Skip to content

Negative Validation

A reliable execution platform is defined not only by the workloads it accepts, but also by the workloads it refuses to execute.

Forge performs canonical validation before an execution request enters the distributed runtime.

This document explains how invalid execution contracts are rejected, what a validation failure demonstrates, and why negative validation is a fundamental part of the Forge verification model.

Unlike execution failures, validation failures occur before execution begins.

No workload is planned, dispatched, or executed until the execution contract satisfies canonical validation.


Verification Objective

After completing this document you should understand:

  • why canonical validation exists
  • what constitutes an invalid execution contract
  • how validation differs from runtime execution
  • what successful negative validation proves
  • how validation protects the execution runtime

Prerequisites

Before continuing, complete:

You should already understand the normal execution lifecycle before examining validation failures.


Validation Boundary

Canonical validation is the boundary between an execution request and the execution runtime.

text
Canonical Execution Request


Canonical Validation
      ┌─────┴─────┐
      │           │
      ▼           ▼
Accepted      Rejected


Execution Runtime

Only validated execution contracts are allowed to enter the runtime.


Why Validation Exists

Canonical validation exists to ensure that every execution entering the runtime is structurally complete, internally consistent, and compatible with the selected capability.

Validation protects:

  • execution planning
  • distributed scheduling
  • primitive execution
  • artifact generation
  • replay
  • result reduction

Rejecting an invalid execution contract is considered a successful verification outcome.


Validation vs Execution

Validation and execution are independent stages.

ValidationExecution
Verifies the execution contractPerforms computation
Executes before runtimeExecutes inside runtime
Rejects invalid requestsProduces computational results
Returns validation diagnosticsReturns execution evidence

Validation failure should never be interpreted as runtime failure.


Common Validation Categories

The Canonical Execution Validator evaluates multiple aspects of an execution request before runtime admission.

Representative validation categories include:

Required Fields

Required execution fields must be present.

Examples include:

  • operation identity
  • profile
  • required arguments
  • execution policy

Profile Compatibility

Arguments must satisfy the selected execution profile.

Validation ensures that profile-specific contracts remain internally consistent.


Enumeration Validation

Fields constrained by canonical enumerations must contain supported values.

Unknown or unsupported values are rejected before execution.


Type Validation

Execution arguments must satisfy their canonical data types.

Examples include:

  • numeric values
  • boolean values
  • structured objects
  • collections

Constraint Validation

Canonical constraints are evaluated before runtime.

Representative constraints include:

  • valid probability ranges
  • supported iteration limits
  • permitted optimization objectives
  • supported artifact configuration
  • compatible execution modes

Capability Validation

Validation confirms that the requested capability exists and supports the submitted execution contract.

Capabilities are validated before planning begins.


Expected Validation Outcome

A successful negative validation demonstrates that:

  • the request was inspected
  • canonical validation was executed
  • invalid execution was rejected
  • runtime execution never began

Observable characteristics include:

  • validation response
  • validation diagnostics
  • rejected execution contract

There should be:

  • no distributed planning
  • no workload dispatch
  • no primitive execution
  • no runtime artifacts

What Negative Validation Proves

A successful validation failure demonstrates that:

  • execution boundaries are enforced
  • invalid contracts cannot enter the runtime
  • capability contracts are actively protected
  • canonical validation operates independently of execution

This is a critical property of a production execution platform.


What Negative Validation Does Not Prove

Validation should not be interpreted as evidence that:

  • the workload would have executed successfully
  • computational correctness has been verified
  • replay compatibility has been established
  • artifact generation would have succeeded

Validation only evaluates the execution contract.


Common Validation Misinterpretations

"The Runtime Failed"

A validation failure is not a runtime failure.

The workload never entered the runtime.


"The Primitive Failed"

Validation occurs before primitive selection and execution.

No primitive has executed.


"Validation Is Optional"

Canonical validation is part of the execution contract.

Every execution surface ultimately depends on the same validation boundary.


"Different Surfaces Validate Differently"

Execution surfaces may differ in user experience.

They should not differ in canonical validation behavior.

Equivalent execution contracts should receive equivalent validation outcomes.


Validation Across Execution Surfaces

Canonical validation is independent of the execution surface.

Equivalent requests submitted through:

  • Web Core API
  • Studio
  • MCP

should produce equivalent validation outcomes.

Validation belongs to the execution contract rather than the interface used to submit it.


Verification Outcome

Negative validation demonstrates that Forge protects the execution runtime by refusing invalid computational contracts before they consume execution resources.

Successful validation rejection is therefore considered a successful verification result.

A platform that only demonstrates successful execution remains partially verified.

A platform that demonstrates both successful execution and correct rejection of invalid execution contracts provides a substantially stronger verification model.


Next Steps

Continue with:


Related Documentation


Final Principle

A production execution platform is verified not only by the computations it performs, but also by the execution contracts it refuses to execute.

Canonical validation establishes the trust boundary between user intent and distributed computation.

Every accepted execution crosses that boundary.

Every rejected execution demonstrates that the boundary exists.

Deterministic execution infrastructure for distributed compute.