stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
docs/features/unchecked/scanner/claim-id-generator-for-static-runtime-linkage.md Normal file
View File

@@ -0,0 +1,34 @@
# Claim ID Generator for Static-Runtime Linkage
## Module
Scanner
## Status
IMPLEMENTED
## Description
Deterministic claim ID generator using format `claim:<artifact-digest>:<path-hash>` to link runtime observations to static reachability claims, with ObservationType enum (Static/Runtime/Confirmed).
## Implementation Details
- **Claim ID Generator**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/ClaimIdGenerator.cs` - Generates deterministic claim IDs in `claim:<artifact-digest>:<path-hash>` format
- **Observation Type**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/ObservationType.cs` - `ObservationType` enum (Static/Runtime/Confirmed)
- **Path Witness Integration**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/PathWitness.cs` - PathWitness model carries claim IDs for static-runtime linkage
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/PathWitnessBuilder.cs` - Builder sets claim IDs during witness construction
- **Runtime Witness**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/RuntimeWitnessRequest.cs` - Runtime witness request carrying claim IDs
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/RuntimeWitnessPredicateTypes.cs` - Predicate types for runtime witnesses
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/IRuntimeWitnessGenerator.cs` - Interface for runtime witness generation
- **Claim Verification**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/FunctionMap/Verification/ClaimVerifier.cs` - Verifies claim IDs match between static and runtime evidence
- `src/Scanner/__Libraries/StellaOps.Scanner.Reachability/FunctionMap/Verification/IClaimVerifier.cs` - Interface
## E2E Test Plan
- [ ] Scan an image and verify claim IDs are generated in `claim:<artifact-digest>:<path-hash>` format for each reachability path
- [ ] Verify the same scan produces identical claim IDs deterministically
- [ ] Submit runtime observation data with claim IDs and verify linkage to static reachability claims
- [ ] Verify `ClaimVerifier` validates matching claim IDs between static and runtime evidence
- [ ] Verify ObservationType transitions from Static to Confirmed when runtime evidence matches
- [ ] Verify mismatched claim IDs are rejected by the verifier with appropriate error