save checkpoint
This commit is contained in:
master
@@ -0,0 +1,32 @@
|
||||
# Deterministic VEX Resolver with Lattice Merge
|
||||
|
||||
## Module
|
||||
VexLens
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Full VEX consensus engine with lattice merge semantics, trust weight computation, and conflict resolution. Supports deterministic, commutative, idempotent, and associative merge operations.
|
||||
|
||||
## Implementation Details
|
||||
- **Consensus engine**: `src/VexLens/StellaOps.VexLens/Consensus/VexConsensusEngine.cs`, `IVexConsensusEngine.cs` -- lattice merge with deterministic, commutative, idempotent, and associative merge operations
|
||||
- **Core consensus engine**: `src/VexLens/StellaOps.VexLens/StellaOps.VexLens.Core/Consensus/VexConsensusEngine.cs`, `IVexConsensusEngine.cs` -- core consensus logic
|
||||
- **Normalizers**: `src/VexLens/StellaOps.VexLens/Normalization/CsafVexNormalizer.cs`, `CycloneDxVexNormalizer.cs`, `OpenVexNormalizer.cs`, `IVexNormalizer.cs` -- normalize CSAF, CycloneDX, and OpenVEX into unified VEX model
|
||||
- **Core normalizer**: `src/VexLens/StellaOps.VexLens/StellaOps.VexLens.Core/Normalization/VexLensNormalizer.cs`, `IVexLensNormalizer.cs`
|
||||
- **Product mapping**: `src/VexLens/StellaOps.VexLens/Mapping/ProductMapper.cs`, `ProductIdentityMatcher.cs`, `CpeParser.cs`, `PurlParser.cs` -- product identity resolution for merge
|
||||
- **Propagation engine**: `src/VexLens/StellaOps.VexLens/Propagation/PropagationRuleEngine.cs`, `IPropagationRuleEngine.cs` -- VEX statement propagation rules
|
||||
- **Condition evaluator**: `src/VexLens/StellaOps.VexLens/Conditions/ConditionEvaluator.cs`, `IConditionEvaluator.cs` -- conditional merge evaluation
|
||||
- **Proof builder**: `src/VexLens/StellaOps.VexLens/Proof/VexProofBuilder.cs`, `VexProof.cs`, `VexProofSerializer.cs` -- deterministic proof generation for merge decisions
|
||||
- **Normalized models**: `src/VexLens/StellaOps.VexLens/Models/NormalizedVexModels.cs` -- unified VEX document model
|
||||
- **Tests**: `src/VexLens/StellaOps.VexLens/__Tests/StellaOps.VexLens.Tests/E2E/VexLensPipelineDeterminismTests.cs`, `Proof/VexProofShuffleDeterminismTests.cs`, `Propagation/PropagationRuleEngineTests.cs`, `Regression/VexLensRegressionTests.cs`
|
||||
- **Golden corpus**: `src/VexLens/StellaOps.VexLens/__Tests/StellaOps.VexLens.Tests/GoldenCorpus/` -- deterministic corpus tests
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Verify lattice merge produces deterministic results regardless of input order
|
||||
- [ ] Test commutativity: merge(A,B) equals merge(B,A)
|
||||
- [ ] Test idempotency: merge(A,A) equals A
|
||||
- [ ] Test associativity: merge(merge(A,B),C) equals merge(A,merge(B,C))
|
||||
- [ ] Verify conflict resolution produces consistent outcomes
|
||||
- [ ] Run golden corpus determinism tests
|
||||
@@ -0,0 +1,27 @@
|
||||
# Trust Decay / Freshness F(e) with Configurable Tau Values
|
||||
|
||||
## Module
|
||||
VexLens
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Freshness decay with configurable tau values per source class, implementing the F(e) = exp(-delta_days/tau) formula described in the advisory.
|
||||
|
||||
## Implementation Details
|
||||
- **Trust decay service**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/TrustDecayService.cs`, `ITrustDecayService.cs` -- manages trust decay calculations
|
||||
- **Decay calculator**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/TrustDecayCalculator.cs` -- implements F(e) = exp(-delta_days/tau) formula with configurable tau per source class
|
||||
- **Trust weight engine**: `src/VexLens/StellaOps.VexLens/Trust/TrustWeightEngine.cs`, `ITrustWeightEngine.cs` -- integrates decay into trust weight computation
|
||||
- **Core trust engine**: `src/VexLens/StellaOps.VexLens/StellaOps.VexLens.Core/Trust/TrustWeightEngine.cs`, `ITrustWeightEngine.cs`
|
||||
- **VEX source trust score**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/VexSourceTrustScore.cs` -- trust score model including freshness component
|
||||
- **Trust score cache**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/InMemorySourceTrustScoreCache.cs` -- caches computed trust scores
|
||||
- **Options**: `src/VexLens/StellaOps.VexLens/Options/VexLensOptions.cs` -- configurable tau values per source class
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Verify F(e) = exp(-delta_days/tau) produces correct decay for different delta values
|
||||
- [ ] Test configurable tau per source class (vendor vs. community vs. unknown)
|
||||
- [ ] Verify decay correctly reduces trust score for stale VEX statements
|
||||
- [ ] Test fresh VEX statements maintain full trust weight
|
||||
- [ ] Verify trust score cache invalidation on new statements
|
||||
@@ -0,0 +1,28 @@
|
||||
# Trust Weight Engine with Patch Verification
|
||||
|
||||
## Module
|
||||
VexLens
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Trust weight engine with configurable weights and patch verification integration for elevated trust in backport-confirmed VEX statements.
|
||||
|
||||
## Implementation Details
|
||||
- **Trust weight engine**: `src/VexLens/StellaOps.VexLens/Trust/TrustWeightEngine.cs`, `ITrustWeightEngine.cs` -- configurable trust weight computation
|
||||
- **Core trust engine**: `src/VexLens/StellaOps.VexLens/StellaOps.VexLens.Core/Trust/TrustWeightEngine.cs`, `ITrustWeightEngine.cs`
|
||||
- **Patch verification provider**: `src/VexLens/StellaOps.VexLens/StellaOps.VexLens.Core/Trust/PatchVerificationTrustProvider.cs` -- elevates trust for VEX statements confirmed by patch/backport verification
|
||||
- **Source trust calculator**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/SourceTrustScoreCalculator.cs`, `ISourceTrustScoreCalculator.cs` -- multi-factor source trust scoring
|
||||
- **Provenance chain validator**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/ProvenanceChainValidator.cs`, `IProvenanceChainValidator.cs` -- validates provenance chain for trust elevation
|
||||
- **Signature verifier**: `src/VexLens/StellaOps.VexLens/Verification/SignatureVerifier.cs`, `ISignatureVerifier.cs` -- signature strength factor
|
||||
- **Issuer directory**: `src/VexLens/StellaOps.VexLens/Verification/InMemoryIssuerDirectory.cs`, `IIssuerDirectory.cs` -- trusted issuer registry
|
||||
- **Trust score model**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/VexSourceTrustScore.cs`
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Verify trust weight increases when patch verification confirms VEX statement
|
||||
- [ ] Test trust weight computation with different source reputation levels
|
||||
- [ ] Verify signature strength contributes to trust weight
|
||||
- [ ] Test provenance chain validation elevates trust appropriately
|
||||
- [ ] Verify configurable weight parameters adjust scoring
|
||||
36
docs/features/checked/vexlens/vex-consensus-engine.md
Normal file
36
docs/features/checked/vexlens/vex-consensus-engine.md
Normal file
@@ -0,0 +1,36 @@
|
||||
# VEX Consensus Engine
|
||||
|
||||
## Module
|
||||
VexLens
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
A multi-mode VEX consensus engine is implemented with trust-weighted scoring, conflict resolution, and persistence via dual-write consensus projection stores.
|
||||
|
||||
## Implementation Details
|
||||
- **Consensus engine**: `src/VexLens/StellaOps.VexLens/Consensus/VexConsensusEngine.cs`, `IVexConsensusEngine.cs` -- multi-mode consensus with trust-weighted scoring and conflict resolution
|
||||
- **Core consensus**: `src/VexLens/StellaOps.VexLens/StellaOps.VexLens.Core/Consensus/VexConsensusEngine.cs`, `IVexConsensusEngine.cs`
|
||||
- **Dual-write store**: `src/VexLens/StellaOps.VexLens/Storage/DualWriteConsensusProjectionStore.cs` -- writes consensus projections to both in-memory and persistent stores
|
||||
- **In-memory store**: `src/VexLens/StellaOps.VexLens/Storage/InMemoryConsensusProjectionStore.cs`
|
||||
- **Postgres store proxy**: `src/VexLens/StellaOps.VexLens/Storage/PostgresConsensusProjectionStoreProxy.cs`
|
||||
- **Postgres persistence**: `src/VexLens/StellaOps.VexLens.Persistence/Postgres/PostgresConsensusProjectionStore.cs`
|
||||
- **Persistence repository**: `src/VexLens/StellaOps.VexLens.Persistence/Repositories/ConsensusProjectionRepository.cs`, `IConsensusProjectionRepository.cs`
|
||||
- **Consensus API models**: `src/VexLens/StellaOps.VexLens/Api/ConsensusApiModels.cs` -- API request/response models
|
||||
- **Orchestration**: `src/VexLens/StellaOps.VexLens/Orchestration/ConsensusJobTypes.cs`, `IConsensusJobService.cs`, `OrchestratorLedgerEventEmitter.cs`
|
||||
- **Signal emitter**: `src/VexLens/StellaOps.VexLens/Integration/VexSignalEmitter.cs` -- emits VEX signals to downstream systems
|
||||
- **Policy integration**: `src/VexLens/StellaOps.VexLens/Integration/PolicyEngineIntegration.cs`, `IPolicyEngineIntegration.cs` -- feeds consensus into policy engine
|
||||
- **Noise gate**: `src/VexLens/StellaOps.VexLens/NoiseGate/NoiseGateService.cs`, `INoiseGate.cs`, `NoiseGateOptions.cs` -- suppresses low-signal VEX noise
|
||||
- **Metrics**: `src/VexLens/StellaOps.VexLens/Observability/VexLensMetrics.cs` -- consensus engine metrics
|
||||
- **WebService API**: `src/VexLens/StellaOps.VexLens.WebService/Program.cs`, `Extensions/VexLensEndpointExtensions.cs`, `ExportEndpointExtensions.cs`
|
||||
- **Tests**: `src/VexLens/StellaOps.VexLens/__Tests/StellaOps.VexLens.Tests/Storage/DualWriteConsensusProjectionStoreTests.cs`, `PostgresConsensusProjectionStoreProxyTests.cs`, `NoiseGate/NoiseGateServiceTests.cs`
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Verify consensus engine produces trust-weighted verdicts from multiple VEX sources
|
||||
- [ ] Test dual-write store persists to both in-memory and PostgreSQL
|
||||
- [ ] Verify conflict resolution handles contradictory VEX statements
|
||||
- [ ] Test noise gate suppresses low-confidence VEX signals
|
||||
- [ ] Verify policy engine integration receives consensus results
|
||||
- [ ] Test consensus API endpoints return valid projections
|
||||
28
docs/features/checked/vexlens/vex-merge-explanation.md
Normal file
28
docs/features/checked/vexlens/vex-merge-explanation.md
Normal file
@@ -0,0 +1,28 @@
|
||||
# VEX merge explanation
|
||||
|
||||
## Module
|
||||
VexLens
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Consensus rationale models and service expose the reasoning behind VEX merge decisions from the consensus engine.
|
||||
|
||||
## Implementation Details
|
||||
- **Rationale models**: `src/VexLens/StellaOps.VexLens/Api/ConsensusRationaleModels.cs` -- consensus rationale data models explaining merge decisions
|
||||
- **Rationale service**: `src/VexLens/StellaOps.VexLens/Api/IConsensusRationaleService.cs` -- service interface for querying merge explanations
|
||||
- **Rationale cache**: `src/VexLens/StellaOps.VexLens/Caching/IConsensusRationaleCache.cs` -- caches rationale for repeated queries
|
||||
- **Delta report**: `src/VexLens/StellaOps.VexLens/Delta/DeltaReport.cs`, `DeltaReportBuilder.cs`, `DeltaEntry.cs`, `DeltaSection.cs` -- builds reports explaining what changed between VEX merge rounds
|
||||
- **VEX delta mapper**: `src/VexLens/StellaOps.VexLens/Mapping/VexDeltaMapper.cs` -- maps delta changes to explanation models
|
||||
- **VEX delta compute**: `src/VexLens/StellaOps.VexLens/Services/VexDeltaComputeService.cs` -- computes deltas between consensus rounds
|
||||
- **Proof builder**: `src/VexLens/StellaOps.VexLens/Proof/VexProofBuilder.cs` -- includes merge reasoning in proof artifacts
|
||||
- **Tests**: `src/VexLens/__Tests/StellaOps.VexLens.Tests/Delta/DeltaReportBuilderTests.cs`, `StellaOps.VexLens/__Tests/StellaOps.VexLens.Tests/Caching/ConsensusRationaleCacheTests.cs`
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Verify rationale service explains why specific VEX status was chosen
|
||||
- [ ] Test delta report identifies changes between consensus rounds
|
||||
- [ ] Verify rationale cache returns consistent results
|
||||
- [ ] Test merge explanation includes source weights and trust scores
|
||||
- [ ] Verify proof artifacts contain merge reasoning
|
||||
@@ -0,0 +1,31 @@
|
||||
# VEX Source Trust Scoring (Confidence C(e) with Multi-Factor Scoring)
|
||||
|
||||
## Module
|
||||
VexLens
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Multi-dimensional trust scoring with Authority, Accuracy, Timeliness, Coverage, and Verification component scores. Implements the Confidence C(e) factor from the advisory with source reputation, signature strength, and evidence quality dimensions.
|
||||
|
||||
## Implementation Details
|
||||
- **Source trust score calculator**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/SourceTrustScoreCalculator.cs`, `ISourceTrustScoreCalculator.cs` -- multi-dimensional scoring: Authority, Accuracy, Timeliness, Coverage, Verification
|
||||
- **Trust score model**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/VexSourceTrustScore.cs` -- composite trust score with component breakdowns
|
||||
- **Provenance chain validator**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/ProvenanceChainValidator.cs`, `IProvenanceChainValidator.cs` -- validates evidence quality dimension
|
||||
- **Trust decay service**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/TrustDecayService.cs`, `ITrustDecayService.cs` -- timeliness factor via decay
|
||||
- **Decay calculator**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/TrustDecayCalculator.cs` -- exponential decay computation
|
||||
- **Trust score cache**: `src/VexLens/StellaOps.VexLens/Trust/SourceTrust/InMemorySourceTrustScoreCache.cs` -- caches computed multi-factor scores
|
||||
- **Signature verifier**: `src/VexLens/StellaOps.VexLens/Verification/SignatureVerifier.cs`, `ISignatureVerifier.cs` -- signature strength dimension
|
||||
- **Issuer directory**: `src/VexLens/StellaOps.VexLens/Verification/InMemoryIssuerDirectory.cs`, `IIssuerDirectory.cs` -- issuer reputation for authority dimension
|
||||
- **Trust scorecard API**: `src/VexLens/StellaOps.VexLens/Api/TrustScorecardApiModels.cs` -- API models for trust scorecard display
|
||||
- **Trust weight engine**: `src/VexLens/StellaOps.VexLens/Trust/TrustWeightEngine.cs`, `ITrustWeightEngine.cs` -- combines factors into final weight
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Verify multi-factor scoring computes Authority, Accuracy, Timeliness, Coverage, Verification components
|
||||
- [ ] Test Confidence C(e) computation with different source reputations
|
||||
- [ ] Verify signature strength contributes correctly to trust score
|
||||
- [ ] Test evidence quality dimension via provenance chain validation
|
||||
- [ ] Verify trust scorecard API returns component-level breakdowns
|
||||
- [ ] Test trust score caching and invalidation
|
||||
33
docs/features/checked/vexlens/vexlens-truth-table-tests.md
Normal file
33
docs/features/checked/vexlens/vexlens-truth-table-tests.md
Normal file
@@ -0,0 +1,33 @@
|
||||
# VexLens Truth Table Tests
|
||||
|
||||
## Module
|
||||
VexLens
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Systematic truth table tests for VEX lattice merge correctness. Comprehensive VexLatticeTruthTableTests class covers all VEX status transition combinations with 75 tests.
|
||||
|
||||
## Implementation Details
|
||||
- **Truth table tests**: `src/VexLens/__Tests/StellaOps.VexLens.Tests/Consensus/VexLatticeTruthTableTests.cs` -- 75 tests covering exhaustive truth table combinations
|
||||
- **Lattice order verification**: All 4 statuses verified in correct order (Affected=0, UnderInvestigation=1, Fixed=2, NotAffected=3)
|
||||
- **Two-statement merge**: All 16 status pair combinations (4x4 matrix) with reverse order for commutativity
|
||||
- **Commutativity**: merge(A,B) == merge(B,A) proven for 4 cross-status pairs
|
||||
- **Associativity**: merge(merge(A,B),C) == merge(A,merge(B,C)) proven for 3 triple combinations
|
||||
- **Idempotency**: merge(A,A) == A proven for all 4 statuses
|
||||
- **Weighted vote truth table**: 5 cases for majority/tie resolution + weight aggregation
|
||||
- **Highest weight truth table**: 3 cases for single highest weight selection
|
||||
- **Conflict detection**: 4 cases for conflict/no-conflict detection
|
||||
- **Outcome classification**: Unanimous, ConflictResolved, Majority, NoData
|
||||
- **Edge cases**: Single statement, empty statements, all below threshold
|
||||
- **Determinism**: Same input produces same output
|
||||
- **Source**: Feature matrix scan + QA verification run-001
|
||||
|
||||
## E2E Test Plan
|
||||
- [x] Verify all 16 two-statement lattice merge combinations produce correct most-conservative status
|
||||
- [x] Test commutativity: merge(A,B) equals merge(B,A) for all cross-status pairs
|
||||
- [x] Test idempotency: merge(A,A) equals A for all 4 statuses
|
||||
- [x] Test associativity: merge(merge(A,B),C) for triple combinations
|
||||
- [x] Verify weighted vote and highest weight modes
|
||||
- [x] Verify conflict detection and outcome classification
|
||||
Reference in New Issue
Block a user