# Verdict Rekor Publisher (Transparency Log Publishing)

## Module
Attestor

## Status
VERIFIED

## Description
Publishes verdict attestations to Rekor transparency log, linking verdict decisions to tamper-evident public record.

## Implementation Details
- **Verdict Rekor Publisher**: `src/Attestor/__Libraries/StellaOps.Attestor.Infrastructure/Rekor/VerdictRekorPublisher.cs` -- publishes signed verdict attestations to Rekor, returning log entry IDs and inclusion proofs.
- **IRekorClient**: `StellaOps.Attestor.Core/Rekor/IRekorClient.cs` -- client interface for submitting entries to Rekor.
- **HttpRekorClient**: `StellaOps.Attestor.Infrastructure/Rekor/HttpRekorClient.cs` -- HTTP implementation of Rekor client.
- **ResilientRekorClient**: `Infrastructure/Rekor/ResilientRekorClient.cs` -- resilient wrapper with retry and circuit breaker policies.
- **IRekorSubmissionQueue**: `Core/Queue/IRekorSubmissionQueue.cs` -- queue interface for asynchronous Rekor submissions.
- **PostgresRekorSubmissionQueue**: `Infrastructure/Queue/PostgresRekorSubmissionQueue.cs` -- PostgreSQL-backed submission queue with at-least-once delivery.
- **Rekor Queue Item**: `Core/Queue/RekorQueueItem.cs` -- individual queue item containing the verdict attestation to publish.
- **Rekor Submission Status**: `Core/Queue/RekorSubmissionStatus.cs` -- status tracking (Pending, Submitted, Confirmed, Failed).
- **Rekor Submission Response**: `Core/Rekor/RekorSubmissionResponse.cs` -- response from Rekor containing log index and inclusion proof.
- **Rekor Receipt**: `Core/Rekor/RekorReceipt.cs` -- receipt from Rekor for anchored entries.
- **Rekor Retry Worker**: `Infrastructure/Workers/RekorRetryWorker.cs` -- background worker retrying failed submissions.
- **Rekor Circuit Breaker Policy**: `Infrastructure/Resilience/RekorCircuitBreakerPolicy.cs` -- circuit breaker preventing cascade failures during Rekor outages.
- **Rekor Entry Entity**: `__Libraries/StellaOps.Attestor.Persistence/Entities/RekorEntryEntity.cs` -- persisted Rekor entry with log index, entry hash, and inclusion proof.
- **Tests**: `__Tests/StellaOps.Attestor.Infrastructure.Tests/HttpRekorClientTests.cs`, `StellaOps.Attestor.Tests/RekorSubmissionQueueTests.cs`, `RekorRetryWorkerTests.cs`

## E2E Test Plan
- [ ] Publish a signed verdict attestation via `VerdictRekorPublisher` and verify a `RekorSubmissionResponse` with log index is returned
- [ ] Verify the Rekor receipt contains a valid inclusion proof by checking it against the Rekor tree root
- [ ] Queue a verdict for asynchronous submission via `PostgresRekorSubmissionQueue` and verify status transitions: Pending -> Submitted -> Confirmed
- [ ] Simulate a Rekor outage and verify the `RekorCircuitBreakerPolicy` opens after threshold failures
- [ ] Verify `RekorRetryWorker` picks up failed submissions and retries them after the circuit breaker resets
- [ ] Publish 10 verdicts concurrently and verify all receive unique log indices
- [ ] Verify the published entry is persisted as `RekorEntryEntity` with correct log index and entry hash
- [ ] Publish a verdict, retrieve it by log index via `HttpRekorClient`, and verify the attestation content matches

## Verification

| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |