Argument Map
The Conceptual Positioning of Civic Proof
Civic Proof — Concept Positioning Argument Map (v2)
"Civic Proof" is a third category between existential ID (who is a citizen) and entitlement ID (what this person is permitted to do) — a concept engineering proposal defined by a three-part structure of normative difference matrix + formal definition + boundary conditions. Neither a KYC equivalent nor a renaming of existing systems fully covers this position. Its defense does not depend on the invention of something new but on correcting a category error in the existing conceptual landscape.
Civic Proof is a third category between existential ID and entitlement ID — defined by a matrix of normative differences plus formal scope plus boundary conditions.
CivicProof ≜ ⟨ 𝒩, ℱ, ℬ ⟩
where
𝒩 = normative_difference_matrix(M₁, M₂, M₃, M₄) — four need-types
ℱ = formal_scope(min_necessary ∧ max_allowed) — §6 formal definition
ℬ = CI ∧ Cohen ∧ Hildebrandt ∧ Marshall(heuristic) — philosophical basis
¬derivable_from(CivicProof, {ExistentialID, EntitlementID, KYC, SBT})
⇔ CivicProof ∈ ConceptEngineering ∧ ¬CivicProof ∈ Renaming
Civic Proof is defined by three parts (normative matrix 𝒩 + formal scope ℱ + philosophical basis ℬ). Its non-derivability from existing systems pushes it from "renaming" to "concept engineering."
𝒩- Normative differences matrix — four need-types (M₁ existential / M₂ entitlement / M₃ cumulative / M₄ privacy calibration)
ℱ- Formal scope — minimum necessary condition ∧ maximum permitted range
ℬ- Philosophical basis — CI plurality + Cohen self-constitution + Hildebrandt agonistic legality + Marshall three-tier citizenship (heuristic)
CI- Contextual Integrity (Nissenbaum's contextual integrity)
¬derivable_from- Not derivable from... (negation of the derivability relation)
≜- Is defined as
ConceptEngineering- Concept engineering (Cappelen / Plunkett's methodology — deliberate revision of existing concepts)
The formula states the position, but two conflated readings must first be distinguished. Most discussions treat "civic proof" as a KYC equivalent or a synonym for SBT; this map opposes that classification — it should be understood as a "concept engineering proposal" — a third category arrived at after correcting a category error in the existing conceptual landscape.
Civic proof = renaming of an existing system
Treating "civic proof" as another name for KYC, ExistentialID, EntitlementID, or SBT. This classification assumes that at least one of the four need-types M₁..M₄ is completely covered by an existing system; but empirical examination shows that no existing system covers all — therefore the "renaming" classification is factually untenable.
CivicProof ∈ {KYC, ExistentialID, EntitlementID, SBT} ⇒ ∃ existing : covers(existing, M₁ ∧ M₂ ∧ M₃ ∧ M₄) — but empirically ¬∃ Civic proof = concept engineering proposal
Civic proof is a proposal that deliberately corrects a category error in the existing conceptual landscape — a three-part definition ⟨𝒩, ℱ, ℬ⟩. Its defense does not depend on inventing something new but on (1) the normative difference matrix showing coverage gaps in existing systems, (2) the formal definition providing minimum necessary and maximum permitted ranges, and (3) the philosophical basis providing normative grounds.
CivicProof ≜ ⟨𝒩, ℱ, ℬ⟩ ∧ ¬derivable_from(CivicProof, {ExistentialID, EntitlementID, KYC, SBT}) The distinction is merely a declaration. To prove that "civic proof ∉ renaming," four independent sources are needed — the normative basis from philosophical foundations (CI / Cohen / Hildebrandt), Marshall's three-tier citizenship as a heuristic analogy (honestly downgraded to an analogy rather than a structure), the abductive argument for four need-types (the M₁..M₄ normative matrix), and the engineering specifications of the formal definition + boundary conditions. Without any one of these, the proposal reverts to general "identity political philosophy."
§3 — Privacy Philosophy Foundation
Three-stage argument — CI / Cohen / Hildebrandt
whyProvides the normative basis — without a philosophical foundation, "civic proof" will be accused of being arbitrarily defined. The three-stage argument of CI plurality + Cohen self-constitution + Hildebrandt agonistic legality provides the chain of reasoning from "why normative differentiation is needed" to "why agonistic design is needed."
CI plurality as premise (Nissenbaum) — different social domains have their own information norms; cross-domain diffusion violates contextual integrity. Formal non-derivability argument — the four need-types M₁..M₄ cannot be derived from one another; the scenario differences in identity verification cannot be absorbed by a "unified identity." Conceptual difference between Cohen and Nissenbaum — Cohen emphasizes the political-economic conditions of self-constitution (scope exceeding "information flow norms"), a difference that corresponds to the "agency" requirement of civic proof. Extension via Hildebrandt's agonistic legality — the function of law should fall on "preserving space for contestation," beyond the purely technical role of "enforcing existing rules" — corresponding to the remedy design in §7 of civic proof.
ℬ ≜ CI(plurality) ∧ Cohen(self-constitution) ∧ Hildebrandt(agonistic) ⇒ justifies(𝒩.dimensions = 4) §4 — Marshall's Three-Tier Citizenship (heuristic analogy)
Civil / Political / Social citizenship — heuristic correspondence
whyProvides a precise boundary for analogy strength — treating the Marshall structure as "the formal skeleton of civic proof" would commit the error of overstating analogy strength; this pillar downgrades the analogy to "heuristic framing," undertaking limited work (providing a narrative structure) without undertaking structural work (providing a formal definition).
Marshall's structure as heuristic framing — the 18th–19th century development of civic rights (civil legal status) → 19th–20th century political rights (voting) → 20th century social rights (welfare) provides a narrative template for "staged expansion." Work undertaken by the heuristic analogy — (1) showing that "civic identity" is itself a historically expanding concept; (2) providing historical context for the §3 philosophical basis; (3) providing layered intuition for the §5 four need-types. Reinforcement by Sen and Anderson and their tensions — Sen's capability approach emphasizes "substantive freedom," Anderson's relational equality emphasizes "status position" — both reinforce Marshall but also generate tensions. Analogy strength grades — α strong analogy (structural isomorphism) → β medium analogy (narrative isomorphism) → γ weak analogy (intuitive heuristic); this pillar argues that Marshall belongs to γ.
Marshall ∈ heuristic(γ) ∧ ¬structural-isomorphism ⇒ ¬load-bearing(formal_definition) §5 — Four Need-Types Abductive Argument
M₁..M₄ normative difference matrix
whyProvides the argumentative skeleton — without the normative matrix, the differences between "civic proof" and existing systems remain vague. M₁..M₄ precisely marks the differences — M₁ existential, M₂ entitlement, M₃ cumulative, M₄ privacy calibration. The formalized structure shows that no existing system covers all four dimensions.
Four dimensions of the normative difference matrix — M₁ existential need (who is a citizen, corresponding to ExistentialID), M₂ entitlement need (what this person is permitted to do, corresponding to EntitlementID), M₃ cumulative need (civic identity changes over time, including accumulation of obligations and rights, low coverage in existing systems), M₄ privacy calibration need (disclosure boundary for each scenario, corresponding to V₁..V₆ in article 01). Formalized M₁–M₄ structure — each Mᵢ has independent success indicators + failure modes, and cannot be mutually derived (non-derivability). Honest downgrading of the concept engineering proposal — the argument does not claim "civic proof is a new discovery," but claims "civic proof is a deliberate proposal addressing the M₃/M₄ gaps."
𝒩 ≜ (M₁, M₂, M₃, M₄) ∧ ∀ system ∈ {KYC, ExistentialID, EntitlementID, SBT} : ∃ Mᵢ : ¬covers(system, Mᵢ) §6 — Formal Definition and Boundary Conditions
ℱ — minimum necessary condition ∧ maximum permitted range
whyProvides precision — without a formal definition, "civic proof" will be accused of being a "decorative concept." The minimum necessary condition gives "what is at minimum required," the maximum permitted range gives "what can at most be covered"; the two ends jointly define the boundaries of ℱ.
Two ends of the formal definition — minimum necessary condition (must simultaneously satisfy M₁ existential root + at least one of M₂/M₃ + M₄ privacy calibration design; missing any one does not count as civic proof); maximum permitted range (does not extend to "the overall civic identity system" — limited to "the normative matrix of identity verification"). Core convergence sentence — civic proof = a concept engineering proposal with ℬ philosophical basis as foundation, 𝒩 normative matrix as content, and ℱ formal scope as boundary. Integration with "accountability without identification" (§7) — V₁..V₆ in article 01 is the concrete instantiation of the M₄ privacy calibration dimension; article 02 provides the conceptual landscape, article 01 provides the concrete sub-specification.
ℱ ≜ min_necessary(M₁ ∧ (M₂ ∨ M₃) ∧ M₄) ∧ max_allowed ⊆ identity_verification_normative_matrix §8 — Academic Positioning + Subsequent Connections
Conditional conclusion + position of the 18-article series
whyProvides intellectual honesty — without marking conditions, "civic proof" will be incorrectly extrapolated as a "settled conclusion." This pillar argues that the conclusion of this paper is "conditional" (Conditional Conclusion), dependent on ℬ + 𝒩 + ℱ all holding; simultaneously it marks the position of the subsequent 17 articles under this three-part definition.
Conditional conclusion — CivicProof ≜ ⟨𝒩, ℱ, ℬ⟩ holds on the preconditions that (1) the ℬ philosophical basis is accepted, (2) the four dimensions of the 𝒩 matrix are acknowledged, and (3) the ℱ formal boundaries are not accused of being too strict or too broad. If any one of the three preconditions fails, the argument needs to be downgraded. Open questions awaiting subsequent validation — concrete formalization of M₃ cumulativity, gradation of M₄ privacy calibration across different domains, and boundary testing of ℱ's maximum permitted range. Connections with subsequent chapters — article 01 (V₁..V₆ instantiate M₄), article 03 (H1' three walls correspond to ℬ's historical premise), article 04 (T tripartite corresponds to ℱ's formal extension), article 05 (IT' impossibility triangle corresponds to 𝒩's dimensional constraints), article 06 (CB-Justice corresponds to ℬ's political philosophy foundation), article 07 (SRP corresponds to ℬ's sovereignty premise), article 08 (HM corresponds to ℬ's historical premise). The 18 articles form a shared skeleton.
∀ article_i ∈ {01..18} : ∃ component ∈ {𝒩, ℱ, ℬ} : refines(article_i, component) The four pillars above are affirmative arguments. But the strong claim that "civic proof is not derivable from existing systems" must be held up by a specific reverse derivation chain — otherwise it is merely assertion. Starting from ExistentialID (who is a citizen) through EntitlementID (what this person is permitted to do) through KYC (financial compliance) through SBT (non-transferable tokens), each system is examined to determine whether it can cover the four need-types M₁..M₄; the conclusion is that no existing system covers all — therefore "renaming" does not hold.
Six-step concept engineering derivation — from existing conceptual landscape to three-part definition
⇒ Mechanistically necessary (structural facts of the conceptual landscape + formal derivation) ◊⇒ Probabilistic (choice of analogy strength + acceptance of philosophical position) Once the position and reverse derivation are established, counterarguments pose a genuine threat. The three counterarguments that "civic proof is just another name for SBT," "civic proof is just the political version of W3C VC," and "civic proof equals 'soft KYC'" are commonly cited; but carefully examining the coverage rate of each counterargument across the four need-types reveals that each covers only partial needs — this partial coverage is itself the failure of the counterargument, inversely supporting the "concept engineering" classification.
Counterargument 1
Civic proof = SBT renaming
pivotThe counterargument claims that "Soulbound Tokens already encompass all the functions of civic proof." But examining the M₁..M₄ coverage rate — SBT partially covers M₂ (entitlement, non-transferable) and partially covers M₃ (cumulative, on-chain records), but does not cover M₁ (existential root requires a sovereignty link, which SBT lacks) + M₄ (privacy calibration — SBT is a public on-chain record, violating CI plurality). SBT covers 0.5 dimensions in article 02's normative matrix.
SBT not only fails to support the "renaming" classification, but actually provides the strongest argument for "civic proof is a concept engineering proposal" — SBT's partial coverage + privacy gaps are themselves a concrete validation of the normative matrix.
Counterargument 2
Civic proof = political version of W3C VC
pivotThe counterargument claims that "Verifiable Credentials are already an industry standard; civic proof is merely politicized packaging." But W3C VC is an engineering implementation of ℱ (formal scope), not the overall definition of ℬ (philosophical basis) + 𝒩 (normative matrix). VC provides engineering protocols for "how to issue / verify / revoke credentials," but does not provide normative grounds for "why these four dimensions and not others." VC corresponds to a subset of ℱ in article 02's three-part structure.
W3C VC is not "another name for civic proof" but an engineering implementation of the ℱ component in CivicProof's three-part structure. This result inversely supports the overall classification of "concept engineering = philosophical basis + normative matrix + formal scope," while VC fills only one piece.
Counterargument 3
Civic proof ≈ soft KYC
pivotA genuine partial exception — "soft KYC" (e.g., W3C VC + attribute proofs) does indeed approximate a subset of civic proof on M₂ entitlement + M₄ partial privacy calibration. But "soft KYC"'s design purpose is financial compliance, lacking M₁ (existential — not concerned with civic identity root) + M₃ (cumulative — KYC is a time-slice, not cumulative). "Soft KYC" covers 1.5 dimensions.
Even if "soft KYC" approximates civic proof in a narrow domain, universalizing "civic proof = soft KYC" cannot be defended. Civic Proof's boundary condition B₃ (formal definition precision) precisely demonstrates this kind of precise scope constraint — soft KYC is one of the engineering instances of civic proof in the M₂/M₄ dimensions, not civic proof itself.
Once counterarguments are absorbed, what remains are design implications — under what conditions can "civic proof" be legitimately deployed without being misused? Four boundary conditions (normative matrix completeness / honest downgrading of heuristic analogy / formal definition precision / integration with article 01) translate the abstract "concept engineering" into verifiable academic obligations.
Legitimate deployment of civic proof must first pass four boundary conditions
deploy(CivicProof) valid ⇔ B₁ ∧ B₂ ∧ B₃ ∧ B₄𝒩 = (M₁, M₂, M₃, M₄) must have all four dimensions simultaneously examined; a deployment missing one dimension degrades to an existing system. Any system claiming to "implement civic proof" must provide coverage rates across all four dimensions.
B₁: implement(CivicProof) ⇒ ∀ Mᵢ ∈ {M₁..M₄} : coverage(impl, Mᵢ) ∈ [0, 1] ∧ documented(coverage) Citations of Marshall's three tiers + Sen + Anderson must be maintained at the γ heuristic level and must not be promoted to α structural isomorphism. Any deployment that treats "Marshall's three tiers" as the formal skeleton of civic proof violates B₂.
B₂: cite(Marshall ∨ Sen ∨ Anderson) ⇒ level(citation) = γ ∧ ¬load_bearing(formal_definition) The minimum necessary condition + maximum permitted range of ℱ must be explicitly listed in deployment documentation; vagueness will cause "civic proof" to be expanded to any identity system, violating the precision obligation of concept engineering.
B₃: deploy(CivicProof) ⇒ ∃ doc : specifies(doc, min_necessary) ∧ specifies(doc, max_allowed) The M₄ privacy calibration dimension must be integrated with the V₁..V₆ procedural firewalls of article 01; deployments that do not integrate will cause the M₄ dimension to degrade from "procedural obligation" to a "privacy statement." Article 02 provides the conceptual landscape; article 01 provides the M₄ sub-specification.
B₄: deploy(M₄) ⇒ M₄ ⊨ article_01.V₁ ∧ article_01.V₂ ∧ ... ∧ article_01.V₆ Bringing together the philosophical, analogical, normative matrix, formal, and boundary layers, what the map ultimately argues is the methodology of "concept engineering" itself (no single system's victory can substitute for it), and the academic path along which the other 17 articles in this series will unfold under the three-part definition.
Civic proof is not the invention of something new but a concept engineering proposal that deliberately corrects a category error in the existing conceptual landscape. Its academic positioning is a "conditional conclusion" — on the precondition that ℬ + 𝒩 + ℱ all hold, civic proof is the third category between existential and entitlement identity.
The debate should shift from "civic proof vs KYC / SBT / VC" to "under the normative matrix 𝒩, which dimensions do existing systems cover, and which do they lack." The work of civic proof is to precisely mark the positions of existing systems, especially to show the coverage gaps in M₃ cumulativity and M₄ privacy calibration — the two dimensions most commonly overlooked.
A principle of academic integrity runs through the entire text — heuristic analogies undertake heuristic work, formal definitions undertake formal work, philosophical bases undertake normative work; none may cross these boundaries. Marshall falls in the γ heuristic slot, VC belongs to the ℱ component, KYC belongs to the M₂/M₄ subset — the precise marking of these positions is where the boundaries of the CivicProof three-part formula lie.
Final form:
CivicProof ≜ ⟨ 𝒩, ℱ, ℬ ⟩
𝒩 = (M₁, M₂, M₃, M₄)
ℱ = min_necessary ∧ max_allowed
ℬ = CI ∧ Cohen ∧ Hildebrandt ∧ Marshall(γ)
¬derivable_from(CivicProof, {ExistentialID, EntitlementID, KYC, SBT})
deploy valid ⇔ ⋀ⱼ Bⱼ (j ∈ 1..4)
∀ article_i ∈ {01..18} : ∃ component ∈ {𝒩, ℱ, ℬ} : refines(article_i, component)
Source
===
title: 公民證明的概念定位
subTitle: Civic Proof — Concept Positioning Argument Map (v2)
slug: 2026-05-03-civic-proof-concept-positioning
author: research-article-pipeline argdown export
model:
removeTagsFromText: true
===
# Central Thesis
[Core Thesis]
+ <Formal Core>
+ [Accepted]
+ <P1>
+ <P2>
+ <P3>
+ <P4>
+ <P5>
+ <Causal Chain>
+ [Deployment Conditions]
+ <Conclusion>
- [Rejected]
- [Accepted]
+ [Accepted]
- [Objection 1]
- <Reply 1>
+ <Reply 1>
- [Objection 2]
- <Reply 2>
+ <Reply 2>
- [Objection 3]
- <Reply 3>
+ <Reply 3>
[Core Thesis]: 「公民證明」是介於存在性 ID(誰是公民)與資格性 ID(這個人能做什麼)之間的第三類——一個由規範差異矩陣 形式定義 邊界條件三件式定義的概念工程提案,KYC 等同物與現成系統重命名都未能完整覆蓋這個位置。它的辯護不依賴新事物的發明,而依賴對既有概念地景的層級錯置作出修正。 #thesis
<Formal Core>: Formula CivicProof 𝒩, ℱ, ℬ where 𝒩 normative difference matrix(M₁, M₂, M₃, M₄) — 四需求型態 ℱ formal scope(min necessary max allowed) — 6 形式定義 ℬ CI Cohen Hildebrandt Marshall(heuristic) — 哲學基礎 derivable from(CivicProof, ExistentialID, EntitlementID, KYC, SBT ) CivicProof ConceptEngineering CivicProof Renaming Caption 公民證明是三件式定義(規範矩陣 𝒩 形式範圍 ℱ 哲學基礎 ℬ)。它與既有系統的不可衍生性,把它從「重命名」推到「概念工程」。 #formal
[Accepted]: 公民證明 概念工程提案. 公民證明是對既有概念地景的層級錯置作有意修正的提案——三件式定義 𝒩, ℱ, ℬ 。它的辯護不依賴新事物的發明,而依賴 (1) 規範差異矩陣顯示既有系統的覆蓋缺口,(2) 形式定義給出最小必要與最大允許範圍,(3) 哲學基礎提供規範性根據。 #accepted
[Rejected]: 公民證明 既有系統的重命名. 把「公民證明」當作 KYC、ExistentialID、EntitlementID、或 SBT 的另一個名字。這個分類預設四需求型態 M₁..M₄ 至少有一個被現成系統完整覆蓋 但實證檢驗顯示沒有任何現成系統覆蓋全部——因此「重命名」分類在事實層面就不成立。 #rejected
<P1>: Title CI Cohen Hildebrandt 三段式論證 Section 3 — 隱私哲學基礎 Role 提供規範性根據——若沒有哲學基礎,「公民證明」會被指控為任意定義。CI 多元性 Cohen 自我構成 Hildebrandt agonistic legality 三段式提供從「為什麼需要規範差異」到「為什麼需要 agonistic 設計」的論證鏈。 CI 多元性主張作為前提(Nissenbaum) 不同社會領域有各自的資訊規範,跨領域擴散侵犯脈絡完整性。Non-derivability 的形式論證 M₁..M₄ 四需求型態無法相互推導 身分驗證的場景差異不可被「統一身分」吸收。Cohen 與 Nissenbaum 的概念差異 Cohen 強調自我構成的政治經濟條件(範圍超出「資訊流動規範」),這個差異對應到公民證明的「能動性」需求。Hildebrandt 的 agonistic legality 延伸 法律的功能應落在「保留爭議空間」,超越「執行已有規則」的純技術角色——對應到公民證明的 7 救濟設計。 Finding 哲學基礎 ℬ 不是「裝飾性引用」,是論證 𝒩 矩陣為什麼需要四個獨立維度(而非一個或兩個)的根據 缺哲學基礎則 𝒩 的維度劃分是任意的。 Formal ℬ CI(plurality) Cohen(self-constitution) Hildebrandt(agonistic) justifies(𝒩.dimensions 4) #pillar
<P2>: Title Civil Political Social Citizenship 啟發式對應 Section 4 — Marshall 三層公民權(啟發式類比) Role 提供類比強度的精確邊界——若把 Marshall 結構當作「公民證明的形式骨架」會犯類比強度誇大 本 pillar 把類比降級為「啟發式 framing」,承擔有限工作(提供敘事結構),不承擔結構性工作(提供形式定義)。 Marshall 結構作為啟發式 framing 18-19 世紀公民權(civil 法律地位) 19-20 世紀政治權(voting) 20 世紀社會權(welfare)三層發展史,提供「分階段擴展」的敘事模板。啟發式類比承擔的工作 (1) 顯示「公民身分」本身就是歷史擴展的概念 (2) 提供 3 哲學基礎的歷史脈絡 (3) 為 5 四需求型態提供分層直覺。Sen 與 Anderson 的補強及其張力 Sen 的能力進路強調「實質自由」,Anderson 的關係平等強調「身分位置」——兩者補強 Marshall 但也產生張力。類比強度的等級 α 強類比(結構同構) β 中類比(敘事同構) γ 弱類比(直覺啟發) 本 pillar 主張 Marshall 屬於 γ。 Finding Marshall 是 γ 弱啟發式類比,不是強結構同構。把它降級的目的是讓論證強度不依賴歷史類比 強類比留給 5 的溯因論證。誠實降級本身就是論證的一部分。 Formal Marshall heuristic(γ) structural-isomorphism load-bearing(formal definition) #pillar
<P3>: Title M₁..M₄ 規範差異矩陣 Section 5 — 四需求型態溯因論證 Role 提供論證骨架——若沒有規範矩陣,「公民證明」與既有系統的差異仍是含混的。M₁..M₄ 把差異精確標出 M₁ 存在性、M₂ 資格性、M₃ 累積性、M₄ 隱私衡量。形式化結構顯示沒有現成系統覆蓋全部四個維度。 規範差異矩陣的四個維度 M₁ 存在性需求(誰是公民,對應 ExistentialID)、M₂ 資格性需求(這個人能做什麼,對應 EntitlementID)、M₃ 累積性需求(公民身分隨時間變動,包含義務與權利的累積,既有系統覆蓋率低)、M₄ 隱私衡量需求(每場景的揭露邊界,對應 article 01 的 V₁..V₆)。M₁-M₄ 形式化結構 每個 Mᵢ 有獨立的成功指標 失敗模式,且不可相互衍生(non-derivability)。Concept-engineering proposal 的誠實降級——論證不主張「公民證明是新發現」,主張「公民證明是對 M₃ M₄ 缺口的有意提案」。 Finding 矩陣 𝒩 (M₁, M₂, M₃, M₄) 是論證的核心 既有系統的覆蓋缺口(特別是 M₃ 累積性與 M₄ 隱私衡量)是「不可從現成系統衍生」的實證根據。 Formal 𝒩 (M₁, M₂, M₃, M₄) system KYC, ExistentialID, EntitlementID, SBT Mᵢ covers(system, Mᵢ) #pillar
<P4>: Title ℱ — 最小必要條件 最大允許範圍 Section 6 — 形式定義與邊界條件 Role 提供精確性——若沒有形式定義,「公民證明」會被指控為「裝飾性概念」。最小必要條件給出「至少要有什麼」,最大允許範圍給出「最多能涵蓋什麼」,兩端共同定義 ℱ 的邊界。 形式定義的兩端 最小必要條件(必須同時滿足 M₁ 存在性根 M₂ M₃ 至少一項 M₄ 隱私衡量設計 缺任一不算公民證明) 最大允許範圍(不延伸到「整體公民身分系統」——僅限於「身分驗證的規範矩陣」)。核心收束句 公民證明 在 ℬ 哲學基礎上,以 𝒩 規範矩陣為內容,以 ℱ 形式範圍為邊界的概念工程提案。與「accountability without identification」的整合( 7) article 01 的 V₁..V₆ 是 M₄ 隱私衡量維度的具體填入 article 02 提供概念地景,article 01 提供具體子規格。 Finding ℱ 給出的邊界讓「公民證明」可被檢驗——主張過大會違反最大允許範圍,主張過小會缺漏最小必要條件。這個雙向約束是論證的精確性保證。 Formal ℱ min necessary(M₁ (M₂ M₃) M₄) max allowed identity verification normative matrix #pillar
<P5>: Title 條件性結論 18 篇系列的位置 Section 8 — 學術定位 後續對接 Role 提供誠實性——若不標出條件性,「公民證明」會被誤推為「定論」。本 pillar 主張本論文的結論是「條件性的」(Conditional Conclusion),依賴 ℬ 𝒩 ℱ 三件成立 同時標出後續 17 篇文章在這個三件式定義下的位置。 條件性結論 CivicProof 𝒩, ℱ, ℬ 成立的前提是 (1) ℬ 哲學基礎被接受、(2) 𝒩 矩陣的四維度被承認、(3) ℱ 形式邊界不被指控過嚴或過寬。三個前提任一不成立,論證需要降級。待後續驗證的開放問題 M₃ 累積性的具體形式化、M₄ 隱私衡量在不同場域的等級劃分、ℱ 最大允許範圍的邊界檢驗。與後續章節的對接 article 01(V₁..V₆ 填入 M₄)、article 03(H1 三道牆對應 ℬ 的歷史前提)、article 04(T 三件式對應 ℱ 的形式擴展)、article 05(IT 不可能三角對應 𝒩 的維度約束)、article 06(CB-Justice 對應 ℬ 的政治哲學基礎)、article 07(SRP 對應 ℬ 的主權前提)、article 08(HM 對應 ℬ 的歷史前提)。18 篇形成一個共同骨架。 Finding 18 篇不是 18 個獨立論題,是 𝒩, ℱ, ℬ 三件式定義在不同子問題上的展開。文章間的論證強度共享,但每篇對應不同維度。 Formal article i 01..18 component 𝒩, ℱ, ℬ refines(article i, component) #pillar
<Causal Chain>: Title 概念工程六步推導 從現成概念地景到三件式定義 T0 (deterministic) 概念地景現狀 ExistentialID EntitlementID KYC SBT 為主流候選 T1 (deterministic) 五層抽象表分析 四個現成系統的覆蓋層級不同,但都未達 M₁..M₄ 全覆蓋 T2 (deterministic) 兩個常見誤讀 (a) 把公民證明當 KYC 等同物(M₃ M₄ 缺)、(b) 把公民證明當 SBT 重命名(M₂ 部分覆蓋但 M₁ M₃ 缺) T3 (deterministic) 3 哲學基礎建立 ℬ CI(M₄ 根據) Cohen(M₂ 根據) Hildebrandt(救濟設計根據) T4 (probabilistic) 4 Marshall 三層作為 γ 啟發式類比 提供敘事不提供形式 T5 (deterministic) 5 溯因論證得出 𝒩 (M₁, M₂, M₃, M₄) 規範矩陣 T6 (deterministic) 6 形式定義收束 ℱ CivicProof 𝒩, ℱ, ℬ 三件式成立 #chain
[Deployment Conditions]: 公民證明的合法部署,必須先通過四條邊界條件. deploy(CivicProof) valid B₁ B₂ B₃ B₄ #conditions
<C1>: Title B₁ 規範矩陣完整性 𝒩 (M₁, M₂, M₃, M₄) 必須四維度同時被檢驗,缺一維度的部署退化為現成系統。任何聲稱「實作公民證明」的系統必須給出四維度的覆蓋率。 Formal B₁ implement(CivicProof) Mᵢ M₁..M₄ coverage(impl, Mᵢ) 0, 1 documented(coverage) #condition
<C2>: Title B₂ 啟發式類比的誠實降級 Marshall 三層 Sen Anderson 的引用必須維持在 γ 啟發式等級,不可被推為 α 結構同構。任何把「Marshall 三層」當作公民證明形式骨架的部署都違反 B₂。 Formal B₂ cite(Marshall Sen Anderson) level(citation) γ load bearing(formal definition) #condition
<C3>: Title B₃ 形式定義精確性 ℱ 的最小必要條件 最大允許範圍必須在部署文件中明確列出 模糊化會導致「公民證明」被擴張到任意身分系統,違反概念工程的精確性義務。 Formal B₃ deploy(CivicProof) doc specifies(doc, min necessary) specifies(doc, max allowed) #condition
<C4>: Title B₄ 與 article 01 的整合 M₄ 隱私衡量維度必須與 article 01 的 V₁..V₆ 程序防火牆整合 不整合的部署會使 M₄ 維度退化為「隱私聲明」而非「程序義務」。article 02 提供概念地景,article 01 提供 M₄ 子規格。 Formal B₄ deploy(M₄) M₄ article 01.V₁ article 01.V₂ ... article 01.V₆ #condition
<Conclusion>: 公民證明不是新事物的發明,是對既有概念地景的層級錯置作有意修正的概念工程提案。 它的學術定位是「條件性結論」——在 ℬ 𝒩 ℱ 三件式成立的前提下,公民證明是介於存在性與資格性之間的第三類。 辯論應從「公民證明 vs KYC SBT VC」轉向 「在規範矩陣 𝒩 下,現成系統覆蓋哪些維度、缺哪些維度」 。公民證明的工作是把現成系統的位置精確標出,特別是顯示 M₃ 累積性與 M₄ 隱私衡量這兩個常被忽略的維度的覆蓋缺口。 一條學術誠實原則貫穿全文 啟發式類比承擔啟發式工作,形式定義承擔形式工作,哲學基礎承擔規範性工作 不可越界。 Marshall 落在 γ 啟發式那一格,VC 屬於 ℱ 元件,KYC 屬於 M₂ M₄ 子集——這些位置的精確標示就是 CivicProof 三件式公式的邊界所在。 Formal Coda Final form CivicProof 𝒩, ℱ, ℬ 𝒩 (M₁, M₂, M₃, M₄) ℱ min necessary max allowed ℬ CI Cohen Hildebrandt Marshall(γ) derivable from(CivicProof, ExistentialID, EntitlementID, KYC, SBT ) deploy valid ⱼ Bⱼ (j 1..4) article i 01..18 component 𝒩, ℱ, ℬ refines(article i, component) #conclusion
# Deployment Conditions
[Deployment Conditions]
+ <C1>
+ <C2>
+ <C3>
+ <C4>
# Objections And Replies
[Objection 1]: 公民證明 SBT 重命名. 反論訴求是「Soulbound Token 已涵蓋公民證明的所有功能」。但檢驗 M₁..M₄ 覆蓋率 SBT 部分覆蓋 M₂(資格性、不可轉讓)、部分覆蓋 M₃(累積性、鏈上記錄),但未覆蓋 M₁(存在性根需要主權連結,SBT 缺) M₄(隱私衡量在 SBT 是公開鏈上記錄,違反 CI 多元性)。SBT 在 article 02 規範矩陣下覆蓋 0.5 維度。 #objection
<Reply 1>: Title 公民證明 SBT 重命名 SBT 不僅不支持「重命名」分類,反而給「公民證明是概念工程提案」提供了最強論證——SBT 的部分覆蓋 隱私缺口本身就是規範矩陣的具體驗證。 #reply
[Objection 2]: 公民證明 W3C VC 的政治版本. 反論訴求是「Verifiable Credentials 已是業界標準,公民證明只是政治化包裝」。但 W3C VC 是 ℱ(形式範圍)的工程實作,不是 ℬ(哲學基礎) 𝒩(規範矩陣)的整體定義。VC 提供「如何發證 驗證 撤銷」的工程協議,但不提供「為什麼這四個維度而非其他」的規範性根據。VC 在 article 02 三件式中對應 ℱ 子集。 #objection
<Reply 2>: Title 公民證明 W3C VC 的政治版本 W3C VC 不是「公民證明的另一個名字」,是 CivicProof 三件式中 ℱ 元件的工程實作。這個結果反向支持「概念工程 哲學基礎 規範矩陣 形式範圍」的整體分類,而 VC 只填補其中一塊。 #reply
[Objection 3]: 公民證明 軟性 KYC. 真正的部分例外——「軟性 KYC」(如 W3C VC 屬性證明)在 M₂ 資格性 M₄ 部分隱私衡量上確實接近公民證明的子集。但「軟性 KYC」的設計目的是金融合規,缺 M₁(存在性、不涉公民身分根) M₃(累積性、KYC 是時間切片不是累積)。「軟性 KYC」覆蓋 1.5 維度。 #objection
<Reply 3>: Title 公民證明 軟性 KYC 即使「軟性 KYC」在窄場域接近公民證明,普世化「公民證明 軟性 KYC」也無法被辯護。CivicProof 邊界條件 B₃(形式定義精確性)正好示範這種精確的範圍約束——軟性 KYC 是公民證明在 M₂ M₄ 維度的工程實例之一,不是公民證明本身。 #reply