EX-IP-04-UI-TRANSLATION-SPEC.md

Status: DRAFT — NON-AUTHORITATIVE Location: docs/governance/ Date: 2026-02-09

1. Purpose & Non-Goals

• Define governance guardrails for UI representation of EX-IP-04 (Cost Estimate Inspection) states, visibility, and actions.
• UI translation MUST NOT redefine governance, invent states, or imply approval/ownership.
• This document is NOT a UI design, workflow, or backend specification.

2. State-Based Visibility Rules (Per Role)

• UI MUST display only the governance states defined in STEP-06-STATE-MACHINE-EX-IP-04.md.
• For each state, UI MUST:
  • Show only information permitted for the user's role.
  • Hide or mask information prohibited by governance (e.g., reviewer identity, internal notes).
• UI MUST NOT display:
  • Approval certainty, ownership confirmation, or progress percentages.
  • Any information not explicitly allowed by governance artefacts.

3. Allowed vs Prohibited UI Terminology

• Allowed: "Submitted", "Under verification", "Verification completed", "Registered in platform registry", "Anchoring proof available", "Settlement reference".
• Prohibited: Terms that imply automatic outcomes, real-world action taking, or ownership/approval certainty.
• Blockchain MUST be shown ONLY as: "Anchoring proof", "Settlement reference".

4. Action Visibility Constraints

• UI MUST show or enable actions only if permitted in the current governance state for the user's role.
• UI MUST hide or disable actions not allowed in the current state.
• UI MUST NOT allow or suggest actions that imply approval, confirmation, or process completion unless in a terminal state.

5. Anchoring & Settlement Display Rules

• Blockchain anchoring MUST be presented as cryptographic proof ONLY.
• Settlement MUST be shown as finalization ONLY.
• UI MUST NOT present blockchain as a validator, decision-maker, or controller.
• UI MUST NOT use action-taking language.

6. Error and Rejection Messaging Constraints

• UI MUST use neutral, non-promissory language for errors and rejections.
• UI MUST NOT attribute fault, promise timelines, or imply future approval.
• Rejection messages MUST reference governance state, not internal reasoning.

7. GDPR & Confidentiality Visibility Rules

• UI MUST restrict access to personal/confidential data based on role and governance artefacts.
• UI MUST NOT expose reviewer/inspector identities unless explicitly allowed.
• UI MUST NOT display or export confidential records unless permitted.

8. Prohibited UI Patterns

• Progress bars, timelines, or percentage completion indicators.
• Any UI element that implies approval, ownership, or guarantees.
• Display of blockchain as a process controller or validator.
• Exposure of internal notes, reviewer identities, or decision logic.

9. Implementer Validation Checklist

• [ ] All UI states match governance state machine.
• [ ] No prohibited terminology present.
• [ ] All actions are gated by governance state and role.
• [ ] Blockchain is shown as proof/settlement only.
• [ ] No progress, approval, or ownership implied.
• [ ] GDPR and confidentiality rules enforced.
• [ ] No prohibited UI patterns present.

10. UNDEFINED Items

• Any additional UI requirements not covered by governance artefacts: UNDEFINED — GOVERNANCE DECISION REQUIRED.
• Any ambiguity in state-to-UI mapping: UNDEFINED — GOVERNANCE DECISION REQUIRED.