Artifact evidence · FE-05 + FE-09B · NexusScholar.FullText
Full Text
Verified admission from Screening, local intake or rights-aware recorded retrieval, exact raw-byte evidence, explicit extraction attempts, and append-only human full-text decisions.
Purpose and authority boundary
NexusScholar.FullText owns input, acquisition, artifact validation, recorded retrieval evidence, extraction attempts, canonical codecs, and verified replay. NexusScholar.Screening.FullText is the outward bridge that admits a current FE-04 include and owns full-text human conduct. Infrastructure may read local files or record exact retrieval bytes; paths and URLs never become evidence identity.
Scientific boundary: extraction is derived evidence. An extraction failure or unsupported parser is not a study-exclusion reason and cannot be smuggled into a final decision as generic evidence.
End-to-end authority pipeline
verified FE-04 include handoff
→ VerifiedFullTextAdmission
→ local source attempt + acquisition record
→ exact retained bytes + FullTextArtifactEvidence
→ extraction attempt
UTF-8 text: deterministic
safe XML text: deterministic
PDF parsing: unsupported
→ FullTextScreeningConductJournal
→ terminal verified handoffThe same bytes received through two paths share raw-byte identity but keep distinct acquisition provenance. Changed bytes at the same path are a different artifact. Raw and extracted representations always have separate digests.
Recorded retrieval is verification, not a downloader
FE-09B adds FullTextRecordedRetrievalEvidence, FullTextRecordedRetrievalPolicy, and FullTextRetrievalVerifier. A caller supplies the exact retained response bytes plus source, access route, explicit rights status/reference, redirect chain, status, media type, encoding, byte length, digest, completeness, and UTC timestamps. The verifier can convert only admitted evidence into the existing acquisition/artifact chain.
recorded response evidence + exact retained bytes
→ HTTPS and admitted-host redirect verification
→ explicit open-access / licensed / public-domain check
→ completeness + identity encoding + size + digest check
→ existing FullTextAcquisitionRecord + FullTextArtifactEvidence
→ verified chain
any failed check
→ typed retrieval failure evidence
→ no artifact and no Screening verdictThere is no HTTP client in this gate. It verifies caller-retained evidence deterministically and preserves failed retrieval as audit evidence.
Key types and services
FullTextInputidentifies the candidate and accepted source decision. The authoritative FE-05 path is derived byVerifiedFullTextAdmission, not the historical string-only factory.FullTextSourceAttemptandFullTextAcquisitionRecordpreserve human/import actor, time, source reference/type, availability/access notes, and explicit legal-status nonclaim.FullTextArtifactEvidencebinds artifact kind, media type, size, raw digest, acquisition, and source input.FullTextArtifactValidatorchecks signatures/encoding/size and exact bytes.FullTextExtractionAttemptbinds source artifact, extractor id/version, configuration digest, status, representation, output digest, warnings, and controlled failure.FullTextDeterministicExtractorsupports UTF-8 text and safe XML projection; PDF intake can be valid while extraction remainsunsupported.FullTextRehydratorandFullTextExtractionRehydratorreturn verified wrappers only after exact authority and byte checks.FullTextRecordedRetrievalEvidenceandFullTextRetrievalVerifierbind recorded network/access facts to the exact bytes before artifact conversion.FullTextScreeningConductPolicy, journal, decisions, invalidations, and handoff mirror FE-04’s append-only human-review rules while binding exact admission/artifact/extraction authority.
Source: FullText and Screening.FullText. Contracts: ADR 0014, dependency correction in ADR 0022, durable authority in ADR 0032, and recorded retrieval in ADR 0042.
Extraction status is evidence, not verdict
- success: a complete derived representation and digest are available.
- partial: output exists, warnings are mandatory, and limitations remain visible.
- failure: no successful content; controlled category and summary explain the attempt.
- unsupported: the admitted extractor does not implement that artifact/representation.
Only the exact extraction attempt bound by policy may support a decision. Failed/unsupported attempts cannot support exclusion directly or indirectly. The reviewer can always bind the exact raw artifact.
Canonical identity and conduct
Raw artifacts use raw-artifact-bytes. Admission, acquisition, artifact evidence, extraction attempt, conduct policy/header/decision/invalidation/handoff use versioned canonical-record schemas. Strict codecs require exact canonical bytes and verified source records. Conduct decisions bind Protocol, criteria, admission, raw artifact, optional exact extraction, actor, rationale, verdict, reason, evidence, ordinal, and prior digest.
Independent review, correction, conflict generation, adjudication, invalidation, and handoff use the same no-overwrite principles as title/abstract Screening. Full-text exclusions require a stage-specific policy reason.
Failure and refusal behavior
The local source boundary still rejects HTTP/HTTPS, UNC/network sources, provider SDKs, path traversal/reparse risk, and byte-limit violations. The separate recorded retrieval verifier rejects non-HTTPS or unadmitted redirect hosts, IP literals, credential-shaped references, unadmitted rights, unknown routes, encoded/incomplete/oversized bodies, and length or digest drift. Artifact validation rejects digest/size/signature/media mismatch, empty text, unsafe XML, wrong scope, and invalid source chain. Conduct rejects automation, unauthorized actors, stale authority, extraction-failure evidence, unresolved conflict, and premature handoff.
Tests, extension points, and nonclaims
FullTextTests, admission and canonical-codec tests, and Full Text retrieval tests cover bytes, paths, extraction states, admission, rights, redirect policy, completeness, size, digest drift, conversion, and tamper. Gate closure is in FE-09B evidence.
A deterministic PDF parser or OCR engine requires a versioned dependency, parser contract, fixtures, and ADR. Current code makes no live downloader, PDF parsing, OCR, scraping, paywall bypass, shadow-library, legal-certification, redistribution, provider-parity, cloud, database, API, or production claim.