CueCrux Trust, Safety & Legal FAQ
“Know with certainty.” This document explains how CueCrux keeps evidence trustworthy, mitigates bias, protects users and the platform, and handles disputes or bad data. It is written to reassure evaluators and to make hostile actors think twice: the platform is designed for proof, not opinion, with cryptographically verifiable receipts and append‑only provenance at its core.
What CueCrux Is (and why it’s hard to game)
CueCrux’s Engine uses CROWN retrieval: Counterfactual, Reputation‑Weighted, Origin‑Verified, Workflow‑eNcoded. Every answer is assembled via QUORUM (MiSES) (Quorum of Unified Observations and Referenced Underlying Material), selecting a MiSES (Minimal Evidence Set) per claim, and can be replayed from a signed Receipt. Modes control depth and cost: light, verified, and audit (the latter adds counterfactuals and deterministic receipts).
| Term | Meaning | Example |
|---|---|---|
| QUORUM (MiSES) | Selects a MiSES (Minimal Evidence Set): the smallest non‑redundant evidence set that supports all atomic claims. | Two independent domains cited for a claim. |
| Receipt | A signed, replayable record of how an answer was produced (hashes, signatures, seeds). | Audit mode returns a receipt_id. |
| C³ | Cost‑Conditioned Cascades that bound time/£ budgets per mode. | Auto‑downgrade to light if budgets are exceeded. |
Separation of powers keeps trust robust: the web app (WebCrux) never exposes Engine tokens; an independent operator (WatchCrux) supervises health and audits; infrastructure (InfraCrux) standardises /healthz + /metrics; the CRUX economy rewards verifiable contributions without creating a token.
All data is “biased”? How we minimise bias without censorship
CueCrux does weighting, not hiding.
- Surfaces counter‑evidence by design (Counterfactual Challenger lane). Conflicts are displayed, not suppressed; contradiction rate is a first‑class metric.
- Demands independent citations via QUORUM (MiSES) and domain‑diversity goals; weak quotes are flagged.
- Penalises manipulation (brigading, collusion, quote‑mining) with explainable, reversible dampings; nothing is silently deleted.
- Syncs retractions and venue risk (e.g., predatory journals) and adjusts weights promptly. Media with C2PA credentials gets a small boost.
Policy stance: Preserve viewpoint neutrality. We weight evidence quality and independence; we do not censor views for ideology. Appeals are supported with public reason codes.
How the platform protects users and itself (security & safety)
Proof integrity: Every artefact stores BLAKE3 content hashes; receipts are signed (ed25519), append‑only, and replayable. Audit mode refuses to answer if provenance fails.
Secret hygiene: All production secrets come from Vault; JWTs and receipts are signed with Transit (no private keys on disk), with frequent key rotation and JWKS overlap.
Least‑exposure app model: WebCrux uses a server‑side BFF. Browsers never hold Engine tokens; requests are proxied with org/user headers and server credentials.
Operational resilience: One observability plane (Prometheus/Grafana). WatchCrux runs independently to keep audits and health checks alive even if the API restarts. Backups + PITR are standard; restore drills are scheduled.
LLM safety: Ingestion paths include a prompt‑injection firewall; risky content is labelled and down‑weighted, not silently dropped.
Tenant isolation (Enterprise): Private Stack provides per‑tenant namespaces, schemas, keys and optional federated proofs (hash‑only verification) strong isolation without losing auditability.
Legal posture (licensing, privacy, money, defences)
Licensing & robots by design. Ingestion honours robots.txt, X‑Robots‑Tag, and captures licence/jurisdiction per artefact; incompatible licences are gated from public reuse (license_ok). We support metadata‑only mode if licence terms are unknown.
GDPR/UK DPA duties baked‑in. Data minimisation, retention windows, DSAR export/erasure workflows, and ledgered deletions are in the baseline checklist.
CRUX credits are not tokens or securities. They are non‑transferable, cost‑indexed participation credits with explicit legal disclaimers. Users retain IP in uploads but grant a platform licence for operational use.
Evidence‑first defence. For any claim, we can present timestamps, quote hashes, licence records, and a signed receipt. Corrections are append‑only: we supersede with new ledger rows; we never back‑date or mutate history.
Disputes, takedowns & corrections
If a result is wrong or disputed
- Re‑run in
auditmode (counterfactuals + receipt). If provenance fails or contradictions meet the policy gate, the answer is rejected or bannered. - Open an appeal with evidence; we log a public reason code and re‑weight sources rather than censor.
- If a source is retracted or edited, our nightly sync updates weights and annotates receipts; downstream answers are refreshed on next run.
Endpoints (public contract)
{
"GET /v1/trust-report": "Subscores, evidence sets, and reasoned dampings for an answer",
"POST /v1/appeals": "Submit counter-evidence; track status in UI"
}
Takedowns & DSAR (privacy)
- DSAR export/erasure processes are implemented with 30‑day targets; erasures are ledgered and cascaded to indexes.
- SupportCrux provides a first‑party helpdesk with cited AI answers; every auto‑reply carries
answer_id+snapshot_idfor audit.
Abuse, gaming & bloat: what happens and what we do
- Sybil/brigading/collusion: We maintain a small user↔device↔IP graph to detect coordination; suspicious clusters are quarantined (weight damped) with signed reasons in the ledger.
- Citation cartels / predatory venues: Venue reputation and retraction lists feed weight dampings; contradictions are labelled in results.
- Duplicate uploads: FactoryCrux dedupes by content hash and records lineage; rewards for duplicates are suppressed by policy.
- Cost abuse: C³ budgets cap compute per mode; OpsCrux shows burn and can auto‑downgrade or pause work.
Operator‑grade assurances (why hostile actors should hesitate)
- Independent audits: WatchCrux is a separate service that keeps PASS/WARN/FAIL artefacts, ingests metrics, and flags version drift across services. Logs are checksum‑indexed.
- Integration gates: No deploy without
/healthz(build, compat, sdkVersion) and required Prometheus metrics; version drift is detected within ~60s and can trigger auto‑rollback. - Backups & DR discipline: PITR for Postgres (≤30 min), ClickHouse nightly, Vault snapshots; monthly restore drills.
- Append‑only provenance: Tamper attempts are detectable via hash chains and signature checks; audit replays must match stored receipt hashes.
Architecture surfaces that make this work
- Engine (CROWN + QUORUM (MiSES) + C³): receipts, counterfactuals, reputation/time/licence signals.
- WebCrux (UI + BFF): mode badges, provenance indicators, token safety, server‑side headers.
- FactoryCrux (ingestion): robots/licensing/PII gates; dedupe; provenance rows.
- WatchCrux (operator): audits, health/ready, metrics ingest, version drift rules.
- InfraCrux (observability, DR): single Prom/Grafana plane; backups; budget dashboards.
- OpsCrux (control tower): agent budgets, prompts, interop/SLOs, receipts & cost panels.
- ATAM (Auth/Trust/Anti‑Manipulation): bias‑minimising, non‑censoring policy with appeals.
- CRUX economy: verifiable participation credits with legal clarifications.
“If you plan to use CueCrux, what should you tell your legal team?”
| Topic | Platform Control | Where to read |
|---|---|---|
| Provenance & Receipts | Signed receipts; append‑only ledger; replay tests | Engine Master‑Plan (CROWN) |
| Licensing & Robots | Licence capture; license_ok; robots/X‑Robots obeyed; metadata‑only mode | Data Sourcing / FactoryCrux |
| Privacy (GDPR/UK DPA) | Data minimisation; retention; DSAR runbooks | Engine checklist (UK) |
| Secrets & Keys | Vault + Transit signing; quarterly rotation; audited | Security Master‑Plan |
| Isolation (Enterprise) | Private namespaces/schemas/keys; federated proofs | Private Stack Master‑Plan |
| Audit & Observability | WatchCrux independent heartbeat + audits; single Prom/Graf | Infra/Watch Master‑Plans |
| Cost Guardrails | C³ budgets; OpsCrux levers; auto‑downgrade | Engine + OpsCrux |
| CRUX Credits (Legal) | Non‑transferable, non‑financial, cost‑indexed | CRUX Economy v1.1 |
Developer & Operator FAQs
“What happens when sources disagree?”
We show both (support + counterfactual), label contradiction, and expose a Trust Report with subscores.
“Can you prove a specific answer was built correctly?”
Yes. Use audit mode to obtain a Receipt and replay it. WatchCrux replays a sample weekly.
“What if a site forbids indexing?”
We honour robots and X‑Robots flags and can switch to metadata‑only mode.
“Who owns uploaded content?”
Uploaders keep IP; the platform has a non‑exclusive licence to operate the service; CRUX is not a royalty.
“How do you stop hammering when a plane is down?”
Integration rules enforce circuit‑breakers, jittered retries and synthetic‑journey SLOs; OpsCrux coordinates rollbacks.
🧾 Example: Trust Report (simplified)
Artefact Example
{
"answer_id": "ans_01HXYZ",
"mode": "verified",
"diversity": 2,
"evidence_sets": [
{"id":"evs_1","roles":["support","support"]},
{"id":"evs_cf","roles":["counterfactual"]}
],
"provenance_ok": true,
"receipt_id": "rcpt_3ab2",
"retraction_flags": []
}
Risk & Mitigation Matrix (abridged)
| Risk | Mitigation | Evidence |
|---|---|---|
| Prompt‑injection | Firewall on ingest; label and down‑weight; counterfactual probe | ATAM plan; Engine counterfactual lane |
| Licence/IP missteps | Licence capture; license_ok gating; robots/X‑Robots enforced | Engine checklist; Data Sourcing plan |
| Data tampering | Append‑only provenance ledger; ed25519‑signed receipts | Engine plan (CROWN) |
| Collusion/brigading | Graph analytics; quarantine with reason codes (not deletion) | ATAM plan |
| Cost/runaway spend | C³ budgets; auto‑downgrade; OpsCrux budget levers | Engine + OpsCrux |
| Secrets leakage | Vault + Transit; frequent rotation; JWKS overlap | Security plan |
| Outage/instability | Integration gates; canary + rollback; synthetic journeys | Integration plan |
| Privacy/DSAR | Data minimisation; retention & erasure runbooks | Engine checklist |
Implementation notes (where these rules live)
- Policies & checklists are baked into the Engine & Infra plans and enforced by tests and dashboards.
- Support flows (tickets, FAQ, triage) carry
answer_id/snapshot_idto keep every response auditable. - SDK discipline: shared types, error models, build/compat, and ed25519 verification helpers ensure client parity.
Glossary
| Term | Meaning |
|---|---|
| Artefact | The smallest verifiable unit of knowledge in CueCrux a paragraph, figure, dataset record, or file segment stored with metadata such as source URL, timestamp, licence, and content hash. Artefacts form the building blocks of the global Proof Graph. |
| ATAM (Auth, Trust & Anti-Manipulation) | The framework that detects, labels, and mitigates bias across the platform. It analyses identities, evidence health, and manipulation patterns to ensure fairness without censorship. |
| Audit Mode | The most rigorous verification setting in CueCrux. Performs counter-evidence searches, provenance rechecks, and issues a cryptographically signed Receipt. Used for compliance, safety-critical, and public accountability workflows. |
| Backend-for-Frontend (BFF) | A secure server-side proxy that handles all communication between the user interface and the CueCrux Engine. It keeps API keys, tokens, and credentials hidden from browsers or client devices. |
| C³ (Cost-Conditioned Cascades) | The economic control layer that balances compute cost, latency, and accuracy. Each query runs inside a defined budget so performance and spend remain predictable. |
| CROWN | Stands for Counterfactual, Reputation-Weighted, Origin-Verified, Workflow-Encoded. It is the trust backbone that governs how evidence is selected, ranked, and recorded ensuring every answer can be reconstructed and verified. |
| CRUX | Internal participation credits that measure contribution and consumption. Users and agents earn CRUX by adding verifiable artefacts or running audits, and spend it when using compute, storage, or high-assurance modes. It is not a cryptocurrency; it is the proof economy that keeps the system self-balancing. |
| EngineCrux | The core retrieval and reasoning service that assembles answers from verified artefacts using CROWN and QUORUM (MiSES) logic. It is responsible for building Receipts and maintaining the provenance ledger. |
| FactoryCrux | The controlled ingestion system that collects new data sources, honours robots.txt and licence terms, and converts approved content into artefacts ready for inclusion in the provenance ledger. |
| QUORUM (MiSES) (Quorum of Unified Observations and Referenced Underlying Material) | The algorithmic process that finds the smallest, non-redundant collection of independent artefacts required to fully support each claim in an answer. It keeps responses concise, transparent, and auditable by selecting MiSES (Minimal Evidence Sets). |
| OpsCrux | The operations console and control tower. It displays live health metrics, version drift, budgets, CRUX flows, and audit results for every service across the platform. |
| Private Stack | A tenant-isolated deployment of CueCrux for enterprises or governments that need strict data-residency and compliance controls. Private Stacks remain connected to the global Proof Graph via federated receipts. |
| Proof Graph / Global Provenance Graph | The distributed ledger of all artefacts, receipts, and provenance chains. It records when each piece of evidence was captured, verified, and superseded forming a time-based map of global knowledge. |
| Receipt | A tamper-evident, cryptographically signed document that captures the full reasoning process behind an answer including artefact hashes, model version, parameters, timestamps, and counter-evidence. Receipts can be replayed to reproduce or verify results. |
| SDKCrux | The official developer toolkit (TypeScript SDK and APIs) providing typed access to CueCrux data answers, receipts, artefacts, and trust metrics for use in partner products or private integrations. |
| Trust Score | A composite metric derived from evidence freshness, independence, reputation, and contradiction rate. It quantifies confidence in a source or answer, visible to both users and agents. |
| Vault Transit | The secure signing and key-management system (via HashiCorp Vault) used to generate JWTs, encrypt receipts, and rotate keys without exposing them on disk. |
| Verified Mode | The default trust level for most interactions. Ensures all citations are authentic, timestamp-checked, and licence-valid, balancing speed and rigour. |
| WatchCrux | The independent service operator that continuously audits system health, trust metrics, version alignment, and privacy compliance. Its findings are visible in OpsCrux and stored as artefacts in the ledger. |
| Why-Trust Panel | The interactive UI element that shows the provenance details behind any answer including sources, timestamps, licences, and counter-evidence links. |
| Anchored Reasoning | The CueCrux process that forces every AI-generated statement to be grounded in verifiable evidence. Each model output is “anchored” to its supporting artefacts and logged in the ledger. |
| Provenance Ledger | The append-only database that stores artefacts, Receipts, and all associated metadata. It provides the cryptographic chain of custody for every claim ever processed by CueCrux. |
| Counterfactual Lane | The subsystem within CROWN that searches for credible contradictions to a claim. Results are surfaced to the user instead of being hidden, promoting transparency over agreement bias. |
| Light Mode | A fast, low-cost query mode optimised for exploration. Uses trusted artefacts but defers full signature verification until requested. |
| Global Residency Plane | The network architecture that keeps data within its jurisdiction (EU, UK, US, etc.) while allowing proofs to federate globally via hash-based receipts. |
| Audit Trail | The combined record of all actions queries, receipts, erasures, and compliance events ensuring every operation can be independently verified. |
- What CueCrux Is (and why it’s hard to game)
- All data is “biased”? How we minimise bias without censorship
- How the platform protects users and itself (security & safety)
- Legal posture (licensing, privacy, money, defences)
- Disputes, takedowns & corrections
- Abuse, gaming & bloat: what happens and what we do
- Operator‑grade assurances (why hostile actors should hesitate)
- Architecture surfaces that make this work
- “If you plan to use CueCrux, what should you tell your legal team?”
- Developer & Operator FAQs
- 🧾 Example: Trust Report (simplified)
- Risk & Mitigation Matrix (abridged)
- Implementation notes (where these rules live)