Why this example exists
This article is intentionally small. It is not here to sell a single investigation subject. It is here to show how Ithildin handles the infrastructure problem: hosted evidence artifacts, metadata-only records, and finding-level provenance in one reader-facing flow.
The core pattern is a deniable procurement corridor. A thin Florida vehicle appears during the key shortlist window, a UK advisory entity sits behind the services layer, and a single intermediary keeps the handoff legible only when multiple source classes are combined 1.
Mixed inspectability is the normal case
The easiest systems to demo are the ones where every source is public and clean. Investigative infrastructure is rarely that tidy. In this case, Ithildin hosts inspectable excerpts of the Florida formation record 2 and procurement packet 3 so the portfolio demo stays reviewable without pointing a synthetic case study at unrelated live records. A hosted minute excerpt 4 shows the same pattern for internal document handling. A reporting memo 5 is not publicly inspectable, so the system falls back to a source record that exposes provenance, locator, excerpt, and every public use.
That is the point of the source-record layer: keep evidence accountable even when the artifact itself cannot be published 6.
What the demo demonstrates
Harbor Ledger's dossier shows the entity-level path from formation timing to procurement narrative 7, 8. Lina Ortega's dossier shows the human intermediary path, including where the record is public and where it is only metadata-rich 9, 10. Together they demonstrate why investigative tooling needs more than a link checker. It needs explicit evidence classes, occurrence tracking, and UI that does not pretend a metadata-only record is the same thing as an open public document.