From c389cc65b48ece9ae2963890502e0316aa27ee23 Mon Sep 17 00:00:00 2001
From: strantalis <strantalis@virtru.com>
Date: Mon, 16 Jun 2025 20:16:26 -0400
Subject: [PATCH 1/3] fix: set consistent system metadata id and schema

---
 sdk/assertion.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sdk/assertion.go b/sdk/assertion.go
index 0985348b05..ab0d95bb3e 100644
--- a/sdk/assertion.go
+++ b/sdk/assertion.go
@@ -315,13 +315,13 @@ func GetSystemMetadataAssertionConfig() (AssertionConfig, error) {
 	}
 
 	return AssertionConfig{
-		ID:             "default-assertion",
+		ID:             "system-metadata",
 		Type:           BaseAssertion,
 		Scope:          PayloadScope,
 		AppliesToState: Unencrypted,
 		Statement: Statement{
 			Format: "json",
-			Schema: "metadata",
+			Schema: "system-metadata-v1",
 			Value:  string(metadataJSON),
 		},
 	}, nil

From 99bdf619a8409a7e1415e3e86b412c44e007bded Mon Sep 17 00:00:00 2001
From: strantalis <strantalis@virtru.com>
Date: Mon, 16 Jun 2025 21:46:02 -0400
Subject: [PATCH 2/3] fix test

---
 sdk/tdf_test.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sdk/tdf_test.go b/sdk/tdf_test.go
index 57bad36f71..dd6f2a1f68 100644
--- a/sdk/tdf_test.go
+++ b/sdk/tdf_test.go
@@ -524,7 +524,7 @@ func (s *TDFSuite) Test_SystemMetadataAssertions() {
 
 	found := false
 	for _, assertion := range assertions {
-		if assertion.ID == "default-assertion" { // Ensure `ID` exists
+		if assertion.ID == "system-metadata" { // Ensure `ID` exists
 			found = true
 
 			// Validate JSON in Statement.Value
@@ -540,7 +540,7 @@ func (s *TDFSuite) Test_SystemMetadataAssertions() {
 			s.Equal(runtime.Version(), metadata["go_version"], "go_version mismatch")
 		}
 	}
-	s.True(found, "Default assertion not found")
+	s.True(found, "System metadata assertion not found")
 }
 
 func (s *TDFSuite) Test_TDF_KAS_Allowlist() {

From 23d904450b5b8e3dc715efb0dd78e8868b0fbecc Mon Sep 17 00:00:00 2001
From: strantalis <strantalis@virtru.com>
Date: Tue, 17 Jun 2025 09:34:28 -0400
Subject: [PATCH 3/3] add const

---
 sdk/assertion.go | 9 +++++++--
 sdk/tdf_test.go  | 2 +-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/sdk/assertion.go b/sdk/assertion.go
index ab0d95bb3e..6c1efde4cf 100644
--- a/sdk/assertion.go
+++ b/sdk/assertion.go
@@ -13,6 +13,11 @@ import (
 	"github.com/opentdf/platform/lib/ocrypto"
 )
 
+const (
+	SystemMetadataAssertionID = "system-metadata"
+	SystemMetadataSchemaV1    = "system-metadata-v1"
+)
+
 // AssertionConfig is a shadow of Assertion with the addition of the signing key.
 // It is used on creation
 type AssertionConfig struct {
@@ -315,13 +320,13 @@ func GetSystemMetadataAssertionConfig() (AssertionConfig, error) {
 	}
 
 	return AssertionConfig{
-		ID:             "system-metadata",
+		ID:             SystemMetadataAssertionID,
 		Type:           BaseAssertion,
 		Scope:          PayloadScope,
 		AppliesToState: Unencrypted,
 		Statement: Statement{
 			Format: "json",
-			Schema: "system-metadata-v1",
+			Schema: SystemMetadataSchemaV1,
 			Value:  string(metadataJSON),
 		},
 	}, nil
diff --git a/sdk/tdf_test.go b/sdk/tdf_test.go
index dd6f2a1f68..2995eca9de 100644
--- a/sdk/tdf_test.go
+++ b/sdk/tdf_test.go
@@ -524,7 +524,7 @@ func (s *TDFSuite) Test_SystemMetadataAssertions() {
 
 	found := false
 	for _, assertion := range assertions {
-		if assertion.ID == "system-metadata" { // Ensure `ID` exists
+		if assertion.ID == SystemMetadataAssertionID { // Ensure `ID` exists
 			found = true
 
 			// Validate JSON in Statement.Value