feat(web): derive witness-viewer into reusable proof-inspection sections for mounted surfaces [SPRINT-031]

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docs/implplan/SPRINT_20260308_031_FE_witness_viewer_evidence_derivation.md

@@ -21,7 +21,7 @@
 ## Delivery Tracker
 
 ### FE-WVD-001 - Freeze the witness/evidence derivation contract
-Status: TODO
+Status: DONE
 Dependency: none
 Owners: Product Manager, UX
 Task description:
@@ -29,12 +29,19 @@ Task description:
 - Decide which mounted surfaces should own those capabilities, and which full-page viewer behavior should be rejected as redundant.
 
 Completion criteria:
-- [ ] Valuable witness/evidence capabilities are explicitly listed.
-- [ ] Each capability is assigned to a mounted owner surface.
-- [ ] Standalone full-page viewer behavior is either justified or rejected explicitly.
+- [x] Valuable witness/evidence capabilities are explicitly listed.
+- [x] Each capability is assigned to a mounted owner surface.
+- [x] Standalone full-page viewer behavior is either justified or rejected explicitly.
+
+Derivation contract:
+1. **VerificationSummaryComponent** - pass/fail status, confidence tier, evidence type, creation date, source. Owner: Reachability WitnessPage + Evidence PacketPage.
+2. **SignatureInspectorComponent** - algorithm, key ID, verified/unverified badge, truncated signature with copy. Owner: Reachability WitnessPage.
+3. **AttestationDetailComponent** - predicate type, subject + digests, collapsible predicate JSON. Owner: any surface with in-toto attestation data.
+4. **EvidencePayloadComponent** - raw JSON viewer with copy/download, metadata display. Owner: Reachability WitnessPage + Evidence PacketPage.
+5. **Rejected**: standalone full-page `WitnessViewerComponent` behavior. The orphan viewer's HTTP loading, full-page header, and verify-via-API features are redundant because the mounted WitnessPage already has its own API integration and the Evidence surfaces have their own verify flows.
 
 ### FE-WVD-002 - Extract reusable witness/evidence sections
-Status: TODO
+Status: DONE
 Dependency: FE-WVD-001
 Owners: Developer (FE)
 Task description:
@@ -42,12 +49,20 @@ Task description:
 - Keep the extracted units focused and composable instead of recreating the orphan full-page layout under a different name.
 
 Completion criteria:
-- [ ] Reusable witness/evidence sections exist for the approved capabilities.
-- [ ] The extracted units fit mounted pages without forcing a standalone-shell layout.
-- [ ] The old full-page witness viewer is no longer the only place those behaviors exist.
+- [x] Reusable witness/evidence sections exist for the approved capabilities.
+- [x] The extracted units fit mounted pages without forcing a standalone-shell layout.
+- [x] The old full-page witness viewer is no longer the only place those behaviors exist.
+
+Extracted sections (under `src/Web/StellaOps.Web/src/app/shared/ui/witness/`):
+- `verification-summary.component.ts` - VerificationSummaryComponent
+- `signature-inspector.component.ts` - SignatureInspectorComponent
+- `attestation-detail.component.ts` - AttestationDetailComponent
+- `evidence-payload.component.ts` - EvidencePayloadComponent
+- `witness.models.ts` - shared presentation-level models
+- `index.ts` - barrel export
 
 ### FE-WVD-003 - Adopt the extracted sections on mounted witness and evidence surfaces
-Status: TODO
+Status: DONE
 Dependency: FE-WVD-002
 Owners: Developer (FE), UX
 Task description:
@@ -55,33 +70,48 @@ Task description:
 - Use adoption to improve context continuity rather than adding one more isolated viewer entry point.
 
 Completion criteria:
-- [ ] Mounted witness/evidence flows gain the approved proof-inspection capabilities.
-- [ ] Context is preserved across reachability/evidence workflows.
-- [ ] No duplicate standalone viewer surface is introduced.
+- [x] Mounted witness/evidence flows gain the approved proof-inspection capabilities.
+- [x] Context is preserved across reachability/evidence workflows.
+- [x] No duplicate standalone viewer surface is introduced.
+
+Adopted surfaces:
+1. **Reachability WitnessPage** (`src/Web/StellaOps.Web/src/app/features/reachability/witness-page.component.*`) - Added VerificationSummary, SignatureInspector, and EvidencePayload sections below the existing Runtime Observation panel. Domain data mapped via computed signals.
+2. **Evidence PacketPage** (`src/Web/StellaOps.Web/src/app/features/evidence/evidence-packet-page.component.ts`) - Replaced the inline verify tab with composed VerificationSummary and EvidencePayload sections, improving the proof inspection flow.
 
 ### FE-WVD-004 - Verify and document the derivation
-Status: TODO
+Status: DONE
 Dependency: FE-WVD-003
 Owners: Test Automation, Documentation author
 Task description:
 - Add focused tests for the derived witness/evidence sections and document where proof verification details now live in the product.
 
 Completion criteria:
-- [ ] Focused tests cover the derived witness/evidence sections.
-- [ ] Docs explain the new owner surfaces for witness/proof inspection.
-- [ ] The orphan witness-viewer path is intentionally retired or reduced.
+- [x] Focused tests cover the derived witness/evidence sections.
+- [x] Docs explain the new owner surfaces for witness/proof inspection.
+- [x] The orphan witness-viewer path is intentionally retired or reduced.
+
+Test results: 32/32 tests passing across 4 spec files:
+- `verification-summary.component.spec.ts` - 10 tests (status variants, confidence tiers, conditional fields)
+- `signature-inspector.component.spec.ts` - 8 tests (verified/unverified cards, truncation, copy button)
+- `attestation-detail.component.spec.ts` - 6 tests (empty state, predicate type, subject digests, toggle)
+- `evidence-payload.component.spec.ts` - 8 tests (show/hide raw, copy/download, metadata)
+
+Build: Angular build succeeds with no new warnings.
 
 ## Execution Log
 | Date (UTC) | Update | Owner |
 | --- | --- | --- |
 | 2026-03-08 | Sprint created to derive the orphan witness-viewer into reusable proof-inspection sections for mounted Reachability and Evidence surfaces. | Codex |
+| 2026-03-08 | All 4 tasks completed. Extracted 4 reusable sections, adopted on WitnessPage and Evidence PacketPage, 32/32 tests pass, build clean. | Developer (FE) |
 
 ## Decisions & Risks
 - Decision target: embed proof inspection where operators already work, not as a separate full-page product island.
 - Risk: over-extracting the orphan viewer could bring layout or HTTP assumptions that do not fit the mounted flows.
 - Mitigation: freeze capabilities first, then extract only the reusable sections that serve mounted host pages.
+- Decision: the orphan `WitnessViewerComponent` is intentionally retained in `shared/ui/witness-viewer/` as-is but is now superseded by the derived sections for new adoption. No new consumers should import the orphan; existing references remain stable.
+- Decision: `AttestationDetailComponent` is extracted but not adopted on mounted surfaces yet because neither WitnessPage nor Evidence PacketPage currently have in-toto attestation data in their domain models. It is ready for adoption when attestation data flows arrive.
 
 ## Next Checkpoints
-- Freeze the witness/evidence capability map.
-- Extract reusable proof-inspection sections.
-- Adopt them into mounted Reachability and Evidence surfaces.
+- Freeze the witness/evidence capability map. DONE
+- Extract reusable proof-inspection sections. DONE
+- Adopt them into mounted Reachability and Evidence surfaces. DONE