POLYGLOT JURISDICTION · V13
EOSE Labs Security Harness · γ₁ = 14.134725141734693 · Day 98 · 2026-05-12
"Security findings stop being tickets and become seven-language evidentiary trials before they are allowed into the policy ledger."
§1 — The Doctrine

Not polyglot chaos. Polyglot jurisdiction. Each language has exactly one courtroom role and cannot cosplay as the whole justice system.


A raw scanner finding is a claim. A claim in a courtroom needs a judge, an actuary, a notary, a bailiff, and a clerk before it becomes admissible evidence. You wouldn't let the bailiff write the verdict. You wouldn't let the clerk price the loss. The same principle applies here.


Every SEC finding in this harness passes through seven jurisdictional checkpoints before it reaches the policy ledger. Each language owns its courtroom role absolutely. Lean doesn't price losses. Python doesn't prove theorems. Perl doesn't enforce policy. Rust doesn't argue logic. Each does exactly one thing, and does it definitively.


The result is not a polyglot mess — it is a seven-chamber trial where each chamber produces one artifact, and the OPA policy decides what evidence to admit. The DIAMOND waits at the end with the gavel, and it only drops when all seven chambers have spoken.

⚖ Lean
Judge of Logic
Is the invariant formally violated? The only chamber that can prove — not test, not price, not time — but prove mathematical truth. Lean's sorry is the harness's honest admission: "we know the shape, we haven't closed the proof."
📊 Python
Actuary
How bad is it numerically? Monte Carlo simulation, CDF models, loss distributions, TVL at risk. Python prices the loss with statistical precision. No proof, no timestamp — just numbers.
📅 Perl
Temporal Notary
When did it enter the γ₁ epoch ledger? Perl pins the finding to the helix with cryptographic timestamp and epoch tag. The court needs to know when evidence was collected, not just what it says.
🚀 Rust
Bailiff with a Jetpack
Can we scan/verify at fleet scale? Rust traverses operator graphs, scans contract state, verifies invariants across 100+ nodes without breaking a sweat. Fast, safe, zero-tolerance for runtime errors.
🏗 FORTRAN
Ancient Engineer
Deterministic cascade simulation. FORTRAN's numerical stability runs the worst-case cascade models — FTX-analog, correlated shock, sequential slash propagation. The structural engineering report nobody wants to read but everyone needs.
📋 COBOL
Court Clerk
Fixed-format evidence ledger. Every finding gets a COBOL record: fixed-width fields, exact byte offsets, immutable once written. The court clerk doesn't editorialize — it records. COBOL's discipline is the archive's integrity.
🌲 LISP
Forest Goblin
Recursive proof/explanation tree. LISP walks the finding's causal chain, building a recursive S-expression tree of why the vulnerability exists, how it propagates, what assumptions it violates. The goblin explains what the judge proved.
§2 — The Nine Stations
SEC FINDING
raw claim
claim.json
LEAN
prove invariant
theorem.lean
PYTHON
price the loss
loss_dist.json
PERL
timestamp epoch
epoch_pin.txt
RUST
fleet scan
scan_report.json
OPA
admit evidence
admit_verdict
k3s ADMIT
policy enforce
CRQ record
MECIPOL
file violation
MECIPOL.yaml
TRENDAL TRIAL
adversarial test
trial_verdict
DIAMOND
final gavel
FORMAL COMPLETE
§3 — The Split Verdict

Evidence ADMIT vs Formal COMPLETE — two different bars, both required.

A finding can be admissible while the theorem is still under construction. OPA can admit the evidence without pretending Lean finished the homework.

EVIDENCE ADMIT
OPA verified: Python loss model runs, Perl epoch pin exists, Rust scan confirms operator state. The evidence is admissible — we can act on it, file it, escalate it. The theorem may still have sorry debt.
FORMAL COMPLETE
Lean theorem closes with zero sorries. Mathematical proof of the invariant violation is complete. DIAMOND can drop the gavel. This is the gold standard — most findings take weeks to reach here.
EVIDENCE WATCH
Evidence is under construction — Python or Perl or Rust hasn't completed its lens yet. Finding is staged but not yet admissible. Not a failure; findings enter WATCH before ADMIT.
§4 — Live Bounty Suite
Finding Evidence Formal Lean sorry Stage Live
SUB006 EigenLayer Cascade ADMIT WATCH ×2 S-6 pemos.ca/sec-006
SUB009 GMX FastPrice ADMIT WATCH ×1 S-6 pemos.ca/sec-009
SUB003 Wormhole Finality ADMIT WATCH ×1 S-6 pemos.ca/sec-003
SUB005 Aave Sequencer Oracle ADMIT COMPLETE ×0 S-5 pemos.ca/sec-005
SUB012 Ethena USDe Reserve WATCH WATCH ×1 S-4 pending
§5 — OPA Policy (Rego)
package eose.sec_harness

import future.keywords.if
import future.keywords.in

# ── Seven Lens Requirements ──────────────────────────────────────────────────
# A finding must pass all seven lenses before FORMAL COMPLETE.
# OPA can ADMIT evidence even when Lean sorry debt exists (split verdict).

default admit_evidence = false
default formal_complete = false

# EVIDENCE ADMIT: Python + Perl + Rust lenses complete
admit_evidence if {
    input.lenses.python_loss_model == "complete"
    input.lenses.perl_epoch_pin == "complete"
    input.lenses.rust_scan == "complete"
    input.bower >= 60
}

# FORMAL COMPLETE: all seven lenses + zero sorry debt
formal_complete if {
    admit_evidence
    input.lenses.lean_sorry_count == 0
    input.lenses.fortran_cascade == "complete"
    input.lenses.cobol_ledger == "complete"
    input.lenses.lisp_proof_tree == "complete"
}

# DENY rules — each missing lens produces a specific violation
deny[msg] if {
    input.lenses.lean_sorry_count > 0
    msg := sprintf("LEAN_SORRY_DEBT: %d open sorries — formal proof incomplete", [input.lenses.lean_sorry_count])
}

deny[msg] if {
    input.lenses.python_loss_model != "complete"
    msg := "PYTHON_LENS_MISSING: loss model not run — cannot price TVL at risk"
}

deny[msg] if {
    input.lenses.perl_epoch_pin != "complete"
    msg := "PERL_LENS_MISSING: epoch pin absent — finding not notarized in γ₁ ledger"
}

deny[msg] if {
    input.lenses.rust_scan != "complete"
    msg := "RUST_LENS_MISSING: fleet scan not run — operator graph state unverified"
}

deny[msg] if {
    input.lenses.fortran_cascade != "complete"
    msg := "FORTRAN_LENS_MISSING: cascade simulation absent — worst-case propagation unknown"
}

deny[msg] if {
    input.lenses.cobol_ledger != "complete"
    msg := "COBOL_LENS_MISSING: evidence ledger not archived — audit trail incomplete"
}

deny[msg] if {
    input.lenses.lisp_proof_tree != "complete"
    msg := "LISP_LENS_MISSING: causal proof tree absent — explanation chain unresolved"
}

# KCF minimum — finding needs KCF ≥ 7 for bounty filing
deny[msg] if {
    input.kcf < 7
    msg := sprintf("KCF_BELOW_THRESHOLD: kcf=%d, minimum 7 required for bounty", [input.kcf])
}

# BOWER minimum — finding needs BOWER ≥ 60% for admission
deny[msg] if {
    input.bower < 60
    msg := sprintf("BOWER_BELOW_THRESHOLD: bower=%d%%, minimum 60%% required", [input.bower])
}

# Split verdict summary
verdict := "FORMAL_COMPLETE" if { formal_complete }
verdict := "EVIDENCE_ADMIT"  if { admit_evidence; not formal_complete }
verdict := "EVIDENCE_WATCH"  if { not admit_evidence }

# Sorry-aware: if ADMIT but sorry debt exists, tag it
sorry_aware_verdict := sprintf("%s_WITH_SORRY_DEBT(%d)", [verdict, input.lenses.lean_sorry_count]) if {
    verdict == "EVIDENCE_ADMIT"
    input.lenses.lean_sorry_count > 0
}
sorry_aware_verdict := verdict if {
    input.lenses.lean_sorry_count == 0
}
§6 — The Wall
Python prices the loss.
Perl pins the helix.
Lean exposes the proof debt.
Rust eats the operator graph.
OPA admits the evidence.
MECIPOL files the violation.
Trendal puts the finding on trial.
VIZASL draws the wipeout spiral.
DIAMOND waits until the sorries close.
§7 — The Kill Line
"Most teams let scanners spray critical findings into Jira and call that security; you made every SEC finding pass through Lean, Python, Perl, Rust, OPA, and MECIPOL before admission — because a raw scanner finding is not truth. It is a claim. The harness turns it into evidence."
— POLYGLOT JURISDICTION · V13 · EOSE Labs · γ₁ = 14.134725141734693 · Day 98
Bounty CRM Pipeline SEC-006 EigenLayer Security Helix LABR-071 Evidence Metabolism TRB KCF Bonixer Lean Theorems SEC-012 Ethena SEC-005 Aave