Evidence packs, authenticity, and quantized-adapter validation

Release: InvarLock 0.10.0 - Evidence-pack taxonomy, authenticity checks, and quantized adapter validation

Highlights

• Evidence packs now carry explicit artifact taxonomy and edit metadata sidecars, so validation checkpoints, caught-regression fixtures, deployable optimized subjects, and evidence-only packs are labeled rather than inferred.
• Evidence-pack verification can distinguish integrity from signer authenticity through --expected-fingerprint, local trust stores, and JSON authenticity states: pinned, unpinned, and mismatch.
• Optional quantized-subject adapters have a broader validation surface, including backend inventory, load smoke, inference smoke, memory reports, deployable sidecar checks, and CUDA/container smoke coverage across BNB, GPTQ/AWQ, TorchAO, HQQ, Quanto, and compressed-tensors families.

0.10.0 is an evidence-surface release. The main shift is that public examples and evidence packs are no longer just bundles of files that happen to pass verification. They now carry more explicit type information, sidecars, and source-snapshot boundaries so reviewers can tell what kind of artifact they are looking at before deciding what claim it can support.

For v0.10.0, start with the new Public Evidence Walkthrough, then use Evidence Packs and Evidence Pack Internals for the packaging and scheduler details. The walkthrough is intentionally precise about the split between checksum integrity and signer authenticity: a pack can be structurally intact without being pinned to the signer a local policy expects.

The release also widens the optional adapter story without turning it into a blanket assurance claim. The Model Adapters reference now describes support tiers and validation expectations for adapter families such as hf_torchao, hf_hqq, hf_quanto, and hf_ct. Those paths are useful for quantized-subject evidence, but they still depend on backend-specific smoke checks, sidecars, and runtime evidence rather than generic "quantized model support" wording.

For maintainers, 0.10.0 tightens the repository surface behind those public examples. The changelog includes make public-evidence-audit, signed public GPT-2 evidence-pack fixtures, strict public GPT-2/BERT evidence reports, real tiny-GPT-2 quant and external magnitude-prune BYOE runs, guard fault-injection coverage, scripts inventory governance, architecture-fragmentation tracking, and public contract stability documentation. Those changes make it harder for stale examples, unsigned packs, or over-broad public claims to drift into a release.

For the immutable release record, read the tagged CHANGELOG.md for v0.10.0.