{"_self":{"principle":"Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.","widget":"article_topology","feature":"topology","name":"Article topology","what":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","contains":"claims, sources, anecdotes, question_graph slice","slug":"udst-v1-1-appendix-c-attack-types","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-appendix-c-attack-types/topology"},"how_to_use":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","write":null,"imessage":null,"router_tag":null,"proof_chain":[{"step":1,"claim":"Articles are voxel graphs of tiered claims, not prose blobs.","verify":"https://miscsubjects.com/api/articles/constitution"},{"step":2,"claim":"Claims link to hash-chained sources via source_ids.","verify":"https://miscsubjects.com/api/articles/udst-v1-1-appendix-c-attack-types/sources"},{"step":3,"claim":"Ask reads topology; ingest/claim append to ledger.","verify":"https://miscsubjects.com/api/protocol"},{"step":4,"claim":"Models queue growth: populate → collaborate → repair → reflex.","verify":"https://miscsubjects.com/api/protocol/grow"},{"step":5,"claim":"Graph proves its own shape (reflex) and $/claim (yield).","verify":"https://miscsubjects.com/graph.html?layer=reflex"},{"step":6,"claim":"Full feature index + _explain on every API response.","verify":"https://miscsubjects.com/api/articles/system-map"}],"related_features":[{"id":"ask","name":"Ask protocol","what":"Answer only from topology; creates question_node with gaps and ingest_hint.","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-appendix-c-attack-types/prompts","write":"https://miscsubjects.com/api/protocol/ask"}},{"id":"graph_topology","name":"Cross-article graph","what":"Merged claims/sources across condition+stack slugs for one question.","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-appendix-c-attack-types/graph-topology?question=..."}},{"id":"question_graph","name":"Question graph","what":"Ask nodes (questions + gaps) and evidence_ingest nodes (pasted model output).","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-appendix-c-attack-types/question-graph","write":"https://miscsubjects.com/api/protocol/ask"}},{"id":"voxels","name":"Voxel graph","what":"Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance.","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-appendix-c-attack-types/voxels","write":"https://miscsubjects.com/api/protocol/claim"}}],"system_map":"https://miscsubjects.com/api/articles/system-map","system_map_markdown":"https://miscsubjects.com/api/articles/system-map?format=markdown","not_medical_advice":true},"_explain":{"feature":"topology","name":"Article topology","what":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","why":"Every feature is auditable collective intelligence","how":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","model":null,"verifies":null,"urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-appendix-c-attack-types/topology"},"imessage":null,"router":null,"related":[{"id":"ask","what":"Answer only from topology; creates question_node with gaps and ingest_hint."},{"id":"graph_topology","what":"Merged claims/sources across condition+stack slugs for one question."},{"id":"question_graph","what":"Ask nodes (questions + gaps) and evidence_ingest nodes (pasted model output)."},{"id":"voxels","what":"Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance."}],"not_medical_advice":true},"slug":"udst-v1-1-appendix-c-attack-types","title":"UDST: V1 1 Appendix C Attack Types","register":"oip_protocol","tags":["OIP","UDST","systems-theory","deterministic"],"updated_at":"2026-07-04T05:03:15.628Z","body_excerpt":"# Appendix C — Attack Types\n\n1. **Definition** — terms are incoherent. In the build, this is tested by the `?ask` endpoint: if a term cannot be resolved to a capability, the router returns `did_you_mean` with nearest keys. A term that has no nearest key is incoherent. Example: asking for `LOCAL_BATTERY` when the capability is `LOCAL_BATTERY` (not `LOCAL_BATTERY_CHECK`) — the router returns `did_you_mean: [LOCAL_BATTERY]` and the term is resolved. A term that returns no nearest keys is flagged as a definition error.\n\n2. **Logic** — conclusion does not follow. In the build, this is tested by the materiality classifier: `POST /api/protocol/thread-update` classifies the raw turn into `objection`, `settlement`, `patch`, `breakage`, `test_result`, `clarification`, `prior_art`, `open_question`, or `branch_update`. If the conclusion does not follow from the premises, the classifier routes it to `sludge` (noise floor), not `material`. The logic is tested by the ledger: if the conclusion contradicts the premises in the same thread, the owner rejects it.\n\n3. **Empirical** — a real case falsifies. In the build, this is tested by the conformance suite: `GET /api/dispatch?conformance=1` runs 15 clauses against production, each with a live receipt. An empirical attack must produce a receipt that shows the clause failing. A claim without a receipt is not empirical.\n\n4. **Scope** — full-scope accounting is impossible or misused. In the build, this is tested by the receipt's `story` field: the story is a one-line forensic narrative that includes the full accounting (enforcement cost, externality, recurrence, suppressed capability, downstream instability, maintenance burden, audit debt). A receipt without a story is out of scope. The `?receipt=INV_ID` endpoint returns the full story; if the story omits a known cost, the scope is violated.\n\n5. **Category-error** — a concept is transferred across levels invalidly. In the build, this is tested by the capability's `category` field: a capability is typed by category (e.g., `oip`, `mcp`, `system`, `runner`), and a concept from one category cannot be transferred to another without explicit mapping. Example: treating `OIP` as a content management protocol (category `content`) when it is an object invocation protocol (category `oip`) is a category error. The directory enforces category boundaries.\n\n6. **Implementation** — the protocol cannot be executed. In the build, this is tested by the `?conformance=1` endpoint: if any clause cannot be executed, the suite returns `status: failed` with the exact clause and error. The protocol is not a specification; it is a live system that executes every time it is invoked.\n\n7. **Prior-art** — the welded construction already exists. In the build, this is tested by the `?why=1` endpoint: it lists 18 objections, each with a verdict. If the attack is already addressed, the endpoint returns the settled answer and the relitigation detection. The system does not claim novelty; it claims operationality.\n\n8. **Falsifiability** — the counterexample condition cannot be met in practice. In the build, this is tested by the `?conformance=1` endpoint: the falsifiers are live metrics, not theoretical conditions. If a counterexample cannot be produced, the system does not claim it is impossible; it claims it has not been observed. The ledger records the absence of counterexamples as a standing metric.\n\nA valid attack states its type, names its tier, names the exact claim, shows the work, and proposes the minimum patch. In the build, this is the `POST /api/protocol/thread-update` endpoint: the body must include `type`, `tier`, `exact_claim`, `work`, and `minimum_patch`. If any field is missing, the classifier routes it to `sludge`. The system does not reject attacks; it classifies them. Valid attacks are material; invalid attacks are noise. The distinction is not censorship; it is taxonomy.\n\n\n---\n\n## Corpus map\n- Previous: [UDST: V1 1 Appendix B Compact Benchmark](/a/udst-v1-1-append","ranking":"safety-first (interaction_risk/limitations), then quote-gated effective_weight","claims":[],"sources":[],"anecdotal_sources":[],"scientific_sources":[],"user_reports":[],"related_articles":[],"question_graph":{"slug":"udst-v1-1-appendix-c-attack-types","questions":[],"evidence":[],"edges":[],"counts":{"questions":0,"evidence":0,"edges":0}},"honesty":{"active_claims":0,"retracted_claims":0,"cut_claims":0,"challenges":0,"scrub_events":0,"note":"Retracted/cut claims stay on ledger but are excluded from ask unless ?include_inactive=1"},"counts":{"claims":0,"claims_total":0,"sources":0,"anecdotal":0,"scientific":0,"user_reports":0,"questions":0,"evidence_ingests":0}}