Physical Hardware Evidence

0x0 supports strict physical hardware evidence intake. The repository does not

claim that a physical board is attached by default. A release may claim a

physical target only when the target inventory points at complete physical

evidence and make physical-hardware-evidence-check accepts it.

Inventory

The committed inventory files are:

• hardware/physical-targets.tsv;
• hardware/physical-root-keys.tsv.

hardware/physical-targets.tsv records the target id, board id, serial,

status, firmware image, secure-boot manifest, physical log, monitor trace,

recovery trace, flashing receipt, HIL campaign, operator signoff, and root key.

hardware/physical-root-keys.tsv records root-key custody and rotation policy.

The repository default key row is inactive because the repository does not ship

physical key custody evidence.

Physical-Ready Evidence

A physical-ready target row must provide:

• a firmware image whose SHA-256 hash matches every downstream record;
• a secure-boot manifest with a valid signature prefix and active root key id;
• a physical hardware log with start/end times and a passing status;
• a monitor trace that includes boot-ok and health-ok;
• a recovery trace with rollback rehearsal evidence;
• a flashing receipt naming the flashing tool and firmware hash;
• a HIL campaign that covers reset, power, bus, storage, timing, and watchdog

faults;

• an accepted operator signoff.

Evidence files are rejected when they contain placeholder, TODO, FIXME, draft,

or demo-only markers.

Verification

Use:

make physical-hardware-evidence-check

The gate verifies a strict physical-ready fixture, verifies the committed

repository inventory has no physical target claim, integrates with

tools/certification-evidence.py physical-readiness, and rejects missing

signoff, placeholder evidence, and incomplete HIL campaigns.

The direct verifier is:

python3 tools/physical-hardware-evidence.py check \
  --inventory hardware/physical-targets.tsv \
  --root-keys hardware/physical-root-keys.tsv \
  --report build/physical-hardware-evidence/report.json

Release Boundary

Physical hardware evidence is implemented as an intake and verification

boundary. It does not replace external certification, lab process, or

deployment approval. External approvals must still be attached to the release

bundle when a release claims a certified physical target.