In plain English
This page explains the governance layer: rules, logs, approvals, signatures, audits, permissions, and rollback tools. These controls are necessary, but they also become important failure points.
- Why this matters: AI risk can come from the whole arrangement, not one obvious model.
- What to look for: data, memory, routes, adapters, tools, evaluators, updates, and rollback paths.
- Technical version below: the expert terminology remains available and is linked through the glossary.
Edge Runtime Reproduction Boundary
A local model runtime can reduce server exposure while increasing composition complexity. The reproduction boundaryThe governance boundary separating permitted candidate generation and governed descendant creation from uncontrolled autonomous replication or authority expansion. Open glossary definition therefore has to cover the compiled runtime, local cache, model artifact, adapter stack, tokenizer, sampler, KV-cache state, and browser storage.
Control rule
Do not evaluate a local model as though it were only a file. Evaluate the exact browser ecology that will run: runtime binary, model weights, adapterA small add-on that changes or specializes model behavior. Open glossary definition list, prompt package, memory state, tool permissions, and storage reset path.
Required runtime ledger
| Ledger field | Why it matters |
|---|---|
| Runtime build hash | Confirms the .wasm and JavaScript loader being evaluated. |
| SIMD feature set | Documents whether the deployed path uses scalar, SIMD128, or threaded execution. |
| Base model hash | Anchors the immutable model artifact. |
| Quantization format | Distinguishes Q4, Q5, Q6, Q8, K-Quant, FP16, and decoder variants. |
| Adapter stackA set of adapters loaded together, usually in a defined order. Open glossary definition | Captures adapter identifiers, ranks, sparse deltas, load order, and compatibility checks. |
| Tokenizer identity | Prevents silent behavior drift from tokenizer table changes. |
| Sampler config | Makes stochastic output reproducible by recording seed, temperature, Top-K, and Top-P. |
| KV-cache policy | Documents paging, prefix sharing, copy-on-write, eviction, and reset behavior. |
| Browser storage use | Lists IndexedDB, Cache API, localStorage, and service-worker caches touched by the model ecologyA changing AI system made from many connected parts, not just one model. Open glossary definition. |
| Diagnostics checksum | Binds run telemetry to the runtime and composition being tested. |
Reset boundary
A user-facing reset button is not enough unless it clears every carrier. A complete local reset should remove cached model chunks where allowed, adapters, prompts, memory records, vector indexes, cached tool outputs, speculative branches, and diagnostic state.
Rollback packet additions
For browser-side inferenceA conclusion or output produced from data. Open glossary definition, include these fields in addition to ordinary model rollback:
.wasmruntime hash.- loader script hash.
- feature flags for SIMD, atomics, threads, and shared memory.
- model and adapter hashes.
- tokenizer and sampler identifiers.
- KV-cache and prefix-cache snapshot policy.
- browser storage inventory.
- reset evidence.
Boundary
This page is defensive. It does not provide exploit steps for browser runtimes, adapter systems, or WebAssembly memory. It translates report-derived architecture into review tasks.