# 38. Verifiable Compute ### **38.1 Verifiable Compute Defined** 38.1.1 Verifiable Compute is the governed capability to prove, record, audit, reproduce where appropriate, challenge, and correct the computational processes used within the Nexus Rail. It applies to the compute environments, models, algorithms, data-processing pipelines, simulations, digital twins, AI systems, inference workflows, analytics jobs, dashboards, agents, scripts, verification tools, and technical processes that generate or influence governance-relevant outputs. 38.1.2 Verifiable Compute exists because computational systems increasingly shape what institutions see, classify, prioritize, publish, route, finance, monitor, and correct. A model may summarize evidence. A sensor pipeline may detect anomalies. A digital twin may simulate flood risk. A dashboard may display maturity. An AI workflow may prepare a decision pack. A compute-to-data job may produce a public-safe aggregate. A routeability system may generate proof-pack indicators. If the computation cannot be understood, traced, reviewed, or challenged, the Rail becomes dependent on invisible machinery. 38.1.3 Verifiable Compute does not mean that every computational process must be fully open, perfectly reproducible, or publicly inspectable. Some systems involve proprietary components, cyber-sensitive configurations, protected data, public authority-sensitive records, privacy constraints, or security restrictions. Verifiability means that the relevant governance function can establish enough evidence of identity, source, method, version, input class, output class, limitation, review, and correction to support the use being made. 38.1.4 Verifiable Compute may be supported by model registers, inference records, compute receipts, signed logs, secure execution records, provenance metadata, software bills of materials, data cards, model cards, release records, test results, calibration records, reproducibility packages, audit trails, cryptographic proofs, clean-room execution records, trusted execution attestations, version hashes, review receipts, and correction trails. The method should match consequence. 38.1.5 Verifiable Compute must be proportional. A low-risk internal draft summary does not require the same proof burden as an AI-assisted public-safe risk report, technical verification of a critical infrastructure pathway, incident-mode anomaly detection, or routeability proof pack. The Rail must classify compute by risk, data sensitivity, public reliance, authority effect, and downstream consequence. 38.1.6 Verifiable Compute is not machine sovereignty. Proving that a computation occurred correctly does not prove that the output is true, lawful, legitimate, fair, public-safe, finance-ready, technically sufficient, or socially acceptable. It proves a defined computational claim. Human review, safeguards, public authority capacity, evidence status, technical method, and correction remain necessary. 38.1.7 The doctrine is direct: **Verifiable Compute is the Rail’s discipline for making computational processes traceable, reviewable, auditable, challengeable, and correctionable, so that machine-mediated governance never depends on invisible computation or unverified technical trust.** *** ### **38.2 Verifiable Intelligence Defined** 38.2.1 Verifiable Intelligence is the governed production of intelligence outputs whose sources, methods, data classes, model roles, human reviews, limitations, authority boundaries, reliance conditions, and correction paths are recorded. It is the intelligence discipline that allows Nexus actors to use AI, analytics, models, simulations, digital twins, observatories, and human-machine workflows without confusing intelligence with authority. 38.2.2 Intelligence becomes verifiable when an output can answer: what question was asked; what sources were used; what data classes were processed; what model or analytic method was applied; what assumptions shaped the result; what uncertainty remains; what human review occurred; what governance body may rely on it; what it may not be used for; and how it can be challenged or corrected. 38.2.3 Verifiable Intelligence is necessary because governance outputs increasingly appear polished, synthetic, and authoritative. AI can produce coherent summaries from weak records. Dashboards can show attractive states from incomplete data. Digital twins can create persuasive scenarios from uncertain assumptions. Agents can perform multi-step workflows without users understanding each step. The Rail must ensure that intelligence remains source-attached and authority-bounded. 38.2.4 Verifiable Intelligence includes human intelligence, machine intelligence, and natural-system intelligence. A public authority record, community observation, satellite image, sensor stream, expert judgment, AI summary, digital twin scenario, and field report may all contribute to an intelligence output. Verifiability requires that these sources remain distinguishable rather than collapsed into a single narrative. 38.2.5 Verifiable Intelligence must preserve uncertainty. Intelligence that hides uncertainty becomes propaganda or automation theatre. Outputs should state confidence, gaps, dissent, limitations, contested evidence, data restrictions, model limits, and unresolved safeguards where material. A decision-maker should know not only what the intelligence suggests, but what it cannot support. 38.2.6 Verifiable Intelligence must preserve authority boundaries. An AI-assisted intelligence brief may support a Board decision, but it is not the Board decision. A model-derived signal may support TMD review, but it is not technical verification. A public-safe intelligence summary may support public understanding, but it is not public authority warning unless issued by competent authority. A routeability intelligence note may support further diligence, but it is not investment advice. 38.2.7 Verifiable Intelligence must be correctionable. If a source is corrected, a model is found unreliable, a community record was misrepresented, a public authority capacity was overstated, a digital twin assumption changes, or a dashboard state is wrong, dependent intelligence outputs must be revised, withdrawn, or superseded. 38.2.8 The doctrine is direct: **Verifiable Intelligence is intelligence that can show its sources, methods, machine role, human review, uncertainty, authority limit, reliance boundary, and correction path before it influences governance.** *** ### **38.3 Model Registers** 38.3.1 Model Registers are the official records of AI systems, statistical models, simulation models, digital twins, retrieval systems, embedding models, classification systems, forecasting tools, optimization engines, agentic workflows, anomaly-detection systems, and other machine intelligence used in or connected to the Nexus Rail. They are the inventory and governance memory of machine systems. 38.3.2 Model Registers are necessary because unregistered models become hidden infrastructure. If a model summarizes evidence, classifies cases, ranks risks, recommends routes, generates public-safe text, evaluates sensor anomalies, simulates infrastructure, or supports proof packs without registration, the institution cannot know what machine system influenced the output, what version applied, what data was processed, what limitations existed, or what correction is needed when the model fails. 38.3.3 A Model Register entry should identify model name, provider, owner or steward, version, model type, deployment environment, approved use, prohibited use, data classes permitted, data classes prohibited, AI-processing restrictions, training or retrieval basis where known, evaluation status, known limitations, bias or representativeness concerns, security posture, human review requirements, logging requirements, incident history, deprecation status, and correction pathway. 38.3.4 Model Registers must distinguish use contexts. The same model may be acceptable for low-risk drafting but prohibited for protected knowledge, public authority records, personal data, cyber vulnerabilities, public-safe reports, technical verification, routeability, or high-stakes decision packs. Model approval is not universal approval. 38.3.5 Model Registers should include authority effect limits. A model may assist evidence retrieval but may not determine recognition. It may summarize public-safe material but may not issue public authority conclusions. It may flag anomalies but may not declare incidents without human review. It may support routeability drafting but may not recommend investment. 38.3.6 Model Registers must include lifecycle status. A model may be proposed, sandboxed, pilot, approved for limited use, approved for specific use, monitored, restricted, suspended, deprecated, withdrawn, or superseded. Status must be versioned and tied to review dates. 38.3.7 Model Registers must be connected to incident and correction systems. If a model hallucinated, leaked data, produced biased classifications, failed in a domain, or caused overclaim, the register entry must show incident, restriction, correction, and affected outputs. If a model version is superseded, dependent workflows must be reviewed. 38.3.8 The doctrine is direct: **Model Registers ensure that every material machine intelligence system in the Rail is known, scoped, limited, monitored, and correctable before its outputs can influence governance.** *** ### **38.4 Inference Records** 38.4.1 Inference Records are the event-level records of material machine outputs generated by AI systems, models, digital twins, simulations, retrieval systems, or agentic workflows within the Nexus Rail. If the Model Register says what the system is, the Inference Record says what the system did in a particular instance. 38.4.2 Inference Records are necessary because model registration alone is insufficient. A registered model can still be used on the wrong data, for the wrong purpose, by the wrong actor, with the wrong prompt, without human review, or beyond its approved use. The Rail must track material inferences that affect governance outputs, public-safe communication, technical review, routeability, dashboards, or decisions. 38.4.3 An Inference Record should identify Case ID or docket, model identity and version, user or workflow initiating inference, date and time, purpose, input data class, retrieval sources where applicable, prompt or task class where appropriate, output type, publication class, human reviewer, adoption status, limitations, whether the output entered an official record, and correction path. 38.4.4 Inference Records must be proportional. Not every spelling correction or low-risk internal draft requires full record detail. But any inference that influences classification, evidence summary, public-safe reporting, technical verification, model-risk review, public authority capacity, maturity, routeability, incident mode, dashboard status, or downstream handoff should be recorded. 38.4.5 Inference Records must distinguish generated text from adopted record. An AI output may be generated, reviewed, revised, rejected, adopted, partially adopted, or superseded. The official record is the human-authorized output, not the raw machine generation unless the competent process adopts it. 38.4.6 Inference Records must protect sensitive prompts and inputs. Some prompts may reveal protected knowledge, cyber vulnerabilities, legal issues, or personal data. The record may need to store prompt class or secure references rather than full prompt text. Auditability must be balanced with protection. 38.4.7 Inference Records support challenge. If a participant asks how a public-safe summary was generated, whether protected knowledge was processed, whether AI influenced a decision pack, or whether a model output was adopted, the Inference Record should enable a safe and accurate answer. 38.4.8 The doctrine is direct: **Inference Records make machine assistance event-specific and accountable by recording when a model acted, on what class of input, for what purpose, with what review, and whether its output became governance record.** *** ### **38.5 Model Cards and Data Cards** 38.5.1 Model Cards and Data Cards are structured documentation instruments that make machine systems and datasets understandable to governance actors. A Model Card describes a model’s purpose, capabilities, limitations, evaluation, risks, approved uses, prohibited uses, and review requirements. A Data Card describes a dataset’s source, scope, collection method, restrictions, quality, representativeness, rights, sensitivity, permitted use, and correction status. 38.5.2 These cards are necessary because complex AI and data systems often enter governance through opaque technical claims. A model may be described as accurate without explaining where it fails. A dataset may be described as comprehensive without stating who is missing. A dashboard may use a dataset without disclosing its date or bias. Model Cards and Data Cards force technical claims into governance-readable form. 38.5.3 A Model Card should include model identity, version, provider, architecture or class where appropriate, intended purpose, approved uses, prohibited uses, training or retrieval basis where known, evaluation methods, performance limits, domain limitations, bias concerns, robustness concerns, cyber and misuse risks, human-review requirements, data classes permitted, data classes prohibited, monitoring requirements, and correction process. 38.5.4 A Data Card should include data source, steward, collection method, time period, geography, population or system coverage, missingness, quality, known bias, rights and permissions, privacy status, protected knowledge status, public authority sensitivity, cyber sensitivity, AI-processing eligibility, publication class, transformation history, version, and correction history. 38.5.5 Model Cards and Data Cards must be public-safe or controlled according to sensitivity. Some documentation should be visible to build trust. Other details may be restricted because they reveal cyber vulnerabilities, protected knowledge, proprietary information, personal data, public authority-sensitive records, or security-sensitive infrastructure. Documentation must inform without exposing. 38.5.6 Model Cards and Data Cards must be connected to registers and records. A model register should link to the relevant Model Card. An evidence pack or dashboard should link to Data Cards for key datasets. An inference record should identify the model and data context used. A correction trail should update cards when limitations or errors are discovered. 38.5.7 Cards must not become decorative compliance artifacts. They should be used in release gates, TMD review, safeguards review, public-safe publication review, routeability review, procurement-neutral interfaces, and AI-use approvals. A card that no one reads before reliance is not governance. 38.5.8 The doctrine is direct: **Model Cards and Data Cards make machine systems and datasets legible enough for governance, enabling actors to understand what a model or dataset can support, what it cannot support, and how it must be corrected when its limits matter.** *** ### **38.6 Digital Twin Governance** 38.6.1 Digital Twin Governance is the discipline for governing digital representations, simulations, virtual replicas, scenario models, system models, and dynamic computational environments used to represent physical, ecological, social, infrastructure, economic, health, urban, industrial, energy, water, or cyber-physical systems within the Nexus Rail. 38.6.2 Digital twins are powerful because they can model interdependence: water-energy-compute stress, flood impacts, grid resilience, data-centre site effects, industrial leakage, urban heat, biodiversity corridors, public-health pathways, logistics disruptions, and emergency scenarios. They can help actors explore consequence before acting. But they can also create false certainty if their assumptions are hidden. 38.6.3 A digital twin must be treated as a model, not reality. It represents selected aspects of a system using data, assumptions, simplifications, parameters, and update cycles. Its outputs are scenarios, estimates, simulations, or indicators. They are not the system itself. 38.6.4 Digital Twin Governance should require a twin record identifying purpose, system boundary, data sources, Data Cards, model components, assumptions, calibration, validation, uncertainty, update frequency, known exclusions, governance use, prohibited use, public-safe output rules, human review requirements, and correction pathway. 38.6.5 Digital twins must include social and ecological context where relevant. A flood twin that ignores informal settlements, disabled residents, cultural sites, local drainage knowledge, or ecological buffers is incomplete. An energy twin that ignores water stress and community impact is incomplete. A data-centre twin that ignores grid, water, heat, and local legitimacy is incomplete. 38.6.6 Digital twins must be public-safe. Visual simulations can strongly influence public perception, land value, finance, public authority decisions, and community trust. Public release must avoid exposing sensitive sites, overstating precision, or implying approval. Scenario outputs should show uncertainty and assumptions. 38.6.7 Digital twins must be challengeable. Communities, public authorities, TMDs, researchers, operators, and safeguards functions should be able to question inputs, assumptions, exclusions, and interpretation where they are affected. A digital twin that cannot be challenged becomes technical authority by design. 38.6.8 Digital twins must be corrected as reality changes. New sensor data, field evidence, community reports, public authority records, climate conditions, infrastructure changes, or model errors should update the twin and dependent outputs. Outdated twins must be marked superseded or restricted. 38.6.9 The doctrine is direct: **Digital twins help the Rail reason about complex systems, but their governance must ensure that simulations remain assumption-visible, context-aware, public-safe, challengeable, and never mistaken for reality or authority.** *** ### **38.7 Agentic AI Controls** 38.7.1 Agentic AI Controls are the rules, permissions, supervision mechanisms, logs, limits, and emergency stops governing AI systems that can perform multi-step tasks, initiate actions, call tools, retrieve records, generate outputs, route workflows, update drafts, create tickets, or interact with platform environments. Agentic AI is useful only when tightly bounded. 38.7.2 Agentic AI requires special controls because it can convert assistance into action. A passive model may answer a prompt; an agent may search records, draft a public-safe notice, classify a case, open a ticket, notify actors, update a dashboard, or prepare a proof-pack summary. If poorly governed, an agent can become hidden administration or machine bureaucracy. 38.7.3 Agentic AI must operate under explicit mandate. Each agent should have a register entry, approved purpose, permitted tools, prohibited tools, data classes allowed, data classes prohibited, role key, action limits, escalation triggers, human review gates, logging requirements, and emergency stop procedure. No general-purpose agent should roam the Rail. 38.7.4 Agentic AI must be least-privilege. An agent designed to summarize public-safe records should not access controlled rooms. An agent designed to detect missing fields should not export data. An agent designed to draft action tickets should not assign authority-bearing determinations. An agent designed to support routeability should not contact finance readers without human authorization. 38.7.5 Agentic AI must not make final governance determinations. It may propose classification, flag evidence gaps, draft summaries, suggest dependencies, identify stale records, or prepare recommendations. It may not independently determine public authority capacity, community consent, safeguards clearance, maturity, recognition, routeability, technical verification, legal conclusion, public-safe release, or downstream handoff. 38.7.6 Agentic AI must be supervised through human review gates. Any agent output affecting official records, public-safe communications, release gates, routeability, public authority references, technical findings, safeguards decisions, or downstream handoffs must be reviewed and adopted by a competent human actor or body. 38.7.7 Agentic AI must maintain full action logs. The Rail should record what the agent accessed, what it generated, what tools it called, what records it changed or proposed to change, what human approved, what was rejected, and what correction followed. Agentic action without logs is prohibited for material workflows. 38.7.8 Agentic AI must have containment controls. If an agent behaves unexpectedly, accesses prohibited data, generates unsafe claims, misroutes records, or creates defective tickets, it must be suspendable, its outputs reviewable, and dependent records correctable. 38.7.9 The doctrine is direct: **Agentic AI may help operate the Rail only as a bounded, least-privilege, logged, human-reviewed assistant; it must never become an autonomous governance actor, hidden administrator, or machine authority.** *** ### **38.8 Human Review Gates** 38.8.1 Human Review Gates are the required points at which competent human actors review, approve, reject, condition, correct, or escalate machine-assisted outputs before they affect official governance records, public-safe communication, authority classification, maturity, routeability, technical findings, safeguards, public authority interfaces, or downstream handoffs. 38.8.2 Human Review Gates are necessary because machine systems can generate plausible outputs without accountability. AI may summarize incorrectly, omit dissent, mistranslate protected meaning, hallucinate authority, flatten public authority capacity, misclassify data, overstate routeability, or understate uncertainty. Human review ensures that accountable judgment remains in the Rail. 38.8.3 A Human Review Gate should identify who reviews, what competence is required, what record is reviewed, what model or workflow generated the output, what sources were used, what risks apply, what decision is required, what authority basis exists, what limitations remain, and what correction path applies. 38.8.4 Different outputs require different reviewers. A public-safe summary may require GRF-compatible claims review. A technical model output may require TMD review. A community-sensitive summary may require safeguards review. A public authority capacity note may require legal or public authority interface review. A routeability draft may require GRA review. A Board decision pack may require executive, legal, records, and fiduciary review. 38.8.5 Human review must be substantive, not ceremonial. Clicking approve without reading is not review. A reviewer must have access to the relevant evidence, model records, inference records, uncertainty, limitations, and public claims boundaries. The platform should support review, not reduce it to button pressure. 38.8.6 Human Review Gates must capture dissent and conditions. A reviewer may approve subject to limitation, require correction, request more evidence, restrict publication, escalate to TMD, reject AI use, or note unresolved uncertainty. Review records must preserve these states. 38.8.7 Human review must not become a liability shield for machine overreach. If humans are overloaded, undertrained, pressured, or unable to inspect sources, the review gate is defective. The Rail must design review conditions that make responsible judgment possible. 38.8.8 The doctrine is direct: **Human Review Gates ensure that machine-assisted outputs influence governance only after competent human judgment has reviewed their sources, limits, authority implications, safeguards, and correction path.** *** ### **38.9 Reproducibility and Challenge** 38.9.1 Reproducibility and challenge are the rights and disciplines by which governance-relevant computational outputs may be tested, questioned, replicated where appropriate, independently reviewed, or contested. They prevent machine outputs from becoming unchallengeable authority. 38.9.2 Reproducibility is necessary where a computational output supports technical verification, public-safe reporting, routeability, maturity, incident review, dashboard status, or public authority learning. The Rail should be able to reconstruct enough of the computation to understand how the output was produced, what data and version applied, what model or method was used, and what limitations existed. 38.9.3 Full reproducibility may not always be possible or safe. Data may be restricted, models proprietary, security-sensitive, or protected by privacy rules. In such cases, the Rail should support bounded reproducibility: independent review in a controlled room, compute-to-data rerun, signed receipts, output comparison, method review, synthetic test cases, third-party audit, TMD review, or public-safe explanation. 38.9.4 Challenge is the ability of a competent or affected actor to question the output. A community may challenge a modelled flood map. A public authority may challenge a capacity classification. A TMD may challenge sensor fusion. A finance-readiness function may challenge routeability evidence. A safeguards function may challenge AI processing of protected knowledge. A Board may challenge dashboard reliance. Challenge must be routeable. 38.9.5 Challenge should not require technical elite status. A community may not be able to dispute model code, but it can say the output conflicts with lived reality. A local authority may identify missing infrastructure. A worker may report operational facts. The challenge process should receive qualitative, local, legal, and technical objections. 38.9.6 Reproducibility records should include inputs or input classes, model versions, parameters where appropriate, prompts or prompt classes, retrieval sources, data cards, environment version, execution date, output, reviewer, and limitations. Sensitive details may be protected, but the record must support review. 38.9.7 Challenge outcomes must be recorded. A challenge may confirm the output, revise it, restrict it, require re-run, add limitation, escalate to TMD, trigger safeguards review, correct a dashboard, withdraw a public-safe report, or supersede a proof-pack annex. Challenge without disposition undermines trust. 38.9.8 The doctrine is direct: **Reproducibility and challenge ensure that machine-assisted outputs remain contestable, reviewable, and corrigible, even when full public disclosure of data or code is impossible.** *** ### **38.10 Correction of Machine-Assisted Outputs** 38.10.1 Correction of machine-assisted outputs is the discipline for identifying, containing, revising, withdrawing, superseding, and learning from errors produced or influenced by AI systems, models, simulations, digital twins, analytics pipelines, dashboards, agents, or automated workflows. It is the correctionability doctrine applied to machine intelligence. 38.10.2 Machine-assisted outputs require correction because they can fail quietly and travel quickly. An AI summary may omit a safeguards hold. A dashboard may display stale data. A model may misclassify risk. A digital twin may use outdated assumptions. An agent may create incorrect action tickets. A translation may distort community meaning. A routeability draft may imply investment readiness. A public authority note may be overstated. 38.10.3 A machine-output correction process should identify the affected output, model or workflow involved, inference record, input data class, error type, affected records, public reliance, downstream use, responsible reviewer, containment action, corrected output, public-safe notice where needed, model or workflow change, and learning action. 38.10.4 Correction must propagate through dependencies. If an AI-assisted evidence summary entered a Board decision pack, GRF maturity record, GRA proof pack, TMD review, dashboard, public-safe report, or handoff record, each dependent artifact must be reviewed. Correcting the source file alone is insufficient. 38.10.5 Correction may require model restriction. If a model repeatedly misclassifies protected knowledge, hallucinates authority, mishandles multilingual content, exposes data, or produces biased outputs, the Model Register should be updated and the model suspended, limited, re-evaluated, or deprecated. Workflow correction must accompany output correction. 38.10.6 Correction must include human accountability. The answer cannot be “the model did it.” The Rail must identify the human or function responsible for approving, adopting, releasing, or failing to review the output. Machine error and human governance error often coexist. 38.10.7 Correction must be public-safe where reliance occurred. If the public, communities, public authorities, finance readers, providers, or downstream actors relied on a machine-assisted output, correction should be communicated clearly and safely. Where details are sensitive, public-safe summaries should explain the corrected meaning without exposing restricted data. 38.10.8 The doctrine is direct: **Machine-assisted outputs must be corrected not only at the text or dashboard level, but through the model records, inference records, dependent artifacts, human review process, and workflow that allowed the error to matter.** *** ### **38.11 Compute Receipts, Proofs, and Auditability** 38.11.1 Compute Receipts, Proofs, and Auditability are the technical and records instruments that show what computation occurred, where, under what authority, on what class of data, using what model or method, producing what output, reviewed by whom, and subject to what limitations and correction. They are the proof layer for Verifiable Compute. 38.11.2 Compute Receipts are event records. They may document that a model inference occurred, a clean-room computation ran, a dashboard aggregation was generated, a digital twin scenario was executed, a sensor-fusion pipeline processed data, a proof-pack analytic was produced, or an AI agent completed a bounded task. A receipt should state the computation’s purpose, environment, time, inputs or input classes, model or software version, actor, output, and review state. 38.11.3 Compute Proofs are stronger verification instruments used where consequence warrants. They may include cryptographic attestations, secure execution proofs, signed hashes, reproducibility packages, zero-knowledge or equivalent proofs, trusted execution environment attestations, provenance chains, signed model outputs, or independent verification receipts. Their role is to verify specific claims without unnecessary disclosure. 38.11.4 Auditability is the broader ability to inspect and reconstruct computational governance. It includes logs, version history, access records, role keys, model registers, inference records, data cards, model cards, release records, source control, parameter records, prompt classes, retrieval records, human-review records, and correction trails. Auditability provides institutional memory. 38.11.5 Compute Receipts and Proofs must be scoped. A proof that computation ran in a secure environment does not prove that the model was appropriate. A receipt showing an AI summary was reviewed does not prove the underlying evidence was true. A zero-knowledge proof may verify a condition but not broader legitimacy. Every proof must state its claim and non-claim. 38.11.6 Compute auditability must protect sensitive information. Logs and receipts may reveal protected data, public authority involvement, cyber-sensitive configurations, personal information, legal matters, or community evidence. Audit records must be classified, access-controlled, and retained according to risk and law. 38.11.7 Compute Receipts must connect to OSI receipts, dockets, determinations, and correction trails. If a compute output supports a determination, the compute receipt should be attached. If the output is corrected, the receipt and dependent records should reflect correction. Verifiable Compute must integrate with the Rail’s operational standards infrastructure. 38.11.8 The doctrine is direct: **Compute Receipts, Proofs, and Auditability make machine-mediated governance inspectable by recording and, where necessary, proving computational events without pretending that proof of computation is proof of governance validity.** *** ### **38.12 Machine Assistance Without Machine Authority** 38.12.1 The final doctrine of Verifiable Compute and Verifiable Intelligence is machine assistance without machine authority. Machines may help the Rail see, classify, retrieve, summarize, translate, simulate, monitor, verify, compare, draft, route, and correct. They may not become governors, public authorities, recognizers, finance advisers, technical certifiers, consent holders, fiduciaries, judges, regulators, or execution actors. 38.12.2 This doctrine does not diminish machine intelligence. It gives machine intelligence its proper constitutional place. AI and computation are indispensable for governing compound risk at planetary scale. No human institution can manually integrate all relevant signals from climate, water, energy, food, health, biodiversity, cyber, AI, finance, infrastructure, public trust, and community knowledge in real time. Machines expand perception and coordination. They do not replace accountability. 38.12.3 Machine assistance must remain bounded by human responsibility. A human or competent body must decide when a machine output is adopted, what reliance it supports, what public claim may be made, what public authority capacity exists, what safeguards apply, what technical finding is valid, what routeability state is appropriate, and what correction is required. 38.12.4 Machine assistance must remain bounded by law. AI cannot authorize cross-border data transfer, waive privacy rights, override public authority mandates, create consent, determine legal compliance, approve procurement, or issue regulated financial advice. Legal authority remains where law places it. 38.12.5 Machine assistance must remain bounded by social and cultural legitimacy. A model may summarize community evidence, but it cannot speak for a community. A translation may help understanding, but it cannot replace cultural protocol. A dashboard may display risk, but it cannot decide what a place means. Protected knowledge may not be processed merely because a model can process it. 38.12.6 Machine assistance must remain bounded by ecological reality. A model may simulate nature, but nature remains the real system. A digital twin may estimate water stress, but the watershed decides through hydrology, ecology, climate, and lived consequence. Machine intelligence must be checked against natural-system signals and field truth. 38.12.7 Machine assistance must remain bounded by correction. Every machine-assisted governance output must be capable of challenge, review, revision, withdrawal, supersession, and learning. The more powerful the machine role, the stronger the correction duty. 38.12.8 The final doctrine of this chapter is direct: **Verifiable Compute and Verifiable Intelligence allow the Nexus Rail to use machine intelligence at planetary scale without surrendering governance to machines. Computation becomes trustworthy only when it is registered, receipted, auditable, human-reviewed, challengeable, lawful, safeguards-aware, and correctionable; machine assistance strengthens governance precisely because it never becomes machine authority.** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.therisk.global/organization/organization/governance/doctrine/vi.-infra/38.-verifiable-compute.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.