## Purpose Implement BearBrowser support for SourceOS Mutation and Evidence Accountability, anchored to SourceOS spec PR #96: https://github.com/SourceOS-Linux/sourceos-spec/pull/96 ## Required behavior BearBrowser must emit browser write accountability receipts that distinguish: - browser core profile state; - history / Places-style storage; - favicons; - cookies and permissions; - session restore; - per-origin storage; - service-worker/cache state; - download/cache writes; - sync state; - extension storage; - hidden/system/policy add-ons; - diagnostics; - profile repair or migration. ## No-visible-extension guardrail If `extension_inventory_state=none_visible`, the browser must not attribute write pressure primarily to extension storage unless hidden/system/policy add-on evidence is attached. ## Acceptance criteria - A write-pressure event emits a receipt with actor chain, object/path class, operation, resource cost, policy, evidence quality, and causal parent fields. - The receipt can represent `browser_actor_class` and `extension_inventory_state`. - Missing database path/origin/extension evidence downgrades evidence quality. - Tests include a no-visible-extension fixture and reject extension-primary attribution without evidence.