{"schemaVersion":"browserops.provenance-policy.v1","service":"browserops","statement":"BrowserOps distinguishes public browser evidence fingerprints from user, browser, device, visitor, behavioral, request-header, and private workflow fingerprints.","publicArtifactFingerprints":"Journey hashes, public run summary hashes, public screenshot hashes, accessibility report hashes, metadata report hashes, handoff envelope hashes, route evidence hashes, manifest hashes, sitemap hashes, LLMS hashes, OpenAPI hashes, AsyncAPI hashes, and optional CIDs may be used for provenance and contract anchoring.","neverPublicProvenance":"Visitor, browser, device, behavioral, request-header, IP, raw JA4, raw x-vercel-ja4-digest, session, private screenshot, private DOM, private HAR, and protected workflow fingerprints are not public provenance and are never contract-anchor eligible.","lookup":"https://browserops.platphormnews.com/api/provenance/lookup","verify":"https://browserops.platphormnews.com/api/provenance/verify","fingerprints":"https://browserops.platphormnews.com/api/web4/fingerprints","policy":{"neverAnchor":["raw IP","raw user agent","raw headers","cookies","session IDs","auth tokens","raw JA4","raw x-vercel-ja4-digest","browser fingerprint","device fingerprint","behavioral identity","private screenshot","private DOM","private HAR","protected workflow payload","private support packet"],"publicAnchorable":["journey_sha256","run_summary_sha256","artifact_sha256","screenshot_sha256","accessibility_report_sha256","metadata_report_sha256","handoff_envelope_sha256","route_evidence_sha256","llms_sha256","sitemap_sha256","openapi_sha256","asyncapi_sha256","mcp_manifest_sha256","trust_policy_sha256","agent_policy_sha256","ai_policy_sha256","release_manifest_sha256"]},"updatedAt":"2026-05-25T08:59:03.190Z"}