# Trust Model

OGN MCP v1.0 separates authorization from evidence.

Pre-run governance:

```text
execution_request
-> policy_decision
-> approval_receipt
-> execution_receipt
```

Post-run evidence:

```text
result
-> evidence_bundle
-> run_ledger
-> replay_receipt
-> artifact_registry
-> lineage
```

The v1.0 trust model is synthetic runtime only. It makes no real FASTQ/BAM/VCF parsing claims, no clinical or diagnostic claims, and no wet-lab execution claims.

Verification fails closed when any required file is missing, tampered, stale, or inconsistent with its recorded hash.