FieldLedger · Integrity Statement · v1.0
How FieldLedger implements the Integrity Framework.
This document records how the Integrity Framework v1.0 layers and the Startvest Trust Principles are implemented in this product. Where a layer or principle is not yet implemented, this document says so and what closes the gap.
What FieldLedger sells
Operations and compliance tooling for federal contractors and construction businesses. Tiered subscriptions: Core ($149/mo), Pro ($249/mo), Plus ($399/mo). Customers pay for the tooling. Third parties (DCAA, DOL, prime contractors, IPAs) verify outputs. FieldLedger does not issue DCAA approvals, certified-payroll attestations, or any third-party certification.
The category is heavily compliance-adjacent (DCAA cost accounting, Davis-Bacon certified payroll, FAR 31.2 indirect rates, ICE I-9 tracking). All six Layer 1 vetoes apply directly.
Layer 1: pre-build vetoes
Artifact versus outcome
PASSSells the operations outcome: running a federal contractor cleanly, surviving DCAA review, hitting Davis-Bacon weekly. The WH-347, indirect rate letter, and audit-finding tracker are evidence of work, not the product. A customer who cancels still owns their underlying timecards, payroll records, and rate calculations.
Pricing tiers describe ongoing operations and compliance work, not deliverables. The SDVOSB pack is free at all tiers, deliberately, as community accountability.
Independence
PASSFieldLedger does not perform DCAA audits, issue certified payroll certifications, or attest indirect rates. The customer's IPA, DCAA, or DOL is the verifier. FieldLedger sells preparation tooling.
Hard rule.No FieldLedger feature roadmap item may include “we issue the cert” or “we attest.” Layer 1 Veto 2 fails immediately if introduced.
Verifiability
PASSDCAA-relevant outputs are mechanically computed:
- Indirect rate engine (
src/lib/indirect-rate-engine.ts). FAR 31.2 Structure A/B, deterministic, 14 ASBCA case-law tests. - Consistency enforcement (
src/lib/consistency-enforcement.ts). 19 FAR 31.105(d)(3) rules with case-law citations. - Certified payroll (
sql/2026-04-20-davis-bacon.sql). WH-347 from underlying time entries; per-employee snapshot stored. - Audit log (
FieldLedger_AuditLog). Append-only with old/new value capture per mutation.
Customer-attested fields (employee SDVOSB status, veteran status) are isolated from system-verified fields (rate calculations, hours worked, indirect cost pool totals). See Layer 2 Constraint 3 below.
AI accountability
PASS (limited scope)AI is intentionally minimal. Where present: src/lib/cpars-drafting.ts drafts FAR 15 quote evaluation responses with the Anthropic SDK. The output is marked generatedByModel in the UI and the customer reviews and edits before submission.
DCAA cost-allocation logic, indirect rate computations, audit findings, and timekeeping enforcement are deterministic. No AI in the path that produces compliance claims.
Constraint 2 commitment. Any future AI feature that could reach a customer-facing compliance claim ships with a documented review gate (reviewed_by, reviewed_at) and CI rule before merge.
Pricing-rigor alignment
PASSTier-based pricing ($149 / $249 / $399). No “unlimited audits” language. Margin scales with feature usage, not with rushed-output volume.
The TechCrunch test
PASSFederal contractor compliance is heavily scrutinized. FieldLedger's defenses:
- Public pricing, public methodology.
- ASBCA case-law citations on every consistency rule.
- Open-source-style transparency: every compliance computation traces to a stored snapshot and methodology version.
- SDVOSB-certified Startvest LLC operates the product (March 30, 2026).
Layer 2: architectural constraints
Status table for the seven framework constraints as implemented in FieldLedger.
| Constraint | Status | Implementation |
|---|---|---|
| Evidence chain integrity | IMPLEMENTED | Certified payroll → time entries (FieldLedger_TimeEntries) → timesheet periods (FieldLedger_TimesheetPeriods, electronic signature). Rate letters store full input snapshot (RateSnapshotJson). Audit log captures old/new on every mutation. |
| AI output review gates | IMPLEMENTED (narrow scope) | CPARS drafts marked generatedByModel; customer review required before submission. Where AI is not used, the gate is N/A. |
| Customer self-attestation isolation | PARTIAL | Customer-attested employee fields (SDVOSB status, veteran status) stored separately from computed fields. UI labeling needs explicit "customer-attested" badging on these fields before launch. |
| Reproducibility | PASS | MethodologyVersion column shipped on FieldLedger_RateLetters and FieldLedger_CertifiedPayrolls. METHODOLOGY_VERSION constant exported from src/lib/indirect-rate-engine.ts and wired into both write paths. Every new rate letter and every new certified payroll row stamps the methodology version at write time. A future engine bump means a new methodology version on new rows, never a silent re-stamp of historical rates. |
| Evidence retention | PARTIAL | Soft-delete on all core tables. Gap: no explicit 7-year DCAA retention policy enforced. Pending: retention rule that customer offboarding does not hard-delete rate letters, certified payroll, audit log, time entries, or audit findings. |
| Independent verification hooks | NEEDS UPDATE | Auditor-specific access via document request tracking exists. Gap: no DCAA auditor_readonly role. Add before Plus tier launches. |
| Failure transparency | IMPLEMENTED | Consistency engine reports violations in-app. Audit log captures all mutations. Default status is "open" / "failed", never "verified" on error. |
Layer 3: operational guardrails
| Guardrail | Status | Reference |
|---|---|---|
| Refund-on-failure clause | NEEDS UPDATE | Add to MSA template before launch. Draft at Startvest/contracts/MSA-refund-clause-DRAFT.md. Pro-rated refund of any month where a documented FieldLedger error in a compliance computation reached a customer-facing output. |
| Public methodology page | PASS | Live at /methodology. Versioned, changelogged. CI-enforced via HIGH-SV-METHODOLOGY-VERSIONED. |
| Annual independent audit | DEFERRED — funding-blocked | Annual independent CPA review of the indirect rate engine + certified payroll output (separate from any customer's CPA). Engagement cost is currently unfunded. Honest classification: deferred, not "scheduled." Engages once funding is secured. |
| Customer-side compliance owner | PASS | Federal contractors have CFO / Compliance Officer / Contracts Manager. Sales qualifies on first call; absence is a disqualifier. |
| Whistleblower channel | NEEDS UPDATE | Set up [email protected] (shared with ClarityLift). External counsel quarterly review. |
| Accountability community | PASS | SDVOSB community via free SDVOSB Pack at all tiers. Veterans-in-construction networks notice fakery faster than auditors. |
| Public kill criteria | PASS | Live at /service-standards. Specific thresholds for indirect-rate engine error rate, consistency-rule false-positive rate, WH-347 generation correctness, regulatory-change response window, audit-log integrity, customer trust, operational. |
Vendor scorecard
Self-assessment against the framework's standardized scorecard.
| # | Question | FieldLedger |
|---|---|---|
| 1 | Public methodology page exists? | YES — /methodology |
| 2 | Refund-on-failure clause in standard MSA? | NO. Drafted, not yet rolled into MSA. |
| 3 | Independent third-party audit, annually, with public findings? | NO. Deferred pending external funding. Engagement cost (CPA / security firm) is currently unfunded. Moves to PARTIAL once funding is secured and an engagement letter is signed; YES only after a completed cycle with public findings. |
| 4 | Per-product INTEGRITY.md in public repo? | YES. This statement. |
| 5 | AI output review gate structurally enforced? | YES. CPARS drafts carry generatedByModel; customer review required before submission. |
| 6 | Public kill criteria with specific thresholds? | YES — /service-standards |
Score: 4 YES / 0 PARTIAL / 2 NO.Row 2 is drafted and pending finalization. Row 3 is deferred pending external funding, published honestly rather than relabeling as “scheduled” or “in flight.”
Outstanding gaps
- No DCAA
auditor_readonlyrole. Add before Plus tier launch. - MSA refund-on-failure clause missing. Draft at
Startvest/contracts/MSA-refund-clause-DRAFT.md. Ship before first paid customer. - 7-year DCAA retention not enforced. Document policy and ensure offboarding path respects it.
- Customer-attested vs system-verified UI labeling. Add explicit badge to customer-attested fields (SDVOSB status, veteran status) before launch.
- Annual third-party audit deferred pending funding. Independent CPA / security firm review of the indirect rate engine and certified payroll output is required to close vendor scorecard row 3.
Each of these is named here rather than hidden. The framework treats hidden gaps as a Layer 1 Veto 3 failure.
Changelog
v1.0, dated 2026-04-25
METHODOLOGY_VERSIONwired into write paths: rate-letter issue path and certified-payroll create path. Every new rate letter and every new certified payroll now stamps the active methodology version.- Methodology version columns shipped on
FieldLedger_RateLettersandFieldLedger_CertifiedPayrolls. Layer 2 Constraint 4 (Reproducibility) flips PARTIAL to PASS. - Row 3 (annual third-party audit) reclassified as “deferred pending external funding” rather than “Q4 2026 target.” Honest framing per the framework's integrity principle.
- Methodology page and service standards page shipped. Layer 3 guardrails for “Public methodology page” and “Public kill criteria” now PASS. Vendor scorecard rows 1 and 6 flip from NO to YES. Score 2/6 to 4/6.
- Cited The Integrity Framework v1.0 in the header. Vendor scorecard self-assessment added.
- Initial INTEGRITY.md created.
audits/rules/architectural-rules.jsoninitialized with the six framework rules.
Contact
Integrity reports: [email protected]. Monitored quarterly by external counsel.
Reviewer: Tom Pinder, Founder. Next scheduled review: 2026-07-25.