# GoldenSet Library Charter

## Mission
Provide foundational data models, storage, and validation for Golden Set definitions - ground-truth facts about vulnerability code-level manifestation.

## Responsibilities
- **Domain Models**: GoldenSetDefinition, VulnerableTarget, BasicBlockEdge, WitnessInput, GoldenSetMetadata
- **Validation**: Schema validation, CVE existence check, edge format validation, sink registry lookup
- **Storage**: PostgreSQL persistence with content-addressed retrieval
- **Serialization**: YAML round-trip serialization with snake_case convention
- **Sink Registry**: Lookup service for known sinks mapped to CWE categories

## Key Principles
1. **Immutability**: All models are immutable records with ImmutableArray collections
2. **Content-Addressing**: All golden sets have SHA256-based content digests for deduplication
3. **Determinism**: Serialization and hashing produce deterministic outputs
4. **Air-Gap Ready**: Validation supports offline mode without external lookups
5. **Human-Readable**: YAML as primary format for git-friendliness

## Dependencies
- `BinaryIndex.Contracts` - Shared contracts and DTOs
- `Npgsql` - PostgreSQL driver
- `YamlDotNet` - YAML serialization
- `Microsoft.Extensions.*` - DI, Options, Logging, Caching

## Required Reading
- `docs/modules/binary-index/golden-set-schema.md`
- `docs/implplan/SPRINT_20260110_012_001_BINDEX_golden_set_foundation.md`

## Test Strategy
- Unit tests in `StellaOps.BinaryIndex.GoldenSet.Tests`
- Integration tests with Testcontainers PostgreSQL
- Property-based tests for serialization round-trip