# Mirror DSSE Revision Contract

## Module
AirGap

## Status
PARTIALLY_IMPLEMENTED

## Description
Defines the DSSE signing contract revision for mirror bundles, specifying envelope format, digest algorithm choices, and manifest inclusion rules for air-gapped import verification. Implementation is coordination-level (docs + scripts).

## What's Implemented
- DSSE envelope signing/verification infrastructure: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Signing/DsseEnvelope.cs`, `DsseSignature.cs`
- DSSE verification step: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/DsseSignatureVerificationStep.cs`
- Importer DSSE parsing: `src/AirGap/StellaOps.AirGap.Importer/Reconciliation/Parsers/DsseAttestationParser.cs`
- Bundle library with manifest support: `src/AirGap/__Libraries/StellaOps.AirGap.Bundle/`
- SPDX3 DSSE signing: `src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/DsseSpdx3Signer.*.cs`
- Source: SPRINT_0150_0001_0001_mirror_dsse.md

## What's Missing
- The mirror-specific DSSE revision contract (specifying envelope format, digest algorithm choices, manifest inclusion rules for mirror bundles specifically) may need formalization as a versioned contract document
- Mirror-specific DSSE tests are referenced in TASKS.md files but may not be complete

## Implementation Plan
- Formalize mirror DSSE contract as versioned specification
- Add mirror-specific DSSE validation tests
- Verify digest algorithm choices are consistent across mirror pipeline

## Related Documentation
- Source: SPRINT_0150_0001_0001_mirror_dsse.md