Determinism

Review context should be reproducible.

A reviewer should be able to regenerate artifacts and understand whether changes came from source changes, configuration changes, or tool behavior. Determinism makes that possible.

Same input

The same local source state should produce the same review context.

Stable output

Artifacts should be structured, JSON-safe, and easy to diff.

Visible drift

When output changes, reviewers should be able to inspect what changed.

Principles

What deterministic review infrastructure needs.

Stable identifiers

Generated artifacts should use stable IDs so reviewers can compare the same concept across runs.

JSON-safe output

Artifacts should be serializable, inspectable, and compatible with deterministic snapshot checks.

Source fingerprints

Inputs should be traceable so reviewers can tell whether artifacts came from the same source state.

Snapshot checks

Expected output can be compared against regenerated output to detect review-surface drift.

Local execution

The default workflow should not depend on live-chain state, RPC availability, or external services.

Human-readable artifacts

Deterministic output still needs to be understandable by reviewers, not only machines.

Why it matters

Without determinism, review context becomes memory.

Security work often happens over multiple commits, reviewers, revisions, and conversations. If the review context cannot be reproduced, teams have to rely on notes and memory.

ArkheionX aims to make the context inspectable again: what source was reviewed, what assumptions were captured, what fixture output changed, and what still requires judgment.

Boundary

Deterministic does not mean correct.

A deterministic artifact can still be incomplete or wrong. Determinism makes output easier to inspect and compare; it does not replace human validation.