# Verdic Replay (Deterministic Replay)

## Module
Attestor

## Status
VERIFIED

## Description
Verdict replay service for deterministic re-execution of security decisions with input manifest resolution and verification.

## Implementation Details
- **Replay Input Artifact**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/ReplayInputArtifact.cs` -- content-addressed input artifact referenced by digest for deterministic resolution during replay.
- **Replay Prompt Template**: `Replay/ReplayPromptTemplate.cs` -- template for replay prompts that captures the original decision context and input bindings.
- **Replay Result**: `Replay/ReplayResult.cs` -- result of a replay execution, including the replayed verdict and comparison with the original.
- **Replay Status**: `Replay/ReplayStatus.cs` -- enum tracking replay state (Pending, Running, Completed, Failed, Diverged).
- **Replay Verification Result**: `Replay/ReplayVerificationResult.cs` -- verification result comparing replayed output against original, detecting divergence.
- **AI Artifact Replay Manifest**: `Replay/AIArtifactReplayManifest.cs` -- manifest for replaying AI-generated artifacts with frozen model parameters and inputs.
- **IAIArtifactReplayer**: `Replay/IAIArtifactReplayer.cs` -- interface for replaying AI artifact generation with deterministic inputs.
- **Verdict Receipt Payload**: `Statements/VerdictReceiptPayload.cs` -- payload containing verdict inputs, decision, and outputs for replay.
- **Verdict Receipt Statement**: `Statements/VerdictReceiptStatement.cs` -- in-toto statement wrapping the verdict receipt for attestation.
- **Verdict Decision**: `Statements/VerdictDecision.cs` -- the decision record (PASS/FAIL/WARN) with reasoning.
- **Verdict Inputs**: `Statements/VerdictInputs.cs` -- captured inputs (scan results, policies, VEX state) that drove the verdict.
- **Verdict Outputs**: `Statements/VerdictOutputs.cs` -- outputs of the verdict (actions taken, notifications sent).
- **Verification Replay Log Builder**: `__Libraries/StellaOps.Attestor.EvidencePack/Services/VerificationReplayLogBuilder.cs` -- builds replay logs for inclusion in evidence packs.
- **Verification Replay Log**: `EvidencePack/Models/VerificationReplayLog.cs` -- structured log of replay execution steps.
- **Tests**: `__Tests/StellaOps.Attestor.ProofChain.Tests/`

## E2E Test Plan
- [ ] Create a `VerdictReceiptPayload` with inputs (SBOM digest, policy rules, VEX state) and a PASS decision; serialize and verify round-trip fidelity
- [ ] Replay the verdict using the captured `VerdictInputs` and verify the replayed decision matches the original PASS
- [ ] Modify one input (add a new critical CVE) and replay; verify `ReplayVerificationResult` detects divergence with the original
- [ ] Verify `ReplayStatus` transitions: Pending -> Running -> Completed for a successful replay
- [ ] Create an `AIArtifactReplayManifest` with frozen model parameters and verify replay produces identical outputs
- [ ] Build a `VerificationReplayLog` via `VerificationReplayLogBuilder` and verify it captures each replay step with timestamps
- [ ] Replay a verdict with missing input artifacts and verify `ReplayStatus` is Failed with a descriptive error
- [ ] Verify the `VerdictReceiptStatement` is a valid in-toto statement with the correct predicate type URI

## Verification

| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |