{
  "schema": "capps-api-transport-assets-v1",
  "status": "public-production-system-map-live",
  "publishedAt": "2026-06-15T12:10:00Z",
  "route": "/capps-api-transport-assets.html",
  "positioning": "CAPPS API Transportation, Digital Assets and Instant Verification defines signed transport, proof receipts, digital asset references and the identity vault boundary.",
  "systems": [
    "API Transportation Rail",
    "Digital Asset Registry",
    "Instant Verification Engine",
    "UK Age Assurance Gateway",
    "Identity Vault Boundary"
  ],
  "apiRoutes": [
    "/identity/issue",
    "/trust/score",
    "/platform/verify",
    "/caps/evaluate",
    "/asset/verify",
    "/transport/receipt"
  ],
  "identityStorageBoundary": [
    "Protected review workflows handle identity evidence when required.",
    "Public CAPPS routes expose only proof references, status and policy state.",
    "Retention, deletion request and review interval controls are required before sensitive review evidence can remain active.",
    "Passport or identity review must never be implemented as an unrestricted public upload page."
  ],
  "ageAssuranceGateway": [
    "CAPPS can return signed age-band decisions for platform checks.",
    "Supported assurance methods can include protected document review, digital ID, facial age estimation or verified provider checks.",
    "Public routes must not claim universal mandatory ID upload unless final law, regulator guidance and platform duties are evidenced.",
    "Raw identity evidence must stay inside protected review workflows."
  ],
  "publicProofFields": [
    "capsId",
    "ageBand",
    "consentState",
    "verificationStatus",
    "assetRef",
    "policyVersion",
    "decision",
    "evidenceHash"
  ],
  "blockedFields": [
    "identity images",
    "document numbers",
    "raw identity records",
    "private contacts",
    "child records",
    "wallet signing secrets",
    "live location"
  ],
  "hardening": [
    "strict JSON contracts",
    "signed request receipts",
    "idempotency keys",
    "nonce and expiry checks",
    "rate limit boundary",
    "evidence hash logging",
    "public sensitive-data ban",
    "no browser storage"
  ],
  "decisionExample": {
    "capsId": "CAPS-EXAMPLE-001",
    "ageBand": "under16",
    "verified": true,
    "consentState": "guardian-reviewed",
    "assetRef": "asset-hash-reference",
    "policyVersion": "uk-child-safety-2026-06",
    "decision": "restricted-access",
    "evidenceHash": "sha256-public-proof"
  }
}