Add determinism tests for verdict artifact generation and update SHA256 sums script

- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering.
- Created helper methods for generating sample verdict inputs and computing canonical hashes.
- Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics.
- Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.

docs/technical/architecture/platform-topology.md

@@ -0,0 +1,17 @@
+# Platform topology (detailed)
+
+This document provides a clean, audit-friendly view of StellaOps platform topology without relying on fragile ASCII diagrams. For module-specific details (APIs, schemas, operations), use `docs/modules/`.
+
+## Layers
+
+| Layer | Primary components | Responsibility |
+| --- | --- | --- |
+| Client | CLI, Web UI, CI/CD pipelines, runtime observers | Submit scan requests, query results, manage policy/tenancy. |
+| Gateway | Gateway.WebService | Auth enforcement, tenant routing, rate limiting, request correlation, API routing. |
+| Auth & crypto | Authority, Signer, Attestor, IssuerDirectory | Token issuance, signing, transparency/attestation workflows, issuer trust registry. |
+| Core engines | Scanner, Concelier, Excititor, Policy, Scheduler, Notify, Orchestrator | Scanning, ingestion, verdicts, orchestration, notifications, exports. |
+| Data plane | PostgreSQL, Valkey, RustFS (S3), optional NATS | Persistent state, queues/streams, artifact storage, optional alternative messaging. |
+
+## Notes
+- Module dossiers live under `docs/modules/<module>/architecture.md`.
+- Deployment defaults (ports, profile overlays, pinned digests) live under `deploy/` (`deploy/compose/`, `deploy/helm/`, `deploy/releases/`).