We present a certified purity architecture that converts governance enforcement in cognitive workflow systems from a runtime convention into a structural capability boundary. A prior three-layer governance architecture proves governance completeness, provenance completeness, and the impossibility of ungoverned effects, conditional on the pure module constraint: that step executors cannot perform effects. That constraint was enforced by module import graph analysis, which is insufficient against adversarial bypass on the BEAM virtual machine. This paper closes the gap through four mechanisms: (1) a restricted WebAssembly compilation target where effect-producing instructions are structurally absent; (2) purity certificates, cryptographically signed proofs binding executor binaries to their import classifications; (3) a runtime verification gate that rejects uncertified executors before they enter the governance pipeline; and (4) portable governance credentials via remote attestation for cross-organizational verification. We prove four theorems: structural purity by construction, bypass elimination for all five BEAM bypass classes, certificate integrity, and gate completeness. The guarantee holds relative to an explicit Trusted Computing Base. Evaluation on four implemented executors shows verification latency of 39--42 us, full plan cycle under 400 us, runtime overhead under 0.4% of a 100 ms HTTP request, and zero determinism divergences across repeated invocations.

翻译：我们提出一种认证纯度架构，将认知工作流系统中的治理执行从运行时约定转化为结构性边界。先前的三层治理架构证明了治理完备性、来源完备性以及不可治理效应的不可行性，但依赖于纯模块约束：即步骤执行器不得执行效果。该约束通过模块导入图分析实施，但该分析不足以抵御BEAM虚拟机上的对抗性绕过。本文通过四种机制填补此缺口：(1) 受限的WebAssembly编译目标，其中产生效果的指令在结构上被消除；(2) 纯度证书，即通过加密签名绑定了执行器二进制文件与其导入分类的证明；(3) 运行时验证门，在未认证执行器进入治理流水线前将其拒绝；以及(4) 通过远程证明实现跨组织验证的可移植治理凭证。我们证明四个定理：构造性结构纯度、所有五类BEAM绕过类别的绕过消除、证书完整性以及门的完备性。该保证基于显式的可信计算基。在四个已实现的执行器上进行的评估显示，验证延迟为39–42微秒，完整计划周期低于400微秒，运行时开销低于100毫秒HTTP请求的0.4%，且在重复调用中零确定性分歧。