semi implemented and features implemented save checkpoint

docs/features/unchecked/airgap/deterministic-rekor-receipts-with-offline-verification.md

@@ -0,0 +1,25 @@
+# Deterministic Rekor Receipts with Offline Verification
+
+## Module
+AirGap
+
+## Status
+IMPLEMENTED
+
+## Description
+Offline Rekor receipt verifier validates checkpoint signatures (ECDSA/Ed25519), Merkle inclusion proofs per RFC 6962, and root hash consistency without live transparency log access. Includes TileProxy for local tile-based transparency log proxy, and mirror snapshot resolution for air-gapped deployments.
+
+## Implementation Details
+- **Rekor proof builder**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Rekor/EnhancedRekorProofBuilder.Build.cs`, `EnhancedRekorProofBuilder.Validate.cs`, `EnhancedRekorProofBuilder.cs`
+- **Rekor inclusion proof**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Rekor/RekorInclusionProof.cs`
+- **Rekor verification step**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/RekorInclusionVerificationStep.cs`
+- **Replay verification**: `src/AirGap/StellaOps.AirGap.Controller/Services/ReplayVerificationService.cs`
+- **Importer replay**: `src/AirGap/StellaOps.AirGap.Importer/Contracts/ReplayVerificationRequest.cs`, `ReplayDepth.cs`
+- **Merkle proofs**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Merkle/DeterministicMerkleTreeBuilder.Proof.cs`, `MerkleProof.cs`
+- **Source**: Feature matrix scan
+
+## E2E Test Plan
+- [ ] Verify Rekor receipt offline verification validates checkpoint signatures (ECDSA/Ed25519)
+- [ ] Test Merkle inclusion proof verification per RFC 6962
+- [ ] Test root hash consistency verification without live transparency log
+- [ ] Verify replay verification service works in air-gapped mode