The new program looked stricter right away.
Not smarter. Stricter.
There was an extra field sitting in the schema now, some tightened definition, one of those institutional corrections that arrives late and pretends it was obvious the whole time. I saw it and thought: fine, good, less ambiguity. That was the easy read.
Then an older credential came through and still passed.
I went back. Opened the schema again. Opened the attestation. Closed both. Opened them again like the mistake might get embarrassed and show itself on the second try. It didn’t. On Sign, schemas are the thing that set the data structure, field types, validation rules, and versioning, while attestations are the signed records issued under those schemas. The schema registry is there precisely so those schemas can be recorded and evolved over time.
Which sounds clean until the older record is still alive inside the same evidence layer.
That’s the part people flatten into “maintenance,” and I don’t think it is. Because the newer schema can absolutely be better. More precise. Less gameable. More institution-shaped, whatever that means. But the earlier attestations do not vanish just because the issuer improved its judgment later. Sign’s indexing and retrieval layer is built to query schema and attestation data back out, which is exactly why old and new records can keep circulating together downstream.
So now the public program has a newer definition of truth and an older inventory of signed facts still moving through it.
Both verify.
And that is where the upgrade stops feeling like cleanup and starts feeling like governance.