stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
docs/features/checked/attestor/auto-vex-drafting-attestation.md Normal file
View File

@@ -0,0 +1,38 @@
# Auto-VEX Drafting Attestation
## Module
Attestor
## Status
VERIFIED
## Description
VEX draft generation attestation types for AI-generated VEX statements with justifications, enabling lattice-aware merge preview.
## Implementation Details
- **AIVexDraftPredicate**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Predicates/AI/AIVexDraftPredicate.cs` -- extends `AIArtifactBasePredicate` with VEX-specific draft fields.
- **AIVexStatementDraft**: `AIVexStatementDraft.cs` -- individual VEX statement draft with status, justification, and product/vulnerability references.
- **AIVexJustification**: `AIVexJustification.cs` -- AI-generated justification for VEX status decisions.
- **Classifier Integration**: `AIAuthorityClassifier.VexDraft.cs` and `AIAuthorityClassifier.VexDraftScore.cs` -- classifies VEX drafts into Suggestion/EvidenceBacked/AuthorityThreshold.
- **Statement**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AIVexDraftStatement.cs` -- wraps VEX draft as in-toto statement.
- **VEX Predicate**: `__Libraries/StellaOps.Attestor.ProofChain/Predicates/VexPredicate.cs` -- base VEX predicate. `VexAttestationPredicate.cs` -- VEX attestation predicate.
- **VEX Override System**: `src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/VexOverride/` -- `VexOverridePredicateBuilder.cs` (with `.Build`, `.Serialize`, `.WithMethods`), `VexOverridePredicateParser.cs` (with multiple partials) for building and parsing VEX overrides.
- **VEX Proof Integration**: `__Libraries/StellaOps.Attestor.ProofChain/Generators/VexProofIntegrator.cs` (with `.Helpers`, `.Metadata`) and `VexVerdictProofPayload.cs` -- integrates VEX drafts into the proof chain.
## E2E Test Plan
- [ ] Create an `AIVexDraftPredicate` with multiple `AIVexStatementDraft` entries (not_affected, affected, under_investigation) and verify JSON serialization preserves all fields
- [ ] Create a VEX draft with `AIVexJustification` containing evidence citations and classify via `AIAuthorityClassifier.VexDraft`, verifying EvidenceBacked authority when citations are sufficient
- [ ] Wrap the VEX draft in `AIVexDraftStatement` and verify it produces a valid in-toto statement with correct predicate type
- [ ] Build a `VexOverridePredicate` from an AI-generated draft via `VexOverridePredicateBuilder` and verify the override captures the draft's justification
- [ ] Parse a serialized VEX override via `VexOverridePredicateParser` and verify all fields round-trip correctly
- [ ] Integrate a VEX draft into the proof chain via `VexProofIntegrator` and verify the proof payload contains the draft evidence
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |