# Review dimensions Work through all six. For each finding, record severity, location, the problem, the evidence, and a concrete fix. ## 1. Claim-evidence integrity Trace every headline number to its source and confirm it matches (see `claim-evidence-map.md`). Specifically: - The synthetic exactness taxonomy: six applications, `max_error` 0, 128-bit ciphertext sizes 262,282 / 1,310,882 / 2,621,791 bytes, 5× and 10× premiums. - The real-genome studies (Section 11): E5 mean absolute AF delta ≈ 0.0609; E6 max F_ST-like 0.1363 and 624 suppressed rows; E7 recovery rates (1.000 under min-N-20, 0.000 under freeze, 0.125 under query budget 5); E8 exact product moments and max `r2` 1.0000. Flag any value that does not match, any transposed digit, and any table whose rows disagree with its cited CSV/JSON. ## 2. Security analysis (Section 9) - Confirm the coverage matrix (Table 4) and the per-attack catalog agree: every threat in the matrix has a structured subsection, and every subsection maps to a matrix row. - Confirm every attack subsection uses the same seven-field template (Adversary, Attack, Assets at risk, Platform control, Verification hook, Status, Residual risk / evidence) and that each Status is drawn from the fixed vocabulary (Prevented / Detectable / Mitigated / Residual / Out of scope), consistently with the matrix. ## 3. Honesty and overclaiming - The real-genome studies must be framed as aggregate-only workflow demonstrations on public reference data — NOT biomedical validation or population-genetics estimates. - The F_ST-like and LD `r2` values must be labeled simplified small-panel contrasts; the E8 `r2` = 1.0000 pair must be flagged as a small-count artifact; the below-quorum E8 caveat (25 samples < floor of 30) must be present. - The certificate honesty box must state that the certificate binds artifacts and policy facts and does NOT by itself prove correct computation, correct decryption, contributor identity, or bounded output-privacy leakage. - Flag any sentence that claims more than the evidence supports. ## 4. Citation and cross-reference integrity - Every reference R1-R37 is both defined and cited, with no gaps or orphans. - Every "Section N", "Table N", and "Figure N" reference resolves to the right target; tables are numbered 1-16 and figures 1-8; the Appendix A index matches the body. ## 5. Reproducibility - The paper gives a concrete, runnable reproduction path (Appendix B); the commands exist; the open CLI, open applications, and public data are sufficient to reproduce every result without the hosted service. Optionally run the `replicate` skill and confirm the numbers. ## 6. Scope and framing - The contribution claims (Section 2) are supported and appropriately bounded. - The threat model's assumptions are stated. - The limitations are acknowledged: single keyholder, metadata leakage, output-privacy as the largest residual risk, and synthetic-plus-small-real evidence.