{
  "schema": "capps-revocation-audit-ledger-v1",
  "status": "public-production-revocation-audit-ledger-live",
  "publishedAt": "2026-06-15T15:00:00Z",
  "route": "/capps-revocation-audit-ledger.html",
  "positioning": "CAPPS Revocation and Audit Ledger defines how chosen access is suspended, expired, revoked, reviewed and evidenced without exposing private records.",
  "revocationStates": [
    "pending review",
    "suspended",
    "expired",
    "revoked",
    "restored",
    "blocked"
  ],
  "triggerRules": [
    "expiry reached",
    "scope changed",
    "unsafe request",
    "unsupported claim",
    "pilot phase ended",
    "operator review failed"
  ],
  "auditFields": [
    "action",
    "state",
    "role",
    "scope",
    "policy version",
    "evidence hash",
    "review route"
  ],
  "publicProofOnly": [
    "state model",
    "trigger rules",
    "policy version",
    "evidence-hash format",
    "review route"
  ],
  "privateFieldsBlocked": [
    "names",
    "contact records",
    "identity evidence",
    "health records",
    "school records",
    "operator notes",
    "wallet signing credentials"
  ],
  "linkedRoutes": [
    "/capps-chosen-access-registry.html",
    "/capps-access-boundary.html",
    "/security-review-scope.html",
    "/public-data/capps-revocation-audit-ledger.json"
  ]
}