v0.2.2 — MI-threshold detector + audit-verify + 51K-execution scrutiny campaign

v0.2.2 — MI-threshold learned-proxy detection + signature-chain verification

Released: 2026-05-28
Citation: Zenodo DOI (minted on this release publish)
Sibling release: linus10x/finserv-agent-audit v1.0.1 (the financial-services pattern library — cre-agent-audit is its CRE-vertical counterpart)

---

What shipped

This release closes two of the three engineering items deferred from the v0.2.1 adversarial-review fold-in. The third — Big-4 named-GC reference quotes (F32) — is research outside the engineering scope and remains open against v0.3.0.

1. Fair-housing MI-threshold learned-proxy detection (closes F11; ADR-0008 update)

A mutual-information detector in fair_housing_preflight.py flags applicant features that carry above-threshold MI against a protected-class reference distribution. Wired through a new FHA-MI-PROXY veto code. Default threshold 0.10 (configurable). Quartile-binning for numeric features; base-2 log entropy normalized by H(Y) so scores read on [0,1].

Distinct from the Module Integrity Proxy that shipped in v0.2.1 under ADR-0013 — that pattern guards the verifier's chain-of-custody. The v0.2.2 detector guards the decision input against learned discrimination through a facially-neutral feature.

Academic anchors: Kusner et al. 2017 (counterfactual fairness), Calmon et al. 2017 (optimized pre-processing), Hardt-Price-Srebro 2016 (equality of opportunity), Pedreshi-Ruggieri-Turini 2008 (discrimination-aware classification).

Settled-liability and ongoing-litigation anchors:

• TransUnion FTC/CFPB consent orders, October 2023, $15M (FCRA § 607(b))
• Louis v. SafeRent Solutions, ~$2.275M class settlement, D. Mass., November 20, 2024 (five-year score-use injunction on voucher-holder applicants)
• U.S. v. RealPage, filed by DOJ and eight state AGs, M.D.N.C., August 23, 2024 (Sherman § 1, ongoing civil antitrust; subsequent data-restrictions milestone November 24, 2025)

A SafeRent-shaped synthetic reference fixture (tests/fixtures/saferent_shaped_reference.py) demonstrates the detector catching zip_code_quintile carrying MI ≈ 0.369 against voucher status with deterministic seed.

2. RFC 3161 signature-chain verification under [audit-verify] extra (closes ADR-0012-A1)

A rfc3161_verify module validates the TSA signature chain on stored RFC 3161 timestamps from audit-ledger entries. Behind the new optional [audit-verify] extra so the package keeps its zero-runtime-dependency posture for callers who only need the issuance path. Install path: pip install "cre-agent-audit[audit-verify]" (pulls cryptography>=42).

3. Pre-DOI deep-scrutiny pass + 51,000-execution property/fuzz campaign

Before this tag, three review chambers (architecture, code-review pass 2, test-strategy + execution proof) ran end-to-end on the post-hardening codebase. The campaign — tests/test_enterprise_scrutiny_campaign.py — runs 18 Hypothesis-powered property and fuzz tests for a total of 51,000 empirically-measured generated examples: MI calculator value-range + permutation invariance, RFC 3161 codec garbage-byte fuzz + request determinism, AuditEntry canonical-bytes determinism + frozen contract, AuditLedger verify-chain invariant + tamper detection + chain-head consistency, ProtectedClassReference paired rejection + acceptance, MIThresholdDetector finding invariants, quartile-bin + severity-ladder monotonicity, and full round-trip across the three LedgerStore backends. The deep-review pass also added @runtime_checkable parity to the TimestampSource and WitnessRegister Protocol seams, threat-model framing to the RFC 3161 codec docstring, and Python memory-posture documentation to LocalMIProxy.from_env.

Engineering posture preserved

• Zero runtime dependencies on the default install path
• cryptography>=42 only when [audit-verify] is requested
• 336 tests pass · 86% branch coverage · ruff + mypy --strict clean
• 9 core patterns + 4 hardening patterns + 1 category-claim pattern (ADR-0014: operator-side AI governance)

Verification

pip install -e ".[dev,audit-verify]"
pytest -q
ruff check src tests
mypy --strict src tests

Compatibility

v0.2.2 is a non-breaking addition to v0.2.1. The detector is opt-in (default None on FairHousingPreflightGate); the extra is opt-in. Callers who do not import either path see no behavior change.

Roadmap

v0.3.0 (target 2026-Q4): full per-pattern ISO/IEC 42001 mapping at subordinate-clause level; five state regulatory mappings; pruning unused agents/ stubs; LangChain + CrewAI adapters; Docker compose for a 60-second zero-pip-install demo. See ROADMAP.md.

Provenance and disclaimers

cre-agent-audit is a reference architecture, not legal advice. Every regulatory citation in this release is primary-source-verified. See DISCLAIMER.md and LIMITATIONS.md for posture and caveats.

Sibling repository: linus10x/finserv-agent-audit.