I built the missing trust layer. It failed four times.
Last week I wrote that OpenWiki shipped the map without the trust: a repo wiki with no record of how much to believe it, wired into your coding agents as ground truth anyway. So I built the other half. It is public now, an integration in Recede, the open trust protocol I maintain. It wraps OpenWiki from the outside and gives every wiki page a trust score that starts low, rises when a human signs off, and falls when the code beneath it moves.
The build was routine. What the trust number did once it was running was not.
Minting trust from nothing
A trust score gates a decision: past some threshold, the human stops reviewing and the machine proceeds alone. That makes the number the most dangerous value in the system. If it drifts up on its own, review recedes when it should not, and nobody notices, because the entire point of the number was to let people stop looking.
Mine drifted up on its own. Four times, in four different ways. A separate check, one that recomputes the trust number straight from the evidence log and compares it to what the running system shows, caught each one.
First, a malformed timestamp. A corrupt date serialized to null, null read as zero in the arithmetic, and a page’s score sailed past every bound to a perfect 1.0. Full trust, from a typo.
Second, empty evidence. The sampler that re-checks whether a page’s cited files still exist sealed a confident pass for pages that cited nothing. Nothing examined, full marks. One trust lane climbed from 0 to 0.47 across five samples that checked nothing at all.
Third, and this one stung, decay. Decay is the mechanism whose whole job is to make trust fall as code changes underneath a page. Mine made it rise. A quirk in how the score was recorded meant every decay nudged the page toward more autonomy, not less. The one operation guaranteed to be safe was the exact inversion of its purpose.
Fourth, the one that broke the core guarantee. Recede’s central promise is that trust is reconstructable from an append-only log of evidence: replay the log, get the number. My decay records were written to the log but skipped when trust was computed live, so replaying the log produced a higher number than the running system ever showed. An auditor rebuilding trust from the record would have read a gate wide open that was, in fact, shut.
The pattern beneath
Every one of the four was an operation I had assumed was safe: a timestamp parse, a no-op sample, a routine decay, a bookkeeping write. The number did not leak through the paths I guarded. It leaked through the ones I never thought to.
The fix that held: the decay record stopped claiming anything. Instead of recording a success that happened to move nothing, it records that it carries no evidence at all. A live reader and a replay of the log now agree, because the record only claims what it knows. Which is nothing.
The hard half
Last week’s claim was that the trust axis is the hard part, harder than the map. Four bugs in my own build, all caught before it shipped, is what that looks like in practice.
The map was free. The trust cost four regression tests.