@SignOfficial
I checked an attestation earlier that came back shorter than what was submitted.
The attester had pushed the value further out.
The credential didn’t.
Thought I pulled the wrong one.
Ran it again.
Same attestation.
Same schemaId.
Still shorter.
That didn’t sit right.
So I stayed on it.
What went in...
and what showed up...
weren’t the same.
Nothing failed.
No rejection.
No warning.
It resolved clean.
That’s when I looked at the schema again.
"maxValidFor" was lower than what was submitted.
It wasn’t rejecting the input.
It was trimming it.
I tried again.
Different attester.
Same schema.
Same result.
That’s when it clicked.
The attester isn’t defining the credential.
They’re negotiating with the schema.
And the schema decides what actually survives.
From the outside, it looks like the attester set the value.
Inside, part of it never makes it through.
No signal.
No trace.
Just a clean final state.
Two different submissions.
Same credential.
I keep coming back to this as an attester override illusion.
It looks like control sits with the issuer.
But the final shape is already bounded somewhere else.
$SIGN only matters if schema constraints like "maxValidFor" don’t silently reshape what gets submitted...
but expose that boundary clearly.
Because once inputs get altered without visibility...
the source of truth shifts.
And you don’t see it happen.
So the real question becomes this.
If part of the input never survives the schema...
what exactly are you verifying?