Source Code Access & Review Process

Private repository access is restricted to protect issuer data, but reviewers receive structured entry points: sanitized module excerpts, build metadata, and a documented request workflow.

Request repository access Preview core module Verify build metadata

Why the Git repository is private

Client filings: Working papers reference non-public registrant data extracted from PCAOB engagements.
PII in audit logs: Reviewer and engagement-team identifiers are embedded in several test fixtures.
Export-controlled research: PDE tooling includes Laplace-domain extensions currently under peer review.

Because of those constraints, all public links now direct here instead of throwing a 404 on GitHub. Reviewers still receive the same evidence, just via controlled delivery.

Access request workflow

Email nirvanchitnis@gmail.com with your organization, review scope, and deadline.
NDA acknowledgement (one-page). Turnaround < 1 business day.
Delivery: a read-only Git bundle + SHA256 checksum, plus optional Zoom walkthrough.
Revocation: bundles expire after 30 days unless an extension is requested.

Reviewers from audit firms have already been onboarded; referencing the engagement code in your email lets us reuse the approval.

Sanitized module excerpts

The most frequently cited file (src/graph/incidence.py) now has a static HTML snapshot so reviewers can confirm the discrete conservation logic without cloning the repo.

Graph incidence matrix builder

Implements the signed posting matrix \(P\), validates 1ᵀP = 0, and exposes sparse CSR representations for downstream PDE mappings.

Open sanitized file →

Future snapshots

Additional modules (Laplace solvers, empirical validators) can be exported on request. Mention the path(s) you need when emailing.

Build metadata

Current release tag: acf-v2.3.0 (November 2025)
Commit hash: f7f0b0b05d500a3149f6b539f84ac7ea0660a7b6 (available in every bundle manifest)
Verifier: Reproducibility suite (tests/test_equity_bridge.py, tests/test_leverage_identity.py)

When you receive a bundle you can run git fsck and compare the SHA above to the manifest entry. All artifacts also include a BUILD.md file summarizing the dependency freeze.

Contact

Questions about access, or requests for additional sanitized excerpts, can be directed to nirvanchitnis@gmail.com. Feel free to include reviewers on CC so we can respond in one thread.