feat: Add DigestUpsertRequest and LockEntity models

- Introduced DigestUpsertRequest for handling digest upsert requests with properties like ChannelId, Recipient, DigestKey, Events, and CollectUntil.
- Created LockEntity to represent a lightweight distributed lock entry with properties such as Id, TenantId, Resource, Owner, ExpiresAt, and CreatedAt.

feat: Implement ILockRepository interface and LockRepository class

- Defined ILockRepository interface with methods for acquiring and releasing locks.
- Implemented LockRepository class with methods to try acquiring a lock and releasing it, using SQL for upsert operations.

feat: Add SurfaceManifestPointer record for manifest pointers

- Introduced SurfaceManifestPointer to represent a minimal pointer to a Surface.FS manifest associated with an image digest.

feat: Create PolicySimulationInputLock and related validation logic

- Added PolicySimulationInputLock record to describe policy simulation inputs and expected digests.
- Implemented validation logic for policy simulation inputs, including checks for digest drift and shadow mode requirements.

test: Add unit tests for ReplayVerificationService and ReplayVerifier

- Created ReplayVerificationServiceTests to validate the behavior of the ReplayVerificationService under various scenarios.
- Developed ReplayVerifierTests to ensure the correctness of the ReplayVerifier logic.

test: Implement PolicySimulationInputLockValidatorTests

- Added tests for PolicySimulationInputLockValidator to verify the validation logic against expected inputs and conditions.

chore: Add cosign key example and signing scripts

- Included a placeholder cosign key example for development purposes.
- Added a script for signing Signals artifacts using cosign with support for both v2 and v3.

chore: Create script for uploading evidence to the evidence locker

- Developed a script to upload evidence to the evidence locker, ensuring required environment variables are set.

tools/cosign/README.md

@@ -15,3 +15,13 @@
 - v3 DSSE blob: `cosign sign-blob --key cosign.key --predicate-type stella.ops/confidenceDecayConfig@v1 --bundle confidence_decay_config.sigstore.json decay/confidence_decay_config.yaml`
 - v3 verify: `cosign verify-blob --bundle confidence_decay_config.sigstore.json decay/confidence_decay_config.yaml`
 - To force offline fallback, export `PATH=./tools/cosign:$PATH` (ensures v2.6.0 is used).
+
+## CI / secrets
+- CI should provide a base64-encoded private key via secret `COSIGN_PRIVATE_KEY_B64` and optional password in `COSIGN_PASSWORD`.
+- Example bootstrap in jobs:
+  ```bash
+  echo \"$COSIGN_PRIVATE_KEY_B64\" | base64 -d > /tmp/cosign.key
+  chmod 600 /tmp/cosign.key
+  COSIGN_PASSWORD=\"${COSIGN_PASSWORD:-}\" cosign version
+  ```
+- For local dev, copy your own key to `tools/cosign/cosign.key` or export `COSIGN_PRIVATE_KEY_B64` before running signing scripts. Never commit real keys; only `cosign.key.example` lives in git.

tools/cosign/cosign.key.example

@@ -0,0 +1,8 @@
+# Placeholder development cosign key
+#
+# Do not use in production. Generate your own:
+#   cosign generate-key-pair
+#
+# Store the private key securely (e.g., CI secret COSIGN_PRIVATE_KEY_B64).
+#
+# This file exists only as a path stub for tooling; it is not a real key.

tools/cosign/sign-signals.sh

@@ -0,0 +1,94 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Deterministic DSSE signing helper for Signals artifacts.
+# Prefers system cosign v3 (bundle) and falls back to repo-pinned v2.6.0.
+
+ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+COSIGN_BIN="${COSIGN_BIN:-}"
+
+# Detect cosign binary (v3 preferred).
+if [[ -z "$COSIGN_BIN" ]]; then
+  if command -v /usr/local/bin/cosign >/dev/null 2>&1; then
+    COSIGN_BIN="/usr/local/bin/cosign"
+  elif command -v cosign >/dev/null 2>&1; then
+    COSIGN_BIN="$(command -v cosign)"
+  elif [[ -x "$ROOT/tools/cosign/cosign" ]]; then
+    COSIGN_BIN="$ROOT/tools/cosign/cosign"
+  else
+    echo "cosign not found; install or set COSIGN_BIN" >&2
+    exit 1
+  fi
+fi
+
+# Resolve key
+TMP_KEY=""
+if [[ -n "${COSIGN_KEY_FILE:-}" ]]; then
+  KEY_FILE="$COSIGN_KEY_FILE"
+elif [[ -n "${COSIGN_PRIVATE_KEY_B64:-}" ]]; then
+  TMP_KEY="$(mktemp)"
+  echo "$COSIGN_PRIVATE_KEY_B64" | base64 -d > "$TMP_KEY"
+  chmod 600 "$TMP_KEY"
+  KEY_FILE="$TMP_KEY"
+elif [[ -f "$ROOT/tools/cosign/cosign.key" ]]; then
+  KEY_FILE="$ROOT/tools/cosign/cosign.key"
+else
+  echo "No signing key: set COSIGN_PRIVATE_KEY_B64 or COSIGN_KEY_FILE, or place key at tools/cosign/cosign.key" >&2
+  exit 2
+fi
+
+OUT_BASE="${OUT_DIR:-$ROOT/evidence-locker/signals/2025-12-01}"
+mkdir -p "$OUT_BASE"
+
+ARTIFACTS=(
+  "decay/confidence_decay_config.yaml|stella.ops/confidenceDecayConfig@v1|confidence_decay_config"
+  "unknowns/unknowns_scoring_manifest.json|stella.ops/unknownsScoringManifest@v1|unknowns_scoring_manifest"
+  "heuristics/heuristics.catalog.json|stella.ops/heuristicCatalog@v1|heuristics_catalog"
+)
+
+COSIGN_VERSION="$($COSIGN_BIN version | head -n1)"
+USE_BUNDLE=0
+[[ "$COSIGN_VERSION" == *"v3."* ]] && USE_BUNDLE=1
+
+pushd "$ROOT/docs/modules/signals" >/dev/null
+
+SHA_FILE="$OUT_BASE/SHA256SUMS"
+: > "$SHA_FILE"
+
+for entry in "${ARTIFACTS[@]}"; do
+  IFS="|" read -r path predicate stem <<<"$entry"
+  if [[ ! -f "$path" ]]; then
+    echo "Missing artifact: $path" >&2
+    exit 3
+  fi
+
+  if (( USE_BUNDLE )); then
+    bundle="$OUT_BASE/${stem}.sigstore.json"
+    COSIGN_PASSWORD="${COSIGN_PASSWORD:-}" \
+    "$COSIGN_BIN" sign-blob \
+      --key "$KEY_FILE" \
+      --predicate-type "$predicate" \
+      --bundle "$bundle" \
+      "$path"
+    printf "%s  %s\n" "$(sha256sum "$bundle" | cut -d' ' -f1)" "$(realpath --relative-to="$OUT_BASE" "$bundle")" >> "$SHA_FILE"
+  else
+    sig="$OUT_BASE/${stem}.dsse"
+    COSIGN_PASSWORD="${COSIGN_PASSWORD:-}" \
+    "$COSIGN_BIN" sign-blob \
+      --key "$KEY_FILE" \
+      --predicate-type "$predicate" \
+      --output-signature "$sig" \
+      "$path"
+    printf "%s  %s\n" "$(sha256sum "$sig" | cut -d' ' -f1)" "$(realpath --relative-to="$OUT_BASE" "$sig")" >> "$SHA_FILE"
+  fi
+
+  printf "%s  %s\n" "$(sha256sum "$path" | cut -d' ' -f1)" "$(realpath --relative-to="$OUT_BASE" "$path")" >> "$SHA_FILE"
+done
+
+popd >/dev/null
+
+echo "Signed artifacts written to $OUT_BASE"
+
+if [[ -n "$TMP_KEY" ]]; then
+  rm -f "$TMP_KEY"
+fi

tools/zastava-upload-evidence.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+if [[ -z "${EVIDENCE_LOCKER_URL:-}" || -z "${CI_EVIDENCE_LOCKER_TOKEN:-}" ]]; then
+  echo "EVIDENCE_LOCKER_URL and CI_EVIDENCE_LOCKER_TOKEN are required" >&2
+  exit 1
+fi
+
+STAGED_DIR="evidence-locker/zastava/2025-12-02"
+TAR_OUT="/tmp/zastava-evidence.tar"
+
+test -d "$STAGED_DIR" || { echo "missing staged dir $STAGED_DIR" >&2; exit 1; }
+
+tar -cf "$TAR_OUT" -C "$STAGED_DIR" .
+
+curl --retry 3 --retry-delay 2 --fail \
+  -H "Authorization: Bearer $CI_EVIDENCE_LOCKER_TOKEN" \
+  -X PUT "$EVIDENCE_LOCKER_URL/zastava/2025-12-02/zastava-evidence.tar" \
+  --data-binary "@$TAR_OUT"
+
+echo "Uploaded $TAR_OUT to $EVIDENCE_LOCKER_URL/zastava/2025-12-02/"