{"ok":true,"checkedAt":"2026-06-02T19:07:25.194Z","contractVersion":"background-private-overlap-design-v0.1-2026-06","purpose":"Design-only guardrail for future narrow privacy-preserving overlap checks over curated tags, without shipping live overlap APIs or storage before cryptographic review.","validation":{"blockers":[],"checks":[{"evidence":"design_review_only; live=false; storage=not_created","id":"design-only-release-state","label":"Private-overlap remains design-review-only and not live-ready","status":"pass"},{"evidence":"DPIA and documented privacy-design review, formal cryptographic design review, narrow threat model and abuse-case review, external security/privacy review before pilot, property tests for non-overlap redaction and token deletion","id":"review-gates","label":"DPIA, formal cryptographic review, threat model, external review, and property tests are required before pilot","status":"pass"},{"evidence":"capability_tags, constraint_flags, verification_preferences, coarse_availability","id":"curated-tags-only","label":"Namespaces are curated tags only and exclude free text","status":"pass"},{"evidence":"free_text, exact_wish, exact_ask, raw_source_text, contact_details, precise_location | raw_tag, canonical_tag, raw_text, exact_private_wish, non_overlap_value","id":"raw-values-forbidden","label":"Raw source text, raw tags, canonical tags, exact wishes, and non-overlap values are forbidden","status":"pass"},{"evidence":"blinded_tag, token_version, tag_namespace, expires_at, audit_reason","id":"future-storage-is-blinded-only","label":"Future storage is limited to blinded token metadata and excludes raw or canonical tags","status":"pass"},{"evidence":"POST /api/background/private-overlap/evaluate:blocked_pending_crypto_review, POST /api/background/private-overlap/refresh-tokens:blocked_pending_crypto_review, DELETE /api/background/private-overlap/tokens:blocked_pending_crypto_review","id":"blocked-live-endpoints","label":"Planned live endpoints are blocked pending cryptographic review","status":"pass"},{"evidence":"overlap_count_bucket, factor_codes, blockers | forbidden matching_tag_names, non_overlap_tags, raw_tokens, counterparty_tag_set","id":"counts-only-output","label":"Participant output is limited to counts, factor codes, and blockers","status":"pass"},{"evidence":"Use current deterministic broad-preview matching when the private-overlap service is unavailable, unreviewed, or disabled.","id":"deterministic-fallback","label":"Unavailable or unreviewed overlap falls back to current deterministic broad-preview matching","status":"pass"}],"contractVersion":"background-private-overlap-design-v0.1-2026-06","liveReady":false,"status":"pass","validatorName":"background-private-overlap-design","validatorVersion":"background-private-overlap-validator-v0.1"},"publicContract":{"releaseState":"design_review_only","liveEndpointEnabled":false,"storageState":"not_created","namespaceRules":[{"allowedSource":"approved profile synthesis capability tags only","key":"capability_tags","label":"Capability tags","rawValueRetention":"forbidden","storedRepresentation":"blinded_token_only"},{"allowedSource":"approved broad constraint flags only","key":"constraint_flags","label":"Constraint flags","rawValueRetention":"forbidden","storedRepresentation":"blinded_token_only"},{"allowedSource":"approved verification-preference tags only","key":"verification_preferences","label":"Verification preferences","rawValueRetention":"forbidden","storedRepresentation":"blinded_token_only"},{"allowedSource":"approved coarse availability tags only","key":"coarse_availability","label":"Coarse availability","rawValueRetention":"forbidden","storedRepresentation":"blinded_token_only"}],"forbiddenInputs":["free_text","exact_wish","exact_ask","raw_source_text","contact_details","precise_location"],"forbiddenStoredFields":["raw_tag","canonical_tag","raw_text","exact_private_wish","non_overlap_value"],"futureStoredFields":["blinded_tag","token_version","tag_namespace","expires_at","audit_reason"],"participantOutput":{"allowed":["overlap_count_bucket","factor_codes","blockers"],"forbidden":["matching_tag_names","non_overlap_tags","raw_tokens","counterparty_tag_set"]},"plannedEndpoints":[{"method":"POST","path":"/api/background/private-overlap/evaluate","status":"blocked_pending_crypto_review"},{"method":"POST","path":"/api/background/private-overlap/refresh-tokens","status":"blocked_pending_crypto_review"},{"method":"DELETE","path":"/api/background/private-overlap/tokens","status":"blocked_pending_crypto_review"}],"blockedUntil":["No live /api/background/private-overlap routes are enabled.","No background_private_overlap_tags or background_private_overlap_checks tables are created.","No raw or canonical tags are stored.","No overlap result can change matching, disclosure, ranking, or outreach state."],"requiredReviews":["DPIA and documented privacy-design review","formal cryptographic design review","narrow threat model and abuse-case review","external security/privacy review before pilot","property tests for non-overlap redaction and token deletion"],"fallbackBehavior":"Use current deterministic broad-preview matching when the private-overlap service is unavailable, unreviewed, or disabled.","contractTests":["background_private_overlap_contract_validator","background_private_overlap_no_live_endpoint_smoke","background_private_overlap_route_contract_smoke"],"liveReady":false},"publicNonClaim":"Private overlap checks are not live; any future pilot must not use free text and must not reveal raw tags.","blockers":[]}