How to source-attribute every commercial claim your company makes

Every claim your company makes arrived somehow — a price the deal desk approved, a competitor gap scraped off a review site, a proof point an AI inferred from three old decks. The person who owns positioning is asked a deceptively simple question by Counsel and the deal desk alike: which of these did we actually verify? For most teams the honest answer is that the document does not say.

The Commercial Truth manifesto argues that marketing has never had the infrastructure other functions inherited decades ago — no equivalent of the source documents behind an audited ledger, no rules of evidence for what a claim is allowed to assert. Source attribution is how you build that record. Done right, it does not slow the team down; it removes the recurring scramble to reconstruct provenance after the fact.

This is a how-to, because the conventional version of the answer is wrong in a way that quietly fails the moment you scale it.

Why tagging finished copy does not scale

The instinct is to attribute claims where you see them: in the deck, in the one-pager, in the email the AI just drafted. A reviewer reads the asset, checks each line against an approved-claims document, and signs it off. This is the model behind most claim-checking tools, and it works for one asset on one afternoon.

It collapses at scale for a structural reason. The same claim — we integrate with that platform, our enterprise tier is priced here, we are faster on this benchmark — does not live in one place. It lives in dozens of decks, hundreds of emails, and a growing number of AI agent prompts that regenerate copy on demand.

Re-checking each copy is quadratic work. Every new surface multiplies the attribution burden, and agents now generate claims at machine speed faster than any review queue can keep pace. You are tagging the output of a process when you should be tagging the input.

The substrate-level approach: attribute the claim, not the document

The fix is to move attribution one layer earlier. Instead of a string of text you inspect in finished copy, the claim becomes a first-class object in a typed knowledge graph — a node that carries its own origin and its own confidence, independent of any document that quotes it.

Two primitives make this work: a source type, the category recording how the claim arrived, and a confidence ceiling, the maximum score a claim from that origin is ever allowed to reach. Source: Assay’s canonical source-type vocabulary (d09).

The canonical set is six types, each with an explicit ceiling.

Source: Assay’s source-type vocabulary (d09).

The rule that makes attribution load-bearing is one line: final_confidence = min(source_ceiling, computed_score). An AI extraction from a board-approved source inherits the 1.00 ceiling; the same extraction from a third-party blog caps at 0.60. The number that ships is governed by how the claim was obtained, not by how certain the last system to touch it sounded.

Seven steps to attribute claims at scale

1. Decompose your surfaces into claims. Pull the recurring assertions out of decks, battlecards, and product pages — pricing, integrations, proof points, competitive lines. The unit of attribution is the claim, not the file. Each becomes a node.

2. Assign a source type to every claim. For each one, ask the only question that matters: how did this arrive? A human entering and a human checking is first-party verified; a customer email is second-party; a figure from an analyst report is third-party; a guess an AI made from old docs is AI-imported.

3. Apply the ceiling, not the model’s self-report. Compute confidence however you like, then bound it: final_confidence = min(source_ceiling, computed_score). A model reporting 0.95 on an inference it could not source still caps at 0.50. Source: source-type vocabulary (d09).

4. Keep the lookup table data-driven. Store the ceilings in a config table, not hardcoded in branching logic. In Assay’s implementation the continuity rule reads ceilings from lib/spine/source-type-ceilings.ts, so adding a source type is a one-row change rather than a code rewrite. Source: source-type vocabulary (d09).

5. Make verification an explicit, audited event. A claim moves from unverified to verified only when a known reviewer checks it — logged with who and when. Promotion is a recorded act, not a default that creeps upward on its own.

6. Wire attribution into propagation. When a claim updates, its dependents should be flagged so the new provenance reaches every surface that quotes it. This is the difference between attributing once and re-attributing forever.

7. Add a standing breach check. Run a query that returns every claim whose confidence exceeds its source ceiling — SELECT * FROM nodes WHERE confidence_score > source_ceiling(source_type) — and require it to return zero rows. Source: source-type vocabulary (d09).

What good looks like

When this lands, the document no longer has to remember anything. Ask which of these claims did we verify, and the answer is a query, not a meeting. Every surface that quotes a claim — a deck, a proposal, an AI SDR’s outbound — inherits the same provenance and the same ceiling without anyone re-checking the copy.

Assay runs its own commercial canon this way, which is the only honest test of the method — and the numbers below are approximate, regenerated from the live database before publication. As of a 2026-05-27 snapshot, the canon held roughly 700 typed nodes; about 60% were first-party verified and about 25% first-party unverified, with the remainder spread across second-party, third-party, and AI-derived types. Source: Assay’s dogfood-loop case study.

Propagation is observable, not theoretical. When one positioning node (POS-05) was reworded that day, the cascade flagged 14 downstream nodes — manifesto copy, positioning, website sections, product canon, pricing copy, and several expression variants — and a single founder decision resolved all 14 in one pass. Source: Assay’s dogfood-loop case study.

Anti-patterns to avoid

Trusting the model’s confidence as the score. A model’s self-reported certainty is precisely the thing a ceiling exists to bound. Without the ceiling, “the AI was confident” silently overrides “a human verified it” — the exact failure an audit surfaced when an extraction overwrote a higher-authority source because the continuity rule did not fire on the AI-derived type. Source: source-type vocabulary decision (d09).

Letting attribution be a convention rather than a constraint. A norm that reviewers are supposed to follow will drift the first busy quarter. Enforce the ceiling at the schema, with the breach check above, so a violation is a bug the system catches rather than a habit it tolerates.

Rounding origin up under pressure. An inference that would help the deal is still an inference; tag it AI-imported at 0.50 and require a human to verify before it crosses into customer-facing copy. The discipline is the value, and consistency beats brilliance precisely because the boring claim that is correct outperforms the confident one that is not.

Closes / opens

Closes the dogfood-loop cluster (LSO §F.20): the method for source-attributing claims at scale is to type the claim, cap it by origin, and enforce the cap at the schema — proven on the canon that runs Assay itself. Opens the operator question: of the claims your company makes today, what share could you assign a source type to right now, and what share are confident guesses no one has ever checked?

The methodology Assay is developing for the Commercial Truth Index scores vendors partly on exactly this — the source-type distribution of everything they publish, and whether their confidence numbers respect a ceiling at all. A confidence score that ignores its own provenance is decoration; one capped by how the claim was obtained is evidence.

This essay is grounded in Assay’s source-type vocabulary (d09) and the dogfood-loop case study. Methodology for the Commercial Truth Index is in development.