# SPRINT_4300 MOAT HARDENING: Verdict Attestation & Epistemic Mode ## Topic & Scope - Coordinate Moat 5/4 initiatives for verdict attestations and epistemic/air-gap workflows. - Track delivery across the five moat-focused sprints in this series. - Provide a single reference for decisions, dependencies, and risks. - **Working directory:** `docs/implplan`. ## Dependencies & Concurrency - Depends on ProofSpine + VerdictReceiptStatement readiness. - All child sprints can run in parallel; coordination required for shared CLI and attestor contracts. ## Documentation Prerequisites - `docs/README.md` - `docs/07_HIGH_LEVEL_ARCHITECTURE.md` - `docs/modules/platform/architecture-overview.md` - 19-Dec-2025 advisory referenced in the Program Overview. ## Program Overview | Field | Value | |-------|-------| | **Program ID** | 4300 (Moat Series) | | **Theme** | Moat Hardening: Signed Verdicts & Epistemic Operations | | **Priority** | P0-P1 (Critical to High) | | **Total Effort** | ~9 weeks | | **Advisory Source** | 19-Dec-2025 - Stella Ops candidate features mapped to moat strength | --- ## Strategic Context This sprint program addresses the highest-moat features identified in the competitive analysis advisory. The goal is to harden StellaOps' structural advantages in: 1. **Signed, replayable risk verdicts (Moat 5)** — The anchor differentiator 2. **Unknowns as first-class state (Moat 4)** — Governance primitive 3. **Air-gapped epistemic mode (Moat 4)** — Reproducibility moat --- ## Sprint Breakdown ### P0 Sprints (Critical) | Sprint ID | Title | Effort | Moat | |-----------|-------|--------|------| | 4300_0001_0001 | OCI Verdict Attestation Referrer Push | 2 weeks | 5 | | 4300_0001_0002 | One-Command Audit Replay CLI | 2 weeks | 5 | **Outcome**: Verdicts become portable "ship tokens" that can be pushed to registries and replayed offline. ### P1 Sprints (High) | Sprint ID | Title | Effort | Moat | |-----------|-------|--------|------| | 4300_0002_0001 | Unknowns Budget Policy Integration | 2 weeks | 4 | | 4300_0002_0002 | Unknowns Attestation Predicates | 1 week | 4 | | 4300_0003_0001 | Sealed Knowledge Snapshot Export/Import | 2 weeks | 4 | **Outcome**: Uncertainty becomes actionable through policy gates and attestable for audits. Air-gap customers get sealed knowledge bundles. --- ## Related Sprint Programs | Program | Theme | Moat Focus | |---------|-------|------------| | **4400** | Delta Verdicts & Reachability Attestations | Smart-Diff, Reachability | | **4500** | VEX Hub & Trust Scoring | VEX Distribution Network | | **4600** | SBOM Lineage & BYOS | SBOM Ledger | --- ## Dependency Graph ``` SPRINT_4300_0001_0001 (OCI Verdict Push) │ ├──► SPRINT_4300_0001_0002 (Audit Replay CLI) │ └──► SPRINT_4400_0001_0001 (Signed Delta Verdict) SPRINT_4300_0002_0001 (Unknowns Budget) │ └──► SPRINT_4300_0002_0002 (Unknowns Attestation) SPRINT_4300_0003_0001 (Sealed Snapshot) │ └──► [Standalone, enables air-gap scenarios] ``` --- ## Success Metrics | Metric | Target | Measurement | |--------|--------|-------------| | Verdict push success rate | >99% | OTEL metrics | | Audit replay pass rate | 100% on same inputs | CI tests | | Unknown budget violations detected | >0 in test suite | Integration tests | | Air-gap import success rate | >99% | Manual testing | --- ## Risks & Dependencies | Risk | Impact | Mitigation | |------|--------|------------| | OCI registry incompatibility | Cannot push verdicts | Fallback to tag-based | | Bundle size too large | Transfer issues | Streaming, compression | | Key management complexity | Security | Document rotation procedures | --- ## Timeline Recommendation **Phase 1 (Weeks 1-4)**: P0 Sprints - OCI Verdict Push + Audit Replay **Phase 2 (Weeks 5-7)**: P1 Sprints - Unknowns Budget + Attestations **Phase 3 (Weeks 8-9)**: P1 Sprints - Sealed Knowledge Snapshots --- ## Documentation Deliverables - [ ] `docs/operations/verdict-attestation-guide.md` - [ ] `docs/operations/audit-replay-guide.md` - [ ] `docs/operations/unknown-budgets-guide.md` - [ ] `docs/operations/airgap-knowledge-sync.md` - [ ] Update attestation type catalog - [ ] Update CLI reference --- ## Delivery Tracker | # | Task ID | Status | Key dependency / next step | Owners | Task Definition | | --- | --- | --- | --- | --- | --- | | 1 | MOAT-4300-0001 | TODO | SPRINT_4300_0001_0001 | Planning | Track OCI verdict attestation push sprint. | | 2 | MOAT-4300-0002 | TODO | SPRINT_4300_0001_0002 | Planning | Track one-command audit replay CLI sprint. | | 3 | MOAT-4300-0003 | TODO | SPRINT_4300_0002_0001 | Planning | Track unknowns budget policy sprint. | | 4 | MOAT-4300-0004 | TODO | SPRINT_4300_0002_0002 | Planning | Track unknowns attestation predicates sprint. | | 5 | MOAT-4300-0005 | TODO | SPRINT_4300_0003_0001 | Planning | Track sealed knowledge snapshot sprint. | ## Wave Coordination - Phase 1: Verdict push + audit replay. - Phase 2: Unknowns budget + attestations. - Phase 3: Sealed knowledge snapshots. ## Wave Detail Snapshots - See "Timeline Recommendation" for phase detail. ## Interlocks - CLI verification depends on verdict referrer availability. - Air-gap snapshot import depends on Concelier/Excititor policy data compatibility. ## Upcoming Checkpoints | Date (UTC) | Checkpoint | Owner | | --- | --- | --- | | 2025-12-22 | Moat summary normalized to sprint template. | Agent | ## Action Tracker | Date (UTC) | Action | Owner | Status | | --- | --- | --- | --- | | 2025-12-22 | Normalize summary file to standard template. | Agent | DONE | ## Execution Log | Date (UTC) | Update | Owner | | --- | --- | --- | | 2025-12-22 | Moat summary created from 19-Dec-2025 advisory. | Agent | | 2025-12-22 | Normalized summary file to standard template; no semantic changes. | Agent | ## Decisions & Risks | Item | Type | Owner | Notes | | --- | --- | --- | --- | | Moat focus | Decision | Planning | Emphasize signed verdicts and epistemic workflows. | | Risk | Impact | Mitigation | | --- | --- | --- | | Registry referrers compatibility | Verdict push unavailable | Tag-based fallback and documentation. | **Sprint Series Status:** TODO **Created:** 2025-12-22 **Origin:** Gap analysis of 19-Dec-2025 moat strength advisory