Mechanism
Governed fine-tuning provenance is what results when the training governance infrastructure of the cognition filing is applied to fine-tuning: the adaptation of a pre-trained model to a specific domain, task, or deployment context. Fine-tuning is treated as ordinary governed training. Each fine-tuning example is presented to the semantic execution substrate as a proposed semantic mutation to the model's knowledge state, carries its own semantic metadata, is evaluated for admissibility, and is routed through depth-selective aggregation at the depth its profile prescribes. What distinguishes the fine-tuning case is that the semantic metadata, policy constraints, depth profiles, and admissibility determinations of the fine-tuning corpus are recorded as a governed fine-tuning provenance record that is structurally distinct from the model's pre-training provenance.
The purpose of keeping the two records distinct is to let the platform distinguish, at inference time, between model behaviors that are attributable to pre-training, namely the base model's general knowledge, and model behaviors that are attributable to fine-tuning, namely the specialized adaptation. This distinction is not asserted on faith. It is a consequence of how the content was integrated: pre-training content and fine-tuning content are integrated through distinct depth profiles, so their contributions to the model's parameters occupy distinguishable layer-block regions.
Depth-Selective Integration as the Basis for Attribution
The provenance record is meaningful only because the underlying integration is depth-governed. The depth-selective aggregation mechanism operates at each block boundary during the backward pass, scaling the gradient signal from each training example by a per-block contribution weight drawn from that example's depth profile. A weight of zero at a block prevents any gradient from the example reaching that block's parameters; a weight of one permits full flow; intermediate weights attenuate. The mechanism does not alter gradient computation or the optimizer's update rule. It governs which gradient signals reach which blocks and with what magnitude.
Because pre-training and fine-tuning content pass through distinct depth profiles, their gradient contributions land in distinguishable layer-block regions of the model. The provenance-based attribution system exploits exactly this separation: when output is generated, it resolves which parameter regions were activated during that output and reads off which provenance chain those regions belong to. The attribution is structural, grounded in the recorded routing decisions, rather than an after-the-fact statistical estimate of an example's diffuse influence.
What the Fine-Tuning Provenance Record Holds
The fine-tuning provenance record is part of the training provenance log: the training-time analog of the lineage field maintained for semantic agents, for inference processes, and for discovery traversals. For each fine-tuning batch or example, the log records the entropy band classification of the content, its slope position in the trust-slope hierarchy, the depth aggregation profile that was applied as a per-block contribution weight vector, the per-block contribution weight that actually reached each block after any dynamic adjustment, the governance record naming the policy object that authorized admission and the policy object that determined the depth profile, the content provenance record describing source and chain of custody, and the admissibility determination indicating whether the example was admitted, rejected, or admitted with a modified depth profile, with the reason for any modification or rejection.
The log is a chronologically ordered, append-only record. Each entry is timestamped, sequentially numbered, and annotated with the training epoch, iteration, and batch index at which it was generated. The append-only structure makes the log tamper-resistant: entries cannot be retroactively modified, deleted, or reordered without producing detectable inconsistencies in the sequential numbering and timestamp sequence. The log may be periodically sealed using the cryptographic sealing infrastructure disclosed in the cross-referenced governance application, producing tamper-evident checkpoints that enable third-party verification of the log's integrity.
Liability Allocation Across the Pre-Training and Fine-Tuning Boundary
The distinction between pre-training and fine-tuning provenance is described in the disclosure as critical for liability allocation in regulated deployment contexts. When a model produces an output that is challenged, for factual inaccuracy, policy violation, or harmful content, the governed provenance chain lets the platform trace the output's causal ancestry through the model's parameter structure. The trace identifies whether the output was produced by parameters primarily influenced by pre-training content, implicating the pre-training entity, or by fine-tuning content, implicating the fine-tuning entity.
This provenance-based liability attribution is what the depth-selective aggregation mechanism enables. Without distinct depth profiles for pre-training and fine-tuning content, their parameter contributions would be indistinguishable and the attribution question would be unanswerable. With distinct profiles, the contributions occupy resolvable regions, and the attribution system can assign a challenged output to the provenance chain of the regions that were active when it was produced.
Refusal as a Governed Result
Because fine-tuning is governed training, the substrate may decline to integrate a fine-tuning example. A training example that consists solely of raw content without accompanying semantic metadata cannot be evaluated and is inadmissible by default. An example whose policy constraints prohibit integration, whose entropy characteristics are incompatible with the current training phase, or whose provenance metadata fails validation may be rejected, producing a training iteration in which the model's parameters are not updated. This non-training result is a valid computational outcome, not an error condition, and it is recorded in the training provenance log as a governed event including the identity of the rejected example and the reason for rejection. The absence of an example from the adaptation is therefore auditable rather than silent.
Policy resolution carries into the fine-tuning case as well. When multiple policies apply to a single example, the substrate resolves the applicable depth profile by applying the most restrictive policy, and the resolution it performed is recorded in the log so that a post-training audit can determine which policy governed each example's depth profile.
Forward and Reverse Provenance Queries
The fine-tuning provenance log supports the same two query forms as the broader training provenance log. A forward query begins with a fine-tuning example or a class of fine-tuning content and traces the depth profile, contribution weights, and governance decisions that governed its integration, producing a record of which layer blocks the content influenced and with what magnitude. A reverse query begins with a model behavior observed at inference time and traces backward to identify the fine-tuning content whose depth profiles encompassed the layer blocks active during the observed behavior.
The disclosure is explicit that the reverse query does not definitively attribute model behavior to specific content, because the non-linear dynamics of gradient-based optimization preclude exact attribution. What it produces is a bounded attribution set: the content that was structurally permitted to influence the relevant layer blocks, a set substantially narrower than the full corpus. For compliance, this supports a definitive answer to whether a given content owner's material was used in fine-tuning, since either the content is present in the log with its provenance record, depth profile, and contribution weights, or it is absent and the log confirms its absence.
Carrying Fine-Tuning Provenance into Inference-Time Governance
The fine-tuning provenance record is made available to the inference-time semantic execution substrate, closing the governance loop between training and inference. When the inference substrate evaluates a candidate transition, it may query the training provenance log to retrieve the governance profile of the knowledge grounding that transition: the policy objects that governed the content's admission, the depth profile applied, the content provenance record, and any temporal validity constraints on the content's licensing.
The retrieved profile enriches, rather than replaces, the inference-time admissibility evaluation. If the fine-tuning content grounding a candidate transition was admitted under a policy that has since expired, the substrate may treat the transition as grounded in stale governance and apply heightened scrutiny or reject it. If the policy was revoked by the content owner, the substrate may reject the transition and generate a governance alert. If the content was admitted under a suppressed depth profile, indicating it was rights-restricted, the substrate may require attribution annotation before admitting the transition. A model fine-tuned under depth-selective governance and queried through inference-time governance therefore produces doubly governed output: governed at the point of integration and governed again at the point of emission.
Disclosure Scope
Governed fine-tuning provenance, comprising the treatment of fine-tuning as governed training in which each example is a proposed semantic mutation evaluated for admissibility and routed through depth-selective aggregation, the recording of the fine-tuning corpus's semantic metadata, policy constraints, depth profiles, and admissibility determinations as a governed fine-tuning provenance record structurally distinct from pre-training provenance, the use of distinct depth profiles to place pre-training and fine-tuning contributions in distinguishable layer-block regions, the provenance-based liability attribution that traces a challenged output's causal ancestry to the pre-training or fine-tuning entity, the recording of refusals and most-restrictive policy resolution as governed events, the forward and reverse provenance queries with their bounded attribution sets, and the carrying of fine-tuning provenance into inference-time admissibility, is disclosed in the cognition filing (U.S. Application No. 19/647,395 and its international counterpart). This article describes that disclosed mechanism. The scope expressly contemplates application to parameter-efficient fine-tuning, full-parameter fine-tuning, and adapter-based adaptation, and does not require any particular optimizer, model architecture, or sealing primitive.
