Protocol spec

This page collects the stable rules of the current sealed-lattice release boundary.

Public package surface

The only committed public package name is sealed-lattice.
The current public runtime facade exposes transcript core fixture verification plus deterministic election foundation helpers.
No public subpaths are promised yet.
The published package exists to stabilize packaging, docs, smoke checks, transcript core fixtures, election foundation vectors, and release flow before wider APIs are introduced.

@sealed-lattice/protocol, @sealed-lattice/crypto, @sealed-lattice/wasm, and @sealed-lattice/testkit are workspace-internal only.
crates/sealed-lattice-kernel is workspace-internal only.
No private package may leak through the public package facade.

Deep imports into another package’s internals are forbidden.
Relative imports that cross package boundaries are forbidden.
No private package may depend on sealed-lattice unless it is @sealed-lattice/testkit.
Package-boundary checks must stay green before wider functionality is published.

Node tests, browser tests, public package behavior checks, vector manifest verification, docs verification, pack smoke checks, and release-smoke checks must all continue to pass.
The Rust transcript core must keep building for native tests and wasm32-unknown-unknown.
The internal WASM loader must keep loading the transcript core artifact in both Node and browser tests.
Reserved protocol digest derivation and GF(65537) field checks exposed through the internal WASM loader must remain covered by Node and browser tests.