stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
docs/features/checked/attestor/edge-level-attestations.md Normal file
View File

@@ -0,0 +1,39 @@
# Edge-Level Attestations (DSSE-signed per dependency edge)
## Module
Attestor
## Status
VERIFIED
## Description
Proof graph edge models with typed edges and a rich graph attestation service in Scanner for emitting per-edge attestation data.
## Implementation Details
- **Proof Graph Edge**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Graph/ProofGraphEdge.cs` -- edge model with content-addressed ID, source/target node references, and typed semantics.
- **Edge Types**: `ProofGraphEdgeType.cs` -- enum defining edge types: DependsOn, Supersedes, Aggregates, Produces, Consumes, etc.
- **Proof Graph Node**: `ProofGraphNode.cs` -- node model with `ProofGraphNodeType`.
- **Graph Service**: `InMemoryProofGraphService.cs` (with `.Mutation`, `.Queries`, `.Subgraph`) -- manages graph with per-edge operations.
- **Content-Addressed Edge IDs**: `Identifiers/ContentAddressedIdGenerator.Graph.cs` -- generates edge IDs from source+target+type content.
- **Graph Root Attestation**: `src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/GraphRootAttestor.cs` -- attests graph root including all edges.
- **DSSE Signing**: Per-edge attestations are signed via `ProofChainSigner`.
- **Note**: Scanner module (`src/Scanner/`) contains the graph attestation service that emits per-edge data; Attestor provides the models and signing.
## E2E Test Plan
- [ ] Add a DependsOn edge between two nodes via `InMemoryProofGraphService.Mutation` and verify edge ID is generated
- [ ] Add edges of different types (Supersedes, Aggregates, Produces) and verify each gets a unique typed edge ID
- [ ] Query edges by type via `InMemoryProofGraphService.Queries` and verify correct filtering
- [ ] Sign an edge attestation via `ProofChainSigner` and verify the DSSE envelope
- [ ] Attest the full graph root via `GraphRootAttestor` and verify it includes edge count and types
- [ ] Remove a node and verify all connected edges are cleaned up
- [ ] Extract a subgraph and verify only edges within the subgraph are included
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |