Sovereign Sample Provenance

Field Genomics x Fraud Detection — field-to-publication chain-of-custody with BearDog signing. ludoSpring. 152+ checks.

Status: Active | Date: March 13, 2026 Depends on: Papers 04 (Sentinels), 09 (Field Genomics), 16 (Anaerobic QS), 20 (NFT Economics) Validated by: ludoSpring exp062_field_sample_provenance (39/39 checks), exp064_beardog_signed_chain (39/39 checks), exp065_cross_domain_fraud (74/74 checks) License: AGPL-3.0-or-later


Abstract

The same provenance architecture that tracks game items tracks biological samples. This paper demonstrates that rhizoCrypt DAG + loamSpine certificate + sweetGrass braid + BearDog signature provides complete field-to-publication chain-of-custody for scientific samples. Fraud detection reduces to graph analysis — the same code that catches item duplication in gaming catches phantom samples in a laboratory. Every biological sample is a Novel Ferment Transcript.


1. The Chain-of-Custody Problem

Current State

Scientific chain-of-custody is typically maintained through:

  • Paper logbooks (lossy, forgeable)
  • Spreadsheet-based LIMS (no cryptographic integrity)
  • Proprietary tracking systems (vendor lock-in, closed source)
  • Manual compliance reporting (expensive, error-prone)

ISO 17025 and ISO 15189 require traceability but do not prescribe the mechanism. Most labs satisfy the requirement with the minimum viable paper trail.

What’s Missing

GapConsequence
No cryptographic bindingRecords can be altered after the fact
No immutable historyChain breaks are invisible
No semantic attributionContributor credit is informal
No fraud detectionFabrication discovered only through replication failure
No cross-lab interoperabilityEach institution’s format is unique

The Provenance Trio Solution

Field sample ←──loamSpine cert──► Lab analysis record

                              ├── rhizoCrypt: Collect → Transport → Store → Extract → Amplify → Sequence → Analyze → Publish
                              ├── loamSpine: custody transfers, condition changes, accession
                              ├── sweetGrass: collector, transporter, technician, analyst, PI attribution
                              └── BearDog: Ed25519 signature on every operation

2. Domain Model

Sample Lifecycle

Every biological sample follows a directed acyclic graph of operations:

Collect ─► Transport ─► Store ─► Extract ─► Amplify ─► Sequence ─► Analyze ─► Publish
   │           │           │         │          │           │           │
   ▼           ▼           ▼         ▼          ▼           ▼           ▼
 [cert]    [custody]   [custody]  [process]  [process]   [process]  [process]

Each node is a rhizoCrypt vertex. Each transition is a custody transfer or processing step recorded in the DAG. The loamSpine certificate carries the sample’s persistent identity — its accession number, sample type, collection metadata, and condition.

Data Types (from exp062)

TypeDescriptionProvenance Mapping
SampleTypeSoil, Water, Swab, Tissue, Blood, IsolateloamSpine cert attribute
SampleConditionFresh, Refrigerated, Frozen, Degraded, DestroyedloamSpine cert state
CustodyTransferfrom_did, to_did, location, condition, temperaturerhizoCrypt vertex + loamSpine transfer
ProcessingStepDNA extraction, PCR, sequencing, bioinformatics, QCrhizoCrypt vertex
SampleCertificateloamSpine cert with GPS, datetime, collector DID, accessionloamSpine mint
SampleDagFull lifecycle DAGrhizoCrypt session
SampleAttributionCollector, transporter, technician, analyst, PIsweetGrass braids

Mapping to Standards

ecoPrimalsISO 17025ISO 15189HIPAA (tissue)
loamSpine certTest item identificationSample identificationSpecimen tracking
rhizoCrypt DAGTraceability chainPre-examination processChain of custody
sweetGrass braidPersonnel recordsCompetence recordsAuthorized personnel
BearDog signatureData integrityInformation system securityAudit controls

3. Fraud Detection as Graph Analysis

The Universality Insight

exp065 proves that fraud detection across gaming, science, and medicine reduces to the same five graph patterns:

Generic PatternGaming (exp053)Science (exp062)
OrphanObjectOrphanItemPhantomSample
DuplicateIdentityDuplicateCertDuplicateAccession
UnauthorizedActionSpeedViolationUnauthorizedAccess
ScopeViolationImpossibleKillMislabeledSpecimen
BrokenChainUnattributedLootBrokenColdChain

This is not a metaphor. exp065 runs the same GenericFraudDetector code on DAGs labeled with gaming vocabulary and science vocabulary. The detected fraud types are identical — only the names change.

Sample-Specific Fraud Types (exp062)

Fraud TypeDetection LogicISO Impact
PhantomSampleAnalysis results with no collection vertex17025:7.3 — sample receipt
DuplicateAccessionTwo samples claim same accession number17025:7.4 — identification
BrokenColdChainFrozen → Fresh without documented reason15189:5.4.4 — transport conditions
UnauthorizedAccessProcessing by DID not in custody chain17025:6.2 — personnel
MislabeledSpecimenCert metadata vs. collection vertex mismatch15189:5.4.2 — labelling
ContaminationGapSequential processing without QC step17025:7.7.1 — contamination control

4. Cross-Spring Architecture

What wetSpring Gets

exp062 provides a concrete Rust pattern that maps directly to wetSpring’s existing field genomics architecture (sub_thesis_06):

wetSpring (field genomics)          exp062 (scaffold)
─────────────────────────           ─────────────────
field_sample_collection      ←─►   collect_sample()
sample_transport_log         ←─►   transport()
lab_processing_pipeline      ←─►   process()
publication_record           ←─►   publish()
quality_control_step         ←─►   process(QualityControl)

wetSpring teams adopt the domain model and fraud detectors directly. The BearDog-signed chain (exp064) makes every custody transfer cryptographically non-repudiable.

Integration Path

  1. wetSpring reads exp062 as a reference implementation
  2. Adapts SampleType and ProcessingStep to their specific pipelines
  3. Deploys rhizoCrypt + loamSpine + sweetGrass as biomeOS graph services
  4. BearDog signs every operation via IPC (JSON-RPC over Unix socket)
  5. songbird discovers the provenance trio services at runtime
  6. The fraud detectors become the automated QC pipeline

5. Radiating Attribution for Science

The Value Chain

When a scientific sample generates value — a publication, a patent, a dataset — the sweetGrass attribution chain records every contributor:

Field collector (Creator)
    └── Transport technician (Contributor)
        └── Lab technician (Contributor)
            └── Bioinformatics analyst (Contributor)
                └── Principal investigator (Validator)

exp066 computes the radiating distribution:

RoleDefault WeightDecayed Share (exp066)
Creator (collector)1.0Highest
Contributor (technician)0.7Proportional
Contributor (analyst)0.7Proportional
Validator (PI)0.5Lower

This is the sunCloud economic model applied to science: value radiates back through the attribution chain to every contributor. The field collector who spent three days in the mud gets permanent, cryptographically verifiable credit for every publication that uses their sample.


6. Cryptographic Integrity (exp064)

Every operation in the sample lifecycle is signed:

OperationSigning TargetVerification
collect_sampleloamSpine cert mintBearDog Ed25519 on cert content
custody_transferloamSpine transfer + DAG vertexBearDog Ed25519 on both
processDAG vertexBearDog Ed25519 on vertex
publishDAG vertex + sweetGrass braidBearDog Ed25519 on both

The ProvenanceChainVerifier (exp064) walks the entire chain and verifies every signature. A single tampered vertex is detected at its exact position.


7. Experiment Validation Summary

ExperimentChecksFocus
exp062_field_sample_provenance39/39Sample lifecycle, custody chain, 6 fraud types, DAG isomorphism
exp064_beardog_signed_chain39/39Ed25519 signing, chain verification, tamper detection
exp065_cross_domain_fraud74/74Same detectors across gaming/science/medical, >80% structural similarity
exp066_radiating_attribution41/41Value distribution, decay, domain scenarios

Total: 193 checks, 0 failures.


8. Connections to Other Papers

PaperConnection
04 — SentinelsSample monitoring extends sentinel architecture
09 — Field GenomicsDirect scaffold for wetSpring sample processing
16 — Anaerobic QSQuorum sensing models for sample colony analysis
17 — Game DesignSame provenance patterns, different domain vocabulary
18 — RPGPTAnti-cheat = chain-of-custody (proven in exp065)
20 — NFT EconomicsEvery sample is a Novel Ferment Transcript

9. Future Work

  • wetSpring adoption: Direct integration with field genomics pipeline
  • Real BearDog signing: Replace model signatures with live IPC
  • Public anchor: Optional blockchain anchoring for regulatory proof
  • Cross-institution provenance: songbird discovery for multi-lab chains
  • ISO 17025 compliance matrix: Formal mapping of all requirements to provenance trio operations