# In-toto Link Attestation Capture

## Module
Attestor

## Status
VERIFIED

## Description
The attestation pipeline supports DSSE-wrapped statements and proof chains, which follow in-toto patterns. However, the specific per-step in-toto link capture with `in-toto-run` wrappers as described is not directly implemented.

## What's Implemented
- **In-Toto Link Model**: `src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Core/InToto/InTotoLink.cs` -- in-toto link data model.
- **In-Toto Link Predicate**: `InToto/InTotoLinkPredicate.cs` -- link predicate with materials and products.
- **Link Builder**: `InToto/LinkBuilder.cs` -- builder for constructing in-toto links.
- **Link Recorder**: `InToto/LinkRecorder.cs` -- records link data during step execution. Implements `ILinkRecorder.cs`.
- **In-Toto Link Emitter**: `InToto/IInTotoLinkEmitter.cs` -- interface for emitting captured links.
- **In-Toto Link Signing Service**: `InToto/IInTotoLinkSigningService.cs` with `Infrastructure/InToto/InTotoLinkSigningService.cs` -- signs captured links.
- **In-Toto Layout**: `InToto/Layout/InTotoLayout.cs` -- layout defining expected supply chain steps.
- **Layout Verifier**: `InToto/Layout/LayoutVerifier.cs` -- verifies links against layout. Implements `ILayoutVerifier.cs`.
- **Artifact Digests**: `InToto/ArtifactDigests.cs` -- input/output artifact digest tracking.
- **Material Spec**: `InToto/MaterialSpec.cs` -- material specification for links.
- **In-Toto Statement**: `__Libraries/StellaOps.Attestor.ProofChain/Statements/InTotoStatement.cs` -- generic in-toto statement.
- **Link Contracts**: `WebService/Contracts/InTotoLinkContracts.cs` -- API contracts for link operations.
- **Tests**: `Core.Tests/InToto/InTotoLinkTests.cs`, `InTotoGoldenTests.cs`, `ProofChain.Tests/Statements/InTotoStatementSnapshotTests.cs`

## What's Missing
- **`in-toto-run` wrapper**: No CLI wrapper that automatically captures materials before and products after command execution (analogous to `in-toto-run` from the reference implementation).
- **Automatic link capture in CI**: No CI integration that automatically records links for each pipeline step.
- **Link storage and retrieval API**: No REST endpoint for storing and querying captured links by step name or functionary.
- **Multi-functionary layout verification**: Layout verification exists but multi-functionary threshold verification (k-of-n) may not be fully wired.
- **Link chain verification**: No end-to-end verification that all links in a layout chain are present and valid.

## Implementation Plan
- Implement an `in-toto-run` CLI command wrapping command execution with automatic material/product capture
- Add CI step link capture via webhook or plugin integration
- Create REST endpoints for link storage and retrieval in `ProofChainController`
- Complete multi-functionary threshold verification in `LayoutVerifier`
- Implement end-to-end link chain verification
- Add tests for CLI wrapper, CI capture, and chain verification

## Related Documentation
- Source: See feature catalog

## Verification

| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |