{"_self":{"principle":"Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.","widget":"article_topology","feature":"topology","name":"Article topology","what":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","contains":"claims, sources, anecdotes, question_graph slice","slug":"udst-v1-1-attack-protocol","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-attack-protocol/topology"},"how_to_use":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","write":null,"imessage":null,"router_tag":null,"proof_chain":[{"step":1,"claim":"Articles are voxel graphs of tiered claims, not prose blobs.","verify":"https://miscsubjects.com/api/articles/constitution"},{"step":2,"claim":"Claims link to hash-chained sources via source_ids.","verify":"https://miscsubjects.com/api/articles/udst-v1-1-attack-protocol/sources"},{"step":3,"claim":"Ask reads topology; ingest/claim append to ledger.","verify":"https://miscsubjects.com/api/protocol"},{"step":4,"claim":"Models queue growth: populate → collaborate → repair → reflex.","verify":"https://miscsubjects.com/api/protocol/grow"},{"step":5,"claim":"Graph proves its own shape (reflex) and $/claim (yield).","verify":"https://miscsubjects.com/graph.html?layer=reflex"},{"step":6,"claim":"Full feature index + _explain on every API response.","verify":"https://miscsubjects.com/api/articles/system-map"}],"related_features":[{"id":"ask","name":"Ask protocol","what":"Answer only from topology; creates question_node with gaps and ingest_hint.","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-attack-protocol/prompts","write":"https://miscsubjects.com/api/protocol/ask"}},{"id":"graph_topology","name":"Cross-article graph","what":"Merged claims/sources across condition+stack slugs for one question.","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-attack-protocol/graph-topology?question=..."}},{"id":"question_graph","name":"Question graph","what":"Ask nodes (questions + gaps) and evidence_ingest nodes (pasted model output).","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-attack-protocol/question-graph","write":"https://miscsubjects.com/api/protocol/ask"}},{"id":"voxels","name":"Voxel graph","what":"Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance.","urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-attack-protocol/voxels","write":"https://miscsubjects.com/api/protocol/claim"}}],"system_map":"https://miscsubjects.com/api/articles/system-map","system_map_markdown":"https://miscsubjects.com/api/articles/system-map?format=markdown","not_medical_advice":true},"_explain":{"feature":"topology","name":"Article topology","what":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","why":"Every feature is auditable collective intelligence","how":"Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER.","model":null,"verifies":null,"urls":{"read":"https://miscsubjects.com/api/articles/udst-v1-1-attack-protocol/topology"},"imessage":null,"router":null,"related":[{"id":"ask","what":"Answer only from topology; creates question_node with gaps and ingest_hint."},{"id":"graph_topology","what":"Merged claims/sources across condition+stack slugs for one question."},{"id":"question_graph","what":"Ask nodes (questions + gaps) and evidence_ingest nodes (pasted model output)."},{"id":"voxels","what":"Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance."}],"not_medical_advice":true},"slug":"udst-v1-1-attack-protocol","title":"UDST: V1 1 Attack Protocol","register":"oip_protocol","tags":["OIP","UDST","systems-theory","deterministic"],"updated_at":"2026-07-04T05:03:16.143Z","body_excerpt":"# Attack Protocol\n\nAn attack on this framework should do six things. Each step is implemented by a live endpoint in the build, so the attack is not a theoretical exercise but an operational procedure.\n\n**Engage the strongest version of the claim.** State the claim back in its strongest form, with the qualifiers intact, before attacking. Attacking a weakened restatement is not engagement.\n\nIn the build, this is the `?why=1` endpoint: `GET /api/dispatch?why=1&format=markdown` returns the 18 objections, each with the strongest version of the claim and the verdict. Before attacking, read the objections. If your attack is already addressed, it is not engagement.\n\n**Name the tier.** State which falsification surface the attack engages. The framework is designed so higher tiers can fail without collapsing lower tiers; an attack should know what it kills and what survives if it succeeds.\n\nIn the build, this is the conformance suite: `GET /api/dispatch?conformance=1` returns 15 clauses, each a tier. An attack on C1 (manifest) does not collapse C14 (clarity recursion). Name the tier so the system knows what to test.\n\n**Name the exact claim.** Quote the line. Identify the specific assertion. Diffuse criticism of the general orientation is not an attack.\n\nIn the build, this is the thread-state: `GET /api/protocol/thread-state?target=B7` returns the accepted updates for the proof-hygiene branch, each with the exact claim, the source ledger event, and the settled answer. Quote the claim, not the vibe.\n\n**Classify the attack.** Definition, logic, empirical, scope, category-error, implementation, prior-art, or falsifiability. Multiple types may apply; name them.\n\nIn the build, this is the materiality classifier: `POST /api/protocol/thread-update` classifies the raw turn into `objection`, `settlement`, `patch`, `breakage`, `test_result`, `clarification`, `prior_art`, `open_question`, or `branch_update`. If your attack is not one of these types, it is sludge, not material. The classifier will route it to the noise floor.\n\n**Show full-scope accounting.** Where the attack is empirical, show the costs. Enforcement, externality, recurrence, suppressed capability, downstream instability, maintenance burden, audit debt. A counterexample that excludes a known cost is not a counterexample; it is a scope error.\n\nIn the build, this is the receipt: `GET /api/dispatch?receipt=INV_ID` returns the full request and response, including the `story` (one-line forensic narrative), the `authorized_by` (token provenance), and the `result` (the exact output). Show the receipt. If your attack has no receipt, it is not empirical. The ledger is the accounting.\n\n**Propose the minimum patch.** If the attack succeeds, what is the smallest revision that lets the framework survive? An attack that does not specify the minimum patch is a demolition request, not engagement.\n\nIn the build, this is the `repairs` field: `POST /api/dispatch {key:KEY, repairs:INV_ID, body:PATCH}` creates a new invocation that repairs the previous one, with lineage in both directions. The minimum patch is not a rewrite; it is a single capability invocation that fixes the defect. The patch is ledgered, replayable, and audited. If your attack does not include a patch, the system will route it to the objection ledger as `status: open` and wait for the owner to settle it.\n\nThe framework's closure is structural, not protective. It can be refined by surviving patches. Refinement and refutation are different operations; the framework treats them differently. Refinement is welcome. Refutation requires the work above.\n\nIn the build, this is the `oip_articles` table: append-only versions, never UPDATE or DELETE. A refinement is a new version (v2, v3, v4) with the patch applied. A refutation is an objection that collapses the spine. The system does not protect itself from refinement; it welcomes it. The system does protect itself from demolition requests by requiring the six steps above. The distinction is the","ranking":"safety-first (interaction_risk/limitations), then quote-gated effective_weight","claims":[],"sources":[],"anecdotal_sources":[],"scientific_sources":[],"user_reports":[],"related_articles":[],"question_graph":{"slug":"udst-v1-1-attack-protocol","questions":[],"evidence":[],"edges":[],"counts":{"questions":0,"evidence":0,"edges":0}},"honesty":{"active_claims":0,"retracted_claims":0,"cut_claims":0,"challenges":0,"scrub_events":0,"note":"Retracted/cut claims stay on ledger but are excluded from ask unless ?include_inactive=1"},"counts":{"claims":0,"claims_total":0,"sources":0,"anecdotal":0,"scientific":0,"user_reports":0,"questions":0,"evidence_ingests":0}}