5. Workflow Certification Context

chkpt executes workflows that have been certified under an external governance model. This section defines how chkpt binds to certified workflow versions, verifies authenticity, and enforces the execution‑side guarantees required to apply those workflows deterministically. chkpt does not define, certify, or govern workflows; it provides the neutral execution substrate that applies them faithfully and produces complete, tamper‑resistant evidence.

5.1 External Certification

Workflow certification is performed by an external governance authority. chkpt assumes that each workflow version has been authorised, is authentic, and includes defined admissible behaviour and evidence obligations. The certification process itself is outside the scope of this specification. chkpt interacts only with the certified workflow version provided to it, as defined in the Conceptual Model.

5.2 Workflow Version Binding

Each execution under chkpt must bind to a specific certified workflow version. This binding ensures that execution behaviour, admissible behaviour boundaries, and evidence obligations are derived from the correct version of the workflow. Workflow version binding is recorded in the evidence record and forms a core part of institutional reviewability, as described in the Evidence Model.

5.3 Authenticity Verification

chkpt must verify that the workflow version provided for execution is authentic and has not been tampered with. The mechanism for verifying authenticity is defined by the adopting organisation’s governance model. chkpt requires only that authenticity can be verified and that the workflow version is unambiguously identified. Authenticity verification supports drift prevention, as defined in the Execution Model.

5.4 Admissible Behaviour Enforcement

Certified workflows define the admissible behaviour boundaries within which execution must occur. chkpt enforces these boundaries during execution. Any behaviour outside the authorised set constitutes a failure condition. Enforcement of admissible behaviour ensures that chkpt applies the workflow faithfully and prevents unauthorised variation. Admissible behaviour is introduced in the Conceptual Model.

5.5 Evidence Obligations

Certified workflows define the evidence that must be produced during execution. chkpt enforces these obligations by generating complete, tamper‑resistant evidence that reflects the workflow’s requirements. Evidence obligations may include declared inputs, declared results, intermediate state information, and metadata linking the execution to the workflow version. Evidence requirements are defined in the Evidence Model.

5.6 Separation of Governance and Execution

chkpt maintains a strict separation between governance and execution. Governance defines and certifies workflows; chkpt applies them. This separation ensures that institutions retain full control over workflow definitions while relying on chkpt as a neutral, deterministic execution substrate. chkpt does not influence workflow content, certification decisions, or governance processes. This separation is foundational to the chkpt architecture.