# 06 — Roadmap & Milestone Mapping
*FPMP v0.1.0 — Draft*

Each later milestone implements specific sections of this architecture. Every milestone ships public, runnable/reviewable artifacts.

| # | Milestone | Implements (arch refs) | Public deliverables | Acceptance test |
|---|---|---|---|---|
| 1 | **Architecture, Threat Model, Non-Goals** *(this one)* | All — normative foundation | Docs 01–06 | External reviewer can describe data flow and name top 3 residual risks unaided |
| 2 | **Wire Format & Log Schema** | 01 §2 (ops, DAG), 02 §1 (key chains), crypto suite finalization | Canonical serialization spec (CBOR-based), op schemas for all 9 op types, test vectors, signature/hash conformance suite | Two independent serializer implementations produce byte-identical canonical ops from test vectors |
| 3 | **Reference Local Node + Import Adapters** | 01 §3 (evidence), 02 §4 (sensitivity), 03 §5 (adapter sandboxing) | Local node (single binary), adapters for ICS calendar, Markdown/plain-text notes, mock photo EXIF; sample datasets; encrypted blob store | Ingest sample dataset → log replays deterministically on a second machine to identical state hash |
| 4 | **Derivation Engine** | 01 §4 (claims, graph, cascade), 03 §5 (poisoning mitigations, confidence floors) | Rule/statistical derivers (routine detection, relationship inference, place affinity), `INFERENCE_CALL` logging, refutation cascade implementation, deriver test suite | Refuting one evidence item provably invalidates exactly the dependent claim set, verified by graph diff |
| 5 | **Inspection & Refutation CLI/UI** | 01 §4.1 (provenance walking), 02 §3.4 (contestability), glossary semantics | `fpm` CLI: `why <claim>`, `refute`, `redact`, `export`, audit views; "what do you know about me and why?" demo script | Non-developer tester can trace any claim to evidence and correct it in under 2 minutes |
| 6 | **Sync & Capability Demo** | 01 §2 (DAG sync), §5 (grants/projections/revocation), 03 §§2–4 (delegate, relay, revocation threats) | Multi-node sync over untrusted relay; grant → delegate receives only selector slice → revoke → flow stops; full audit log; equivocation-detection demo | Three-node scripted demo: delegate node's database provably contains zero ops outside the granted selector; post-revocation sync delivers nothing new |
| 7 | **Tests, Datasets, Docs, Hardening Statement** | 02 §6 (vendor threat), 04 §11, conformance | Conformance test suite for third-party implementations, reproducible build instructions, synthetic full-life sample dataset, interop guide, security limitations statement, v0.1 release | An outside developer, using only the published docs + conformance suite, can validate a from-scratch node against the reference node |

## Cross-cutting commitments

- **Spec-first:** any behavior in M3–M6 not derivable from M1–M2 docs is a spec bug; the docs are amended before the code merges.
- **Interop gate:** M2 and M7 both require demonstration by *independent* implementation of at least the serialization and replay layers.
- **Honesty gate:** every release restates the residual risks from doc 03 and the non-goals from doc 04 in its README.

## Open questions tracked for M2

1. Final crypto suite pinning (leading: Ed25519 / BLAKE3 / XChaCha20-Poly1305; alternatives considered for hardware-keystore compatibility).
2. Canonical encoding: deterministic CBOR (RFC 8949 §4.2) vs. a minimal bespoke canonical form — decided by test-vector ergonomics.
3. Projection re-encryption mechanism: per-grant symmetric keys wrapped to delegate vs. HPKE per-op — decided by revocation-rotation cost.