Glossary of Terms
Shared vocabulary for split-context verification: context nodes, webs, rotations, fabrication, and verification outputs. Hover terms on any page mirror these definitions.
PassWeb
A verification mechanism requiring two or more logically independent contexts held simultaneously in an AI agent's processing environment, where: (a) no single context contains sufficient information to produce the verification output, (b) the verification output is determined by the relationships between contexts, (c) the meaning of the information in any one context is established by one or more other contexts in the web, and (d) either the addition, removal, or modification of any context in the web changes the verification output.
Context Node
A single independent source of information in the PassWeb. Each node is authored separately, stored separately, and modifiable independently. A context node can be a prompt, a document, a database record, a skill file, a boot sequence, a policy clause that matters downstream, or any retrievable unit of information.
Web Topology
The structure of relationships between context nodes. In a two-node PassWeb, the topology is a single edge. In a three-node PassWeb, the topology can form a chain or a triangle. As the number of nodes increases, the web topology becomes richer and the verification becomes harder to compromise.
Verification Output
The information the agent produces to prove it processed the web. The verification output is not stored in any single context node. It is produced by the agent's simultaneous processing of multiple nodes.
Web Integrity
The property that the verification output changes if any node in the web is modified, added, or removed. A stale copy of any single node, or a missing node, produces a different output.
Instruction Node
A context node that defines the test: what to look for, how to combine it, what constitutes the verification output. An instruction node does not contain the answer. It contains the question, the formula, or the selection criterion.
Content Node
A context node that contains information needed to produce the verification output. A content node does not identify which of its information is verification-significant. The significance of its contents is established by instruction nodes or by the relationship between multiple content nodes.
Hybrid Node
A context node that functions as both instruction and content. A document that says "Your standard is WCAG 2.2 AA" (content) and also says "Always verify your standard against the current published version" (instruction to check another node) is a hybrid node. Hybrid nodes create denser web topologies.
Document Stack
An ordered set of context nodes loaded sequentially by an agent during its boot or execution sequence. The document stack is the web in its temporal form.
Node Leak Resilience
The property that leaking any single context node does not reveal the verification output, because the output depends on relationships between nodes that the leaked node does not describe.
Fabrication Detection
The failure mode detection capability in which an AI agent's plausible but incorrect verification output is caught because the multi-node structure makes the fabrication detectable. The richer the web topology, the harder fabrication becomes.
Rotation
The act of changing any node in the web to invalidate the current verification output. In an N-node PassWeb, there are N axes of rotation. Each axis is independent.
Comprehension-Alignment Coupling
The property that context nodes contain both verification-significant information and governing directives. Running verification loads those directives into context alongside verification-significant content. A pass indicates the expected verification output matched; it does not guarantee downstream obedience to every behavioral rule.
Embedded Instruction
Information within a context node that functions as an instruction to the agent, but only if the agent has already loaded other specific nodes. Without those other nodes, the embedded instruction reads as ordinary content.
Version Attestation
Because the verification output depends on all nodes, a stale version of any single node produces an incorrect output. A single verification check confirms that all N documents are current.
FM-1: False Negative (Karl-Type)
Agent lacks content nodes. Fabricates output from training data. Detection: fabricated output does not match expected.
FM-2: False Positive (Assembly-Type)
Agent passes PassWeb at one level, fabricates at a lower level where no PassWeb exists. Mitigation: Layered PassWebs at every level.
FM-3: Full Web Leak
Adversary obtains all nodes. Can produce verification output. Mitigation: Separate storage, independent access controls, frequent rotation.
FM-4: Partial Web Leak
Adversary obtains some but not all nodes. Cannot produce verification output if the missing nodes matter to the configured relationship. Resilience depends on which nodes leak, not only how many.
FM-5: Training Data Collision
Verification information exists in training data. Agent might guess correctly. Mitigation: Use novel, invented information.
FM-6: Context Window Overflow
Web requires more tokens than agent can hold. Agent cannot process all nodes. Mitigation: Design within context window limits.
FM-7: Context Injection Attack
Adversary injects fake instruction node mid-session. Mitigation: Instruction nodes via injection-resistant channels.
FM-8: Partial Document Load
Content node loaded incompletely. Verification output incorrect. Detection: Fails verification.
FM-9: Output Format Variation
Agent produces correct output in unexpected format. Mitigation: Normalize output before comparison.
FM-10: Web Topology Inference
Adversary infers web structure from agent behavior. Severity: Low. Knowing topology without node contents does not enable producing verification output.
FM-11: Attention / Skimming Failure
All required nodes fit in the context window, but the model under-uses middle or low-salience content (lost in the middle). Verification can still fail when the expected output requires combining those pieces.