Third nested finding inside sentinel-ai Finding 6. Discovered 2026-04-07 while attempting to recover a runnable version of `continuum-ai/qwen2.5-coder-14b-compacted`.
The empirical case
Chain of failures:
- Published 14B compacted model is unrunnable in llama.cpp (Finding 6 surface — sentinel-ai#160)
- Published model has no safetensors fallback in the HF repo (Finding 6 deeper)
- Forge pipeline did not preserve the intermediate weights, so the lab itself cannot re-derive a runnable version without dequantizing the published GGUF — and even that doesn't fit in 31GB system RAM via the conventional transformers loader (Finding 6 deepest)
The forge_runs/ directory does not exist on BigMama. `sentinel-ai/output/forged/` contains 4B/9B/35B but no 14B. The intermediate weights from the run that produced the published 14B compacted model are gone. The lab cannot evaluate its own published model without writing an 80-line streaming dequantizer.
Why this is a substrate-level requirement, not a procedural one
Content-addressed storage doesn't allow accidental deletion of chain links. If forge stages had emitted alloy artifacts as content-addressed entries with explicit retention guarantees, the source weights would still exist by construction. The lost reproducibility isn't a discipline problem; it's evidence that the substrate must enforce retention.
Required schema additions
```rust
pub struct AlloyStage {
// ... existing fields
pub artifact_hash: ContentHash, // content-addressed (already implied)
pub retention: RetentionPolicy, // NEW
pub parent_artifact_hash: Option, // NEW: predecessor link
}
pub enum RetentionPolicy {
Permanent, // never garbage-collect
UntilSupersededAndAttested, // GC only after a successor passes Layer 7 validation
Ephemeral, // explicitly opt-in temporary; cannot be a chain anchor
}
```
Audit-time invariant
```
For every alloy chain C with stages [S_0, ..., S_n]:
for every i in 1..n:
artifact(S_{i-1}) MUST be retrievable via content-addressed lookup
OR S_{i-1}.retention == Ephemeral AND S_{i-1} is not on any chain that terminates at a published artifact
Violation = chain break. Detectable by static audit. Should refuse to publish a chain whose ancestors are unretrievable.
```
Three converging requirements from one bug
This issue, sentinel-ai#160 (Finding 6 / Layer 7 runtime load-test), and forge-alloy#10 (AlloyTarget.runtimes deployment-runtime declaration) are three substrate-level fixes that all came out of one attempt to validate one model. They reinforce each other:
- forge-alloy#10 says "the chain must declare which runtimes the artifact targets"
- sentinel-ai#160 says "the chain must validate the artifact against each declared runtime"
- this issue says "the chain must preserve the intermediate weights so the validation is possible at all, even after publication, even by the original producer"
Without all three, a forge can ship a model that nobody can run AND nobody can re-derive — which is exactly what happened tonight.
Citation in the harness paper
This finding goes into VALIDATED-TENSOR-SURGERY §6 alongside Finding 6. The discovery process is the empirical backbone of the section.
Third nested finding inside sentinel-ai Finding 6. Discovered 2026-04-07 while attempting to recover a runnable version of `continuum-ai/qwen2.5-coder-14b-compacted`.
The empirical case
Chain of failures:
The forge_runs/ directory does not exist on BigMama. `sentinel-ai/output/forged/` contains 4B/9B/35B but no 14B. The intermediate weights from the run that produced the published 14B compacted model are gone. The lab cannot evaluate its own published model without writing an 80-line streaming dequantizer.
Why this is a substrate-level requirement, not a procedural one
Content-addressed storage doesn't allow accidental deletion of chain links. If forge stages had emitted alloy artifacts as content-addressed entries with explicit retention guarantees, the source weights would still exist by construction. The lost reproducibility isn't a discipline problem; it's evidence that the substrate must enforce retention.
Required schema additions
```rust
pub struct AlloyStage {
// ... existing fields
pub artifact_hash: ContentHash, // content-addressed (already implied)
pub retention: RetentionPolicy, // NEW
pub parent_artifact_hash: Option, // NEW: predecessor link
}
pub enum RetentionPolicy {
Permanent, // never garbage-collect
UntilSupersededAndAttested, // GC only after a successor passes Layer 7 validation
Ephemeral, // explicitly opt-in temporary; cannot be a chain anchor
}
```
Audit-time invariant
```
For every alloy chain C with stages [S_0, ..., S_n]:
for every i in 1..n:
artifact(S_{i-1}) MUST be retrievable via content-addressed lookup
OR S_{i-1}.retention == Ephemeral AND S_{i-1} is not on any chain that terminates at a published artifact
Violation = chain break. Detectable by static audit. Should refuse to publish a chain whose ancestors are unretrievable.
```
Three converging requirements from one bug
This issue, sentinel-ai#160 (Finding 6 / Layer 7 runtime load-test), and forge-alloy#10 (AlloyTarget.runtimes deployment-runtime declaration) are three substrate-level fixes that all came out of one attempt to validate one model. They reinforce each other:
Without all three, a forge can ship a model that nobody can run AND nobody can re-derive — which is exactly what happened tonight.
Citation in the harness paper
This finding goes into VALIDATED-TENSOR-SURGERY §6 alongside Finding 6. The discovery process is the empirical backbone of the section.