# Evidence Locker with Deterministic Bundles

## Module
EvidenceLocker

## Status
IMPLEMENTED

## Description
Full Evidence Locker module with snapshot services, timeline publishing, and infrastructure for deterministic evidence bundle management.

## Implementation Details
- **Modules**: `src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/`, `src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Core/`
- **Key Classes**:
  - `EvidenceSnapshotService` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Services/EvidenceSnapshotService.cs`) - creates point-in-time snapshots of evidence state
  - `EvidenceBundleBuilder` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Builders/EvidenceBundleBuilder.cs`) - builds deterministic evidence bundles
  - `EvidenceBundleRepository` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Repositories/EvidenceBundleRepository.cs`) - persists and retrieves evidence bundles
  - `TimelineIndexerEvidenceTimelinePublisher` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Timeline/TimelineIndexerEvidenceTimelinePublisher.cs`) - publishes evidence events to timeline for audit trail
  - `NullEvidenceTimelinePublisher` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Timeline/NullEvidenceTimelinePublisher.cs`) - no-op timeline publisher for testing
  - `EvidenceSnapshotModels` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Core/Domain/EvidenceSnapshotModels.cs`) - snapshot data models
  - `EvidenceLockerOptions` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Core/Configuration/EvidenceLockerOptions.cs`) - configuration options for evidence locker
  - `EvidenceLockerMigrationRunner` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Db/EvidenceLockerMigrationRunner.cs`) - database migration runner
- **Interfaces**: `IEvidenceBundleBuilder`, `IEvidenceBundleRepository`, `IEvidenceTimelinePublisher`
- **Source**: Feature matrix scan

## E2E Test Plan
- [ ] Create an evidence bundle via `EvidenceBundleBuilder` and verify `EvidenceBundleRepository` persists it with deterministic content-addressed ID
- [ ] Create a snapshot via `EvidenceSnapshotService` and verify it captures the current evidence state accurately
- [ ] Verify `TimelineIndexerEvidenceTimelinePublisher` publishes evidence events to the timeline index
- [ ] Verify deterministic output: building the same evidence inputs twice produces identical bundle content and ID
- [ ] Verify `EvidenceLockerOptions` correctly configures storage backend, retention, and signing options
- [ ] Verify `EvidenceLockerMigrationRunner` applies database migrations on startup