Getting started

Project identityEvidence rules, real-system boundary, and non-claims. RoadmapSequencing, estimates, active lanes, and guarded promotion rules. Kernel and State LatticeCompiled C kernel reports, lifecycle summary, subsystem posture, and no external effects. Boot preview boundarySeaBIOS/GRUB compatibility, fixture manifest, preflight, QEMU templates, and blocked boot claims. Runtime boundaryDefault-deny runtime posture, Nucleus reports, and policy matrix metadata. Local workbenchPanel, LC, Nadia, and user-local authority boundaries. Latticra PanelGuided GUI workbench, dry-run-first installer flow, receipts, and user-local evidence. Latticra ConsoleStage-0 operator base, command registry, host contracts, and no-effect authority floor. NadiaOffline AI contract lane, metadata commands, and blocked runtime authority. Local validationPanel install evidence, package guards, disposable VM gates, and dry-run contracts. Installer readinessDisposable VM payload evidence, artifact manifest fixture, production gates, and blocked release claims. Packaging readinessPlatform package-shape records, source fixture gates, notice blockers, and publication non-claims. Security boundariesSafe testing, effect gates, and non-claims. Supply-chain gatesCI, dependency, SBOM, updater, runtime-authority, and release non-claims. Signed-updater delivery gateClosed update-delivery gate, local-checkout updater policy, and blocked signed apply authority. Incident response boundaryReporting routes, evidence preservation, response gates, and incident-response non-claims. Vulnerability management gateKEV/NVD review, exception records, release blockers, and product-security non-claims. Cryptographic assuranceFIPS/CMVP claim gates, key lifecycle, randomness, and no production crypto authority. Identity and access managementICAM gates, privileged access, MFA planning, account lifecycle, and no hosted identity services. Security logging and monitoringEvent-source inventory, audit events, redaction, retention, triage, and no SIEM or telemetry claims. Backup and recovery resilienceRestore testing, recovery prioritization, rollback planning, RTO/RPO, and no recovery-service claims. Secure configuration and change managementConfiguration inventory, baselines, checklists, approved changes, rollback planning, drift detection, and no hardening claims. Network exposure and remote accessNetwork inventory, internet exposure, ingress/egress policy, remote access, RMM, DNS/TLS lifecycle, and no network-service claims. Data classification and protectionData inventory, sensitive-data flows, PII review, minimization, retention, disposal, redaction, and no customer-data claims. Evidence modelPromotion levels, claim boundaries, and exact source records. System structureLayered architecture, authority boundaries, and evidence flow. Language laneLat, LIR, L-UI, no-effect reports, and source records. ExamplesRunnable local checks and expected report fields. Tool-boundary reviewLatticra Seal status, policy, reports, and boundaries.