Approval manifests first. Methodically. Authorization executes signature verification passes, permissions validate, human coordination aligns precisely as designed. Intent crystallizes cleanly. Stakeholders reach consensus. In most systems, this represents the challenging component.
Between intent and execution exists a narrow temporal corridor where eligibility must persist. Dusk’s identity-aware execution infrastructure disregards historical decision-making. It evaluates whether invocation remains admissible when state transition actually attempts finalization. That interval proves shorter than participants anticipate.
Everything appears nominal while validity deteriorates.
Authorization logs persist. Request formatting satisfies protocol requirements. The call enters queue. Somewhere within that queue duration, scope transitions at the slot boundary while invocation remains pending. The validity window closes exactly as specified—silently, according to schedule, indifferent to incomplete workflows.
Execution arrives encountering different state truth than what human operators authorized.
No catastrophic failure occurs. No rejection resembling conventional error. The call simply ceases qualifying. Authorization didn’t fail. It expired.
Participants argue from sequencing: we authorized first. Dusk argues from state: what holds true now. No interpolation permitted. No “approximately timely” exceptions. If the boundary elapsed, it elapsed.
The call stalls in ways that don’t resemble conventional stalling. No explicit rejection. No diagnostic trace. It simply never finalizes. Externally, it appears nothing occurred.
Someone proposes, “replay the transaction.”
Someone questions whether the window was misconfigured. It wasn’t.
“Can we reuse the authorization?” “It was valid when we signed.” “Nothing material changed.”
All accurate. None operationally relevant.
Eligibility on Dusk isn’t a persistent credential carried forward. It’s the gate evaluated at execution. If it’s closed at that moment, no “nearly qualified” accommodation exists. You receive nothing. And you cannot retroactively expand scope merely to validate the argument.
So you reconstruct the moment you believed you’d surpassed.
Re-authorize. Re-verify. Re-bind to current validity window, not the one participants recall. Repetitive. Undeniably.
The most problematic aspect is the intermediate waiting period. Nobody wants to acknowledge “we’re awaiting the window” as legitimate operational state. It is.
Dusk doesn’t penalize malicious intent. It simply abandons stale intent—signed, cryptographically valid, operationally useless—until someone stops treating authorization as if it possessed enduring meaning.