Demo · The jurisdiction boundary
Reading more catches nothing more
it only exposes more
A finance workbook holds one governed metric and a great deal of data that is none of the trust layer's business. Drag the dial below from low to high. The trust layer reads more and more of the sheet. Watch what it buys you, and what it costs.
Reads: Just the one cell carrying the trust contract, plus the dependencies its own formula already declares.
Same change caught at every setting. The only thing that changes is how much you had no business reading.
Level 0. Reads 1 cell. Catches the change. Holds nothing.
Detection
plateauDoes the trust layer catch that the governed number changed, unhooked, or drifted?
Exposure
steep climbHow much data it has no business reading is now in its scan path, and what a breach would leak.
Net posture · detection minus exposure
Detection already near max, exposure near zero. This is the best posture. Drag away and watch it get worse, not better.
★ best posture
Private neighbors, none of the trust layer's business
A salary column on the same sheet
out of scope
A separate sheet, deal terms in progress
out of scope
A separate sheet, individual health dates
out of scope
How restraint still catches it
At Level 0 the trust layer never watches the cell. It reconciles two snapshots of the one governed cell, one taken at file open, one at recalc, and sees the formula unhook from its value. The change is caught without reading anything else.
Snapshot · file open
=SUM(GovBridge)
hooked → 4.2M
Snapshot · recalc
4200000
unhooked → static
Two reads of one cell. No scan path. The drift is visible in the diff.
The contrast
From Level 0 to Level 3, detection rises 5 points. Exposure rises 96.
The trust layer catalogs the governed metric. It does not scan the workbook's private contents. Reading the one governed cell and stopping is not a limitation. It is the optimum. Everything past it buys almost no detection and a great deal of risk.
Read the full article
The Jurisdiction Boundary