# Rekor submission policy

Purpose
- Balance transparency log usage with budget limits and offline safety.

Submission tiers
- Tier 1: graph-level attestations per scan (default).
- Tier 2: edge bundle attestations for escalations.

Budgets
- Hourly limits for graph submissions.
- Daily limits for edge bundle submissions.
- Burst windows for Tier 1 only.

Enforcement
- Queue excess submissions with backpressure.
- Retry failed submissions with backoff.
- Store overflow locally for later submission.

Offline behavior
- Queue submissions in attestor.rekor_offline_queue.
- Bundle pending submissions in offline kits.
- Drain queue when connectivity returns.

Monitoring
- attestor_rekor_submissions_total
- attestor_rekor_submission_latency_seconds
- attestor_rekor_queue_depth
- attestor_rekor_budget_remaining

Related references
- provenance/attestation-workflow.md
- security/crypto-and-trust.md
- docs/operations/rekor-policy.md