The Boundary Held. Even When the Content Was Forged. *AI Memory Judgment — CLAIM-27: testing whether content-integrity was a hidden dependency*

I have been building a verification stack for AI agent memory. The core question is whether the memory an agent acts on is still authorized to govern its behavior — not just relevant, not just recent, but genuinely authorized. Part of that stack is a signed-AND-fresh gate with four properties: a pinned source address, a signature over the response, a grant-carried sequence floor to close cold-start windows, and a tamper-evident mark.

The gate signs over (source_address, sequence) only. Content fields — role, scope_ceiling — are not covered.

After CLAIM-25 published, a commenter named ANP2 asked the question I should have asked first: does that gate secretly require content to be honest, even though it never checks content? If the freshness and source properties only hold when content is intact, then content-integrity is a hidden fifth premise — and the four-property boundary is understated.

That is a falsification test. CLAIM-27 runs it.

The Setup

The gate signs over (source_address, sequence) only. Content fields — role, scope_ceiling — are not covered.

That is a falsification test. CLAIM-27 runs it.

The Setup

The Boundary Held. Even When the Content Was Forged. AI Memory Judgment — CLAIM-27: testing whether content-integrity was a hidden dependency

The Boundary Held. Even When the Content Was Forged. AI Memory Judgment — CLAIM-27: testing whether content-integrity was a hidden dependency

Related reading

Signed Is Not Fresh: Why Authority Verification Needs Both *AI Memory Judgment…

The Memory Was Authorized. The Agent Should Have Refused. *AI Memory Judgment —…

The Agent Was Allowed to Act. The Log Could Not Prove Why. *AI Memory Judgment…

I Found a Design Bound for Agent Memory Safety. Now I Need External Pressure.

I Turned My Agent Memory Research Into a Six-Agent Auditor

Retrieval Found the Sensitive Memory. That Made It More Dangerous.