diff --git a/docs/architecture/01-topology-and-trust.md b/docs/architecture/01-topology-and-trust.md
index 85a5abf..6dc8099 100644
--- a/docs/architecture/01-topology-and-trust.md
+++ b/docs/architecture/01-topology-and-trust.md
@@ -111,9 +111,10 @@ credentials.
   deploys the controller into it — injecting the controller's hub API key and its local-API
   token. The controller is the agent's product, never the other way around.
 - The **hub customer record is the durable source of truth**, and it survives box loss:
-  identity, domain, **Cloudflare tunnel token**, **PBS namespace**, **storage manifest**,
-  **declarative app inventory**, and the **escrowed (zero-knowledge) backup key**. This is
-  what makes hardware replacement possible.
+  identity, domain, **Cloudflare tunnel token**, **PBS namespace**, **storage manifest**, a
+  **mirrored app inventory** (bottom-up reality, not operator-declared intent — apps themselves
+  restore from the PBS guest snapshot, never re-deployed from this record; see `05` §1/§9), and the
+  **escrowed (zero-knowledge) backup key**. This is what makes hardware replacement possible.
 
 ---
 
@@ -217,4 +218,7 @@ credentials.
 - §7 networking: **tunnel placement resolved → host** (agent-managed systemd service); geo is
   hub-enforced (S4/S5).
 - §11 open items: removed the now-resolved **tunnel placement** and **self-update flow** entries
-  (S5; self-update designed in 03 §11).
\ No newline at end of file
+  (S5; self-update designed in 03 §11).
+- §6 durable record: **"declarative app inventory" → "mirrored app inventory"** — aligns the wording
+  with the locked two-driver model (`05` §1: apps are bottom-up mirror, never operator-declared;
+  `05` §9: apps restore from the PBS guest snapshot, not re-deployed from this record).
\ No newline at end of file