these:

DimensionQuestion
Claim boundednessDoes the system prove a narrow proposition or require broad data exposure?
Measurement dependenceHow much trust is still placed in hidden inputs or attestors?
Privacy disciplineHow much is revealed in ordinary use?
Proof soundnessDoes the proof actually establish the intended claim?
Verification costHow expensive is it to check the proof?
Dispute compatibilityCan the architecture support challenges and escalation?
ReplayabilityCan later parties understand what was proven and under what rules?
PortabilityCan the proof travel across institutional boundaries?
Adjudicative fitIs the proof usable inside a broader PAS, not just elegant in isolation?
ComposabilityCan the proof architecture coexist with other evidentiary layers?

Conclusion

A Presence Proof System is not the whole of a Presence Adjudication System. But it is one of the places where a system’s evidentiary philosophy becomes visible.

Weak architectures treat presence as something to be inferred from broad records after the fact. Stronger architectures aim to make bounded claims directly provable under explicit rules, with disclosure disciplined to the needs of the claim rather than the appetites of the observer.

That is the deeper significance of proof architecture in this field.

It is not only about formal correctness. It is about deciding what kind of evidentiary object a presence claim should become.

And for Type 6 systems, that choice is fundamental.

Last updated on