stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
docs/features/unchecked/attestor/verdict-ledger.md Normal file
View File

@@ -0,0 +1,34 @@
# Verdict Ledger (Append-Only Store)
## Module
Attestor
## Status
IMPLEMENTED
## Description
Append-only verdict ledger for tamper-evident storage of all verdict decisions with hash chain integrity.
## Implementation Details
- **Verdict Ledger Entity**: `src/Attestor/__Libraries/StellaOps.Attestor.Persistence/Entities/VerdictLedgerEntry.cs` -- persisted ledger entry with verdict decision, subject digest, timestamp, and previous entry hash for chain integrity.
- **IVerdictLedgerRepository**: `Persistence/Repositories/IVerdictLedgerRepository.cs` -- repository interface for append-only verdict storage (append, query by subject, verify chain integrity).
- **PostgresVerdictLedgerRepository**: `Persistence/Repositories/PostgresVerdictLedgerRepository.cs` -- PostgreSQL implementation with append-only semantics enforced by database constraints and hash chain verification.
- **Verdict Receipt Payload**: `__Libraries/StellaOps.Attestor.ProofChain/Statements/VerdictReceiptPayload.cs` -- payload stored in the ledger containing the full verdict decision context.
- **Verdict Receipt Statement**: `Statements/VerdictReceiptStatement.cs` -- in-toto statement wrapping the verdict receipt.
- **Verdict Decision**: `Statements/VerdictDecision.cs` -- the decision record (PASS/FAIL/WARN) with reasoning and policy reference.
- **Verdict Inputs**: `Statements/VerdictInputs.cs` -- captured inputs that drove the verdict.
- **Verdict Outputs**: `Statements/VerdictOutputs.cs` -- outputs/actions from the verdict.
- **Trust Verdict Repository**: `__Libraries/StellaOps.Attestor.TrustVerdict/Persistence/ITrustVerdictRepository.cs` -- repository for trust-scored verdicts with `PostgresTrustVerdictRepository.cs` (with `.Store`, `.GetById`, `.Query`, `.Delete`, `.Stats`).
- **Trust Verdict Entity**: `TrustVerdict/Persistence/TrustVerdictEntity.cs` -- persisted trust verdict with scoring data.
- **Trust Verdict Stats**: `TrustVerdict/Persistence/TrustVerdictStats.cs` -- aggregate statistics over the verdict ledger.
- **Tests**: `__Tests/StellaOps.Attestor.Persistence.Tests/`
## E2E Test Plan
- [ ] Append a verdict to the ledger via `PostgresVerdictLedgerRepository` and verify it is persisted with a hash linking to the genesis entry
- [ ] Append 5 verdicts sequentially and verify each entry's previous hash points to the prior entry, forming a valid hash chain
- [ ] Query verdicts by subject digest and verify only matching entries are returned in chronological order
- [ ] Verify append-only: attempt to update or delete an existing ledger entry and confirm the operation is rejected
- [ ] Verify chain integrity: tamper with one entry's hash in the database and call chain verification; confirm the break is detected
- [ ] Store and retrieve a `VerdictReceiptPayload` with full inputs, decision, and outputs; verify round-trip fidelity
- [ ] Query `TrustVerdictStats` and verify aggregate counts (total verdicts, pass/fail/warn breakdown)
- [ ] Append verdicts concurrently from multiple threads and verify all are persisted with valid hash chain ordering