# Policy Bundles with Proof Objects

## Module
Policy

## Status
IMPLEMENTED

## Description
Policy bundles with proof objects, security atoms, claims, and subjects forming the trust lattice algebra substrate.

## Implementation Details
- **TrustLatticeEngine**: `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/TrustLatticeEngine.cs`
  - Pipeline: VEX normalization -> claim ingestion -> K4 evaluation -> disposition selection -> proof bundle generation
  - `Evaluate()` returns TrustLatticeResult with proof bundle containing all claims, evidence, and K4 lattice evaluations
  - Proof bundle includes: claims with scores, VEX sources, reachability signals, K4 lattice values per subject
  - Claims built via fluent ClaimBuilder: Assert, Present, Applies, Reachable, Mitigated, Fixed, Misattributed
- **K4Lattice**: `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/K4Lattice.cs`
  - Four-valued logic (Unknown=0, True=1, False=2, Conflict=3)
  - Algebraic operations: Join (T join F = Conflict), Meet (T meet F = Unknown), Negate, LessOrEqual
  - `FromSupport()` converts evidence support to K4 value
- **ClaimScoreMerger**: `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/ClaimScoreMerger.cs`
  - Deterministic merge with conflict penalization (0.25 penalty)
  - Ordering: adjusted score -> specificity -> original score -> source ID -> index
  - Returns MergeResult with winning claim, conflicts, RequiresReplayProof flag
- **KnowledgeSnapshotManifest**: `src/Policy/__Libraries/StellaOps.Policy/Snapshots/KnowledgeSnapshotManifest.cs`
  - Content-addressed bundle capturing all policy evaluation inputs
  - PolicyBundleRef (PolicyId, Digest, Uri) for bundle identification
  - ScoringRulesRef, TrustBundleRef for scoring and trust configuration
- **PolicyGateEvaluator**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs`
  - Uses trust lattice results in Lattice State gate
  - Uses proof bundles for evidence completeness verification
- **VerdictAttestationService**: `src/Policy/StellaOps.Policy.Engine/Attestation/VerdictAttestationService.cs` -- DSSE-signed attestations referencing proof bundles

## E2E Test Plan
- [ ] Evaluate trust lattice with 3 VEX claims; verify proof bundle contains all 3 claims with scores
- [ ] Evaluate trust lattice with conflicting claims; verify proof bundle includes conflict markers and K4 Conflict value
- [ ] Build policy bundle with PolicyBundleRef; verify Digest is content-addressed
- [ ] Verify proof bundle includes K4 lattice values for each subject (CVE + component)
- [ ] Verify ClaimScoreMerger produces deterministic merge result for identical inputs
- [ ] Verify claim with higher specificity wins over claim with higher raw score when conflict exists
- [ ] Evaluate with RequiresReplayProof=true; verify proof bundle is flagged for replay verification
- [ ] Reference proof bundle from VerdictAttestationService; verify attestation includes bundle digest
- [ ] Evaluate PolicyGateEvaluator Evidence gate; verify it checks proof bundle completeness