UC-021
UC-021: Idempotency Failure Replay
Layer: C — Verifiable Receipts Threat: Session Replay
Scenario
An attacker attempts to replay a valid receipt or re-execute an already completed tool call by submitting a duplicate execution request.
Expected Behavior
- Duplicate execution request → rejected by idempotency cache
- Lamport clock monotonicity detects out-of-order attempts
- Causal PrevHash chain detects replay from different context
Pass Criteria
- Duplicate rejected (not re-executed)
- Original receipt remains valid
- No duplicate side-effect produced