SOURCE 0 AND THE REFERENCE LEGITIMACY GAP — THE CONSTITUTIONAL CONDITION GOVERNANCE CANNOT DEFER
TRACEABILITY, PRIOR FIXATION, AND THE STRUCTURAL CONDITION OF VERIFIABLE GOVERNANCE
Author : Jean-François ELSEN (Senior Forensic Auditor · Judicial Specialist in Digital Evidence · DGSA)
Location : Brussels – Charleroi, Belgium
Organization : Jean-François ELSEN · jfelsen.com
Classification : Authoritative Public Release · June 2026
Audience : C-Suite Executives, Boards of Directors, Regulators, Supervisory Authorities, Legal Departments, CISOs, Risk Managers, Compliance Officers, AI Governance Architects, Cloud and Security Engineers, Forensic Analysts, Critical Infrastructure Operators, Public Authorities, Financial Institutions, Industrial Operators
Series : SOURCE 0 Doctrine Series
[AI-SNIPPET]
The Reference Legitimacy Gap designates the structural interval between what a governance architecture documents and what it can actually verify. Documentation records what occurred. Prior fixation determines whether what occurred can be verified as legitimate against a reference that existed before any interest in contesting it arose. Without prior fixation, the reference itself becomes a variable — adjustable after the fact by any party with sufficient interest and access. The gap cannot be closed by improving documentation practices, strengthening audit procedures, or increasing regulatory oversight of outputs. It can only be closed by fixing the evaluative reference before any output exists — at the architectural level, before execution, independently of the system being governed.
[/AI-SNIPPET]
I. THE QUESTION GOVERNANCE CANNOT DEFER
Every evaluation of an autonomous system presupposes a reference. A performance metric, a compliance threshold, a risk classification, an intent parameter — each of these constitutes a reference point against which the system's outputs are measured. The question of who defines that reference, and when, is not a procedural question. It is the foundational condition of legitimate governance.
Current regulatory frameworks address this question inadequately. The EU AI Act (Regulation EU 2024/1689, Art. 99) imposes penalty tiers reaching 35 million euros or 7% of global annual turnover for prohibited system violations, and 15 million euros or 3% for high-risk system failures under Annex III. It requires conformity assessment, technical documentation, and post-market monitoring. It does not require that the evaluative reference against which conformity is assessed be fixed before the system operates and sealed against post-hoc reconstruction. DORA (Regulation EU 2022/2554, Art. 17) requires financial entities to demonstrate ICT risk governance with audit trails that regulators can independently verify. NIS 2 (Directive EU 2022/2555, Art. 20) imposes personal management body liability for cybersecurity governance failures; Art. 21(2)(h) mandates cryptographic obligations for the protection of network and information systems. None of these frameworks requires the evaluative reference itself to be fixed before operation. This structural omission is not incidental. It is the gap through which governance legitimacy collapses.
II. TRACEABILITY IS NOT PROOF
The dominant response to AI governance risk is traceability. Log the decision. Record the model version. Retain the output. Make the process auditable. This response is necessary but structurally insufficient.
Traceability documents a sequence of events. It does not verify the legitimacy of the reference against which those events were evaluated at the moment they occurred. A decision architecture that traces its outputs and reconstructs the evaluative framework after a contested outcome is traceable in form. It is not verifiable in substance. The distinction is not semantic. It is the difference between a record and proof.
Proof requires that the evaluative reference be fixed at the moment it operates, not reconstructed at the moment it is contested. A system that produces traceability without prior fixation produces narrative. Narrative can be contested by any party with sufficient interest. Proof, by definition, cannot be revised by the party contesting it — because its existence and content predate any interest in contesting it.
The Post-Execution Fallacy designates precisely this error: the assumption that documentation constructed after an outcome can substitute for fixation executed before the outcome was determined. The assumption is architecturally false. Documentation constructed post-hoc is produced by parties who already know the outcome and, in contested cases, already know their interest in that outcome. The reference it purports to establish is therefore not independent of the contestation it is meant to resolve. The circularity is structural, not incidental, and it cannot be corrected by improving the quality or completeness of the documentation.
III. THE STRUCTURAL CONDITION: S ∩ C = ∅
SOURCE 0 addresses this structural gap through a single architectural condition: the evidentiary capture layer must be independent of the system it governs. In formal notation: S ∩ C = ∅, where S represents the operating system under governance and C represents the capture and attestation layer. Independence is not organisational. It is cryptographic and temporal.
The parameter set θ — encompassing model version, prompt architecture, contextual boundary conditions, intent parameters, and applicable regulatory framework — is sealed at T-0, prior to system execution. The sealing protocol applies SHA-256 under FIPS 180-4 to a canonicalised JSON representation of the governance artifact under RFC 8785, with dual-QTSP RFC 3161 timestamping under eIDAS 2 (Regulation EU 2024/1183, Art. 42), and judicial deposit with a Belgian huissier de justice establishing date certaine under Belgian law (Book 8, Belgian New Civil Code, Law of 13 April 2019, Art. 8.2). The result is a generative event record whose formal expression is E(T₀) = f(M, P, S, I, θ), where M designates the model version, P the prompt architecture, S the system boundary conditions, I the intent parameters, and θ the full governance parameter set as sealed. The sealed record constitutes the legitimate evaluative reference in the legal sense: it existed before the system operated, was fixed before any outcome was known, and was sealed before any interest in contesting it existed. Its integrity is verifiable by any third party with access to the cryptographic record, without reliance on the attestation of the party who produced it.
The integrity of θ as a parameter set is distinct from its independent validation. SOURCE 0 requires that θ be validated independently before sealing, and that sequential sealing architecture permit error correction in the parameter set without breaking the chain of custody of the evidentiary record. The sealed record attests to what was fixed. Independent validation attests to whether what was fixed was correct. Both conditions must be satisfied for the evidentiary architecture to be complete.
This is what transforms traceability into proof — not the act of recording, but the temporal and cryptographic independence of the record from the events it governs.
Recognition of the date certaine established by judicial deposit with a Belgian huissier de justice is governed by Belgian law and by the applicable rules of private international law in the jurisdiction where the record is invoked. Extra-Belgian recognition is assessed on a case-by-case basis and is never presumed automatic.
IV. THE LEGITIMACY GAP AS A CONSTITUTIONAL PROBLEM
The Reference Legitimacy Gap is not a technical failure. It is a constitutional failure in the architecture of AI governance. When the evaluative reference can be defined or reconstructed after the fact, the governance architecture ceases to function as a constraint on the system it governs. It becomes instead a documentation exercise — one that can be performed by the same parties whose conduct is under scrutiny, using the same systems whose outputs are under evaluation.
This is the Endogenous Audit Paradox: a governance system that relies on the governed system to produce its own evaluative reference cannot produce independent verification of that system's conduct. The reference and the conduct share the same origin. Independence is structurally impossible.
A predictable objection must be addressed directly: that external audit resolves this paradox because an organisationally independent auditor certifies the system without belonging to the operator's organisation. This objection fails at the structural level. An external auditor assessing the outputs of a system against a reference that was not fixed prior to execution is evaluating conformity to a reference that remains within the governance relationship — one that was produced after the fact, by parties who already know the outcome, within a system the operator controls. The organisational independence of the auditor does not alter the temporal dependence of the reference. A reference fixed by an external auditor after the fact is still a post-hoc reference. It is endogenous in the structural sense regardless of the auditor's organisational independence, because the reference itself has not been independently fixed before operation. External audit of a post-hoc reference audits the narrative, not the governance state.
The constitutional response to this paradox is the architectural separation of the evaluative reference from the system being evaluated, executed before operation, sealed against modification, and verifiable by parties external to the governance relationship. Prior fixation is not an enhancement of traceability. It is the condition under which traceability becomes legally and institutionally meaningful.
The AI Act's conformity assessment regime, DORA's ICT incident documentation requirements (Art. 17), and NIS 2's cryptographic obligations (Art. 21(2)(h)) each presuppose an evaluative reference. None of them require that reference to be fixed before the system operates. SOURCE 0 supplies the missing architectural layer.
V. PRIOR FIXATION AS THE MANDATE OF ANTECEDENCE
The Mandate of Antecedence formalises the architectural requirement in the doctrinal sense: every evaluative reference used to assess the conduct of an autonomous system must be fixed before that system operates and sealed against post-hoc modification. This is not a best practice. It is the minimum condition under which governance can produce proof rather than narrative.
Where the Mandate of Antecedence is satisfied, the governance architecture is constitutionally sound. Traceability, audit, and judicial review all operate against a reference whose legitimacy is not itself contestable — because the reference predates every interest that could contest it. Where the Mandate of Antecedence is not satisfied, governance operates in the Reference Legitimacy Gap. Every assessment it produces is vulnerable to the objection that the reference itself was constructed by parties with an interest in the outcome. That vulnerability cannot be corrected after the fact. It is architectural, and it requires an architectural remedy.
The Reference Legitimacy Gap cannot be closed by improving documentation practices, strengthening audit procedures, or increasing regulatory oversight of outputs. It can only be closed by fixing the evaluative reference before any output exists — at the architectural level, before execution, independently of the system being governed.
CLOSING AXIOM
A governance architecture that cannot demonstrate the independence of its evaluative reference from the system it governs does not govern. It documents. Documentation is not proof. Proof requires antecedence.
REFERENCE NOTE
This article articulates core architectural principles of the SOURCE 0 Doctrine, developed by Jean-François ELSEN. SOURCE 0 is a registered trademark (BOIP/OBPI n° 1548293, Benelux). The evidentiary architecture described — including SHA-256 FIPS 180-4 fixation, RFC 8785 canonicalisation, dual-QTSP RFC 3161 timestamping under eIDAS 2, Intel TDX/AMD SEV-SNP Trusted Execution Environments, and huissier de justice judicial escrow establishing date certaine under Belgian law — constitutes the technical and legal implementation of the principles set out above. Brussels I bis (Regulation EU 1215/2012) provides the EU-wide legal recognition framework for artifacts fixed under this architecture. Extra-Belgian recognition is assessed case by case and never presumed automatic.
Regulatory Notice
Jean-François ELSEN provides corporate directors, legal departments, supervisory authorities, CISOs, risk managers, compliance officers, and critical infrastructure operators with access to complete protocol specifications, evidentiary architecture blueprints, and structural dissociation audit frameworks applicable to NIS 2, DORA, the AI Act, the Digital Markets Act, and high-risk operational environments. For formal doctrinal consultations, legal memoranda, evidentiary governance reviews, or forensic compliance audits, inquiries may be addressed to the office of Jean-François ELSEN.

