---
vault_clearance: EUCLID
halo:
  classification: INTERNAL
  confidence: HIGH
  front: "19_Project_CorpseOfTheColossus"
  custodian: "The Architect"
  created: 2026-03-30
  updated: 2026-03-30
  wing: UNASSESSED
  containment: "FORM — stealth/topology vs defense-in-depth; pair with BOOK.md for external refs"
---

# FORM — Functional Obfuscation Routing Matrix

> **F**unctional **O**bfuscation **R**outing **M**atrix.
> Compare **orthodox enterprise security** (detect, harden, encrypt everything in place) with **secrecy-over-defense**: **topology** that removes paths, **low observability**, and **corpus hiding** so adversaries lack a map worth attacking.

**Vault template:** [FORM_PROTOCOL.md](../FORM_PROTOCOL.md). **Doctrine:** [STEALTH_AND_TOPOLOGY.md](STEALTH_AND_TOPOLOGY.md). **Runnable Head 3 / Colossus:** [17 CerberusLantern](../17_Project_CerberusLantern/README.md). **Evidence / sparse externals:** **[BOOK.md](BOOK.md)**. **Bounties:** [BOUNTY_BOARD.md](BOUNTY_BOARD.md).

---

## A. The two paradigms

| Axis | Orthodox (defense-in-depth) | Corpse track (ours) |
|------|----------------------------|---------------------|
| **Philosophy** | More controls at every hop beat more attackers | **Fewer live edges** beat more controls when the graph is wrong |
| **Free parameters** | Rulesets, SKUs, agents, dashboards, SIEM correlations | **Allowed-edge set**, ferry contracts, compartment count, decoy surfaces |
| **Tools** | WAF, EDR, IDS, CASB, ZTNA, vaults, rotation automation | Airgap, separate hardware, **no DNS**, cover repos, dead-ocean mass storage |
| **Output** | Alerts, tickets, compliance attestations | **Non-presence**: attacker model lacks targets |
| **Failure mode** | Misconfig + bypass of “strong” perimeter | **You** forget ferry path / recovery; ops discipline |

---

## B. Head-to-head axes

| Axis | Orthodox | Ours | Notes |
|------|----------|------|-------|
| **Boundary** | Harden the door | **No door** on that wall (topology) | STEALTH §1 |
| **Integrity** | Baseline + drift alerts | Deferred to **17** (Colossus, audit) | Stealth ≠ integrity; allies |
| **Metadata** | Accept leaks; encrypt payload | **Signal inventory** → remove or accept explicitly | **O5** |
| **Sync / edge** | Default connect | **Dark lane policy** — what never touches MCP/export | **O2** |

---

## C. Murder board

1. **“We’re safe because we use E2E encryption.”** Metadata, timing, and graph shape still teach an adversary where to spend budget.
2. **“One strong identity for everything.”** Single IdP compromise becomes universal; compartments violate convenience — we choose compartments.
3. **“Security through obscurity is always wrong.”** **Low observability** is not algorithm secrecy; it is **cost shifting** on recon — honest scope in STEALTH §2–3.

---

## D. What we take from orthodox

| From orthodox | Why | Into 19 |
|---------------|-----|---------|
| Signed artifacts + CI gates | Provable build state for **ferry** bundles | **O3** ferry minimum |
| Threat modeling templates | Name leak classes without naming secrets | **O5** |
| Enterprise network zoning vocabulary | Maps to **O1** system graph doc |

---

## E. Proof comparisons (bounty-shaped)

| ID | Orthodox artifact | Stealth artifact | Done when |
|----|-------------------|------------------|-----------|
| **O1** | “Architecture slide” with every service | **Islands + allowed edges only** — no secrets on diagram | Graph reviewed |
| **O2** | “Everything in Git” | Explicit **never-sync** classes | Policy signed |
| **O3** | Ad hoc handoff | Minimal **worldline + attestation** for one edge | Pair with vault O6 / 15 O11 |
| **O4** | None | **Decoy** surface defined | Safe to burn |
| **O5** | Ignore metadata | **Inventory** + accept/remove queue | Published internally |
| **O6** | Trust provider UI | **Dead ocean** ops sheet — recovery + HALO never rules | One page |

---

## F–H. Survey, adoption, verdict

**BOOK.md** stays thin for 19 — add **official** NIST / cloud metadata-hardening refs only when a row cites them (no invented DOIs). **Adoption:** 🔴 O2 + O1 → 🟡 O3 + O5 → 🟢 O4 + O6.

**Verdict:** Orthodox wins **auditability** and **vendor support**. Stealth wins when **attack surface** and **observer model** are the bottleneck — document the trade in **WORLDLINE.md**, not only here.

---

## Figures

**O1** should become the **overview figure** (islands/edges). Add **signal leak taxonomy** diagram when **O5** matures (FORM_PROTOCOL §3).