It can prove
- the named contract and recorded authority
- the attempted operation and observed outcome class
- payload-safe fingerprints, time and repair lineage
- that a record changed if its chain no longer verifies
What the protocol enforces, what a receipt proves, and what still terminates in external systems and accountable people.
OIP does not treat an invocation identifier as authority. Execution credentials are private capabilities. Governance records and receipt identifiers are evidence. A conforming execution path evaluates scope, ancestry, tenant, audience, risk, expiry, revocation, use budget and payload ceiling before a runner fires.
The build has live capability enforcement and public invocation receipts; clause-cited model decisions; append-only reviews; repair lineage; bounded, expiring and revocable state cards; a standards registry; and recipient-addressable privacy-egress records. The current synthetic privacy proof is PARTIAL: 6 of 8 clauses tested. Imported Kimi analysis is disclosed corroboration, not a context-independent runtime recomputation. No regulator, insurer, standards body or independent customer is represented as having adopted or certified OIP.
Before an organization depends on OIP, it should independently threat-model the deployment, verify credential isolation, run penetration testing, define retention and incident response, establish an accountable operator and support terms, and validate interoperability with its existing identity, policy and observability systems.