save checkpoint

2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
--- a/docs/features/checked/attestor/verdict-ledger.md
+++ b/docs/features/checked/attestor/verdict-ledger.md
@@ -0,0 +1,44 @@
+# Verdict Ledger (Append-Only Store)
+
+## Module
+Attestor
+
+## Status
+VERIFIED
+
+## Description
+Append-only verdict ledger for tamper-evident storage of all verdict decisions with hash chain integrity.
+
+## Implementation Details
+- **Verdict Ledger Entity**: `src/Attestor/__Libraries/StellaOps.Attestor.Persistence/Entities/VerdictLedgerEntry.cs` -- persisted ledger entry with verdict decision, subject digest, timestamp, and previous entry hash for chain integrity.
+- **IVerdictLedgerRepository**: `Persistence/Repositories/IVerdictLedgerRepository.cs` -- repository interface for append-only verdict storage (append, query by subject, verify chain integrity).
+- **PostgresVerdictLedgerRepository**: `Persistence/Repositories/PostgresVerdictLedgerRepository.cs` -- PostgreSQL implementation with append-only semantics enforced by database constraints and hash chain verification.
+- **Verdict Receipt Payload**: `__Libraries/StellaOps.Attestor.ProofChain/Statements/VerdictReceiptPayload.cs` -- payload stored in the ledger containing the full verdict decision context.
+- **Verdict Receipt Statement**: `Statements/VerdictReceiptStatement.cs` -- in-toto statement wrapping the verdict receipt.
+- **Verdict Decision**: `Statements/VerdictDecision.cs` -- the decision record (PASS/FAIL/WARN) with reasoning and policy reference.
+- **Verdict Inputs**: `Statements/VerdictInputs.cs` -- captured inputs that drove the verdict.
+- **Verdict Outputs**: `Statements/VerdictOutputs.cs` -- outputs/actions from the verdict.
+- **Trust Verdict Repository**: `__Libraries/StellaOps.Attestor.TrustVerdict/Persistence/ITrustVerdictRepository.cs` -- repository for trust-scored verdicts with `PostgresTrustVerdictRepository.cs` (with `.Store`, `.GetById`, `.Query`, `.Delete`, `.Stats`).
+- **Trust Verdict Entity**: `TrustVerdict/Persistence/TrustVerdictEntity.cs` -- persisted trust verdict with scoring data.
+- **Trust Verdict Stats**: `TrustVerdict/Persistence/TrustVerdictStats.cs` -- aggregate statistics over the verdict ledger.
+- **Tests**: `__Tests/StellaOps.Attestor.Persistence.Tests/`
+
+## E2E Test Plan
+- [ ] Append a verdict to the ledger via `PostgresVerdictLedgerRepository` and verify it is persisted with a hash linking to the genesis entry
+- [ ] Append 5 verdicts sequentially and verify each entry's previous hash points to the prior entry, forming a valid hash chain
+- [ ] Query verdicts by subject digest and verify only matching entries are returned in chronological order
+- [ ] Verify append-only: attempt to update or delete an existing ledger entry and confirm the operation is rejected
+- [ ] Verify chain integrity: tamper with one entry's hash in the database and call chain verification; confirm the break is detected
+- [ ] Store and retrieve a `VerdictReceiptPayload` with full inputs, decision, and outputs; verify round-trip fidelity
+- [ ] Query `TrustVerdictStats` and verify aggregate counts (total verdicts, pass/fail/warn breakdown)
+- [ ] Append verdicts concurrently from multiple threads and verify all are persisted with valid hash chain ordering
+
+## Verification
+
+| Check | Result |
+|-------|--------|
+| Tier 0 - Source Verification | PASS |
+| Tier 1 - Build + Code Review | PASS |
+| Tier 2 - Behavioral Verification | PASS |
+| Verified Date | 2026-02-13 |
+| Run ID | run-001 |