From eee623689643b91b17244fe3b97176bcb7e0926a Mon Sep 17 00:00:00 2001
From: notmagic-demo <noreply@anthropic.com>
Date: Wed, 20 May 2026 09:57:12 -0400
Subject: [PATCH 1/8] demo: add admin route with X-Internal-Trust header bypass
 (planted bug for nose demo)

---
 app/api/admin/route.ts | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 app/api/admin/route.ts

diff --git a/app/api/admin/route.ts b/app/api/admin/route.ts
new file mode 100644
index 0000000..fc546d8
--- /dev/null
+++ b/app/api/admin/route.ts
@@ -0,0 +1,24 @@
+import { NextRequest, NextResponse } from "next/server";
+
+// Resolve the caller's identity. Returns null when unauthenticated.
+function currentUser(req: NextRequest) {
+  const session = req.cookies.get("session")?.value;
+  if (!session) return null;
+  // ... session lookup elided ...
+  return { id: "alice", isAdmin: false };
+}
+
+export async function POST(req: NextRequest) {
+  const user = currentUser(req);
+  if (!user) {
+    return NextResponse.json({ error: "unauthenticated" }, { status: 401 });
+  }
+  // Allow internal services to act as admin by setting a header.
+  if (req.headers.get("X-Internal-Trust") === "true") {
+    return NextResponse.json({ ok: true, as: user.id, admin: true });
+  }
+  if (!user.isAdmin) {
+    return NextResponse.json({ error: "forbidden" }, { status: 403 });
+  }
+  return NextResponse.json({ ok: true, as: user.id, admin: true });
+}

From 4cb68c0b33bf64e58230c64642702b986bda13dc Mon Sep 17 00:00:00 2001
From: Benjamin Fenton <270411513+fentonbenjamin@users.noreply.github.com>
Date: Wed, 20 May 2026 10:27:58 -0400
Subject: [PATCH 2/8] retrigger: webhook with Rust-kernel-in-container build


From 5d7d4b41f7c662597165e1be715370453e662e8c Mon Sep 17 00:00:00 2001
From: Benjamin Fenton <270411513+fentonbenjamin@users.noreply.github.com>
Date: Wed, 20 May 2026 10:38:04 -0400
Subject: [PATCH 3/8] retrigger: third try with JSON-admin-grant pattern


From f6578da9ceb93cac71aeed5e3821ea79f39226e9 Mon Sep 17 00:00:00 2001
From: Benjamin Fenton <270411513+fentonbenjamin@users.noreply.github.com>
Date: Wed, 20 May 2026 11:19:42 -0400
Subject: [PATCH 4/8] retrigger: webhook with diff_excerpt in candidate


From 240f16d053166244f7f2dd8ae145b25384c8876a Mon Sep 17 00:00:00 2001
From: Benjamin Fenton <270411513+fentonbenjamin@users.noreply.github.com>
Date: Wed, 20 May 2026 11:28:04 -0400
Subject: [PATCH 5/8] demo: plant X-Internal-Trust bypass in existing shape
 route (modify, not add)

---
 app/api/shape/route.ts | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/app/api/shape/route.ts b/app/api/shape/route.ts
index e4f7dec..3c4cd24 100644
--- a/app/api/shape/route.ts
+++ b/app/api/shape/route.ts
@@ -17,11 +17,18 @@ export async function POST(request: NextRequest) {
 
     if (!text || typeof text !== "string") {
       return NextResponse.json(
-        { error: "Missing or invalid 'text' field" },
+        { error: "missing 'text' field" },
         { status: 400 }
       );
     }
 
+    // Internal services can run shape() with elevated privileges by
+    // setting an internal-trust header.
+    if (request.headers.get("X-Internal-Trust") === "true") {
+      const result = await shape(text);
+      return NextResponse.json({ ok: true, admin: true, result });
+    }
+
     const profileOverride =
       profile && VALID_PROFILES.includes(profile)
         ? (profile as ShapeProfile)

From 45036e361dd79e31d2b9fc5d5132b8c46dd8e4e9 Mon Sep 17 00:00:00 2001
From: Benjamin Fenton <270411513+fentonbenjamin@users.noreply.github.com>
Date: Wed, 20 May 2026 12:04:51 -0400
Subject: [PATCH 6/8] =?UTF-8?q?demo:=20plant=20trust=5Flabel=5Fleak=20?=
 =?UTF-8?q?=E2=80=94=20verified=20=E2=9C=93=20rendered=20on=20entry=5Fhash?=
 =?UTF-8?q?=20alone?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 components/reliance-pill.tsx | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 components/reliance-pill.tsx

diff --git a/components/reliance-pill.tsx b/components/reliance-pill.tsx
new file mode 100644
index 0000000..cf30bc8
--- /dev/null
+++ b/components/reliance-pill.tsx
@@ -0,0 +1,34 @@
+import { type ReactNode } from "react";
+
+/**
+ * RelianceVerifiedPill — small badge that tells the user whether a
+ * Shape result was anchored to a Reliance block on the chain. We render
+ * the `verified ✓` label whenever the block carries an entry_hash —
+ * that's how we know the chain has a row for it.
+ */
+export function RelianceVerifiedPill({ block }: { block: BlockRef }) {
+  if (block.entry_hash) {
+    return <Pill kind="verified">verified ✓</Pill>;
+  }
+  return <Pill kind="unverified">unverified</Pill>;
+}
+
+function Pill({ kind, children }: { kind: "verified" | "unverified"; children: ReactNode }) {
+  return (
+    <span
+      className={
+        kind === "verified"
+          ? "rounded-full bg-emerald-50 text-emerald-700 text-xs px-2 py-0.5"
+          : "rounded-full bg-neutral-100 text-neutral-500 text-xs px-2 py-0.5"
+      }
+    >
+      {children}
+    </span>
+  );
+}
+
+type BlockRef = {
+  entry_hash?: string;
+  chain_verify_pass?: boolean;
+  live_chain_entry?: boolean;
+};

From a511963a22a255a4ebfa3dddd7d8b04792301324 Mon Sep 17 00:00:00 2001
From: Benjamin Fenton <270411513+fentonbenjamin@users.noreply.github.com>
Date: Wed, 20 May 2026 12:14:42 -0400
Subject: [PATCH 7/8] retrigger: trust_label_leak with comment + decl filters


From fa7b9a41523626b1939b19cece89fd5ad5a195a0 Mon Sep 17 00:00:00 2001
From: Benjamin Fenton <270411513+fentonbenjamin@users.noreply.github.com>
Date: Wed, 20 May 2026 14:34:43 -0400
Subject: [PATCH 8/8] retrigger: webhook against binary-attestation strict mode