# Function-Level Reachability for VEX Decisions

## Module
Attestor

## Status
VERIFIED

## Description
Multi-language call graph extraction (binary, Java, Python, Node, PHP, Ruby, JavaScript) is implemented with function-level evidence models (MicroWitness predicates, call path nodes, reachability witness payloads).

## Implementation Details
- **MicroWitness Predicates**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Predicates/` -- function-level evidence:
  - `BinaryMicroWitnessPredicate.cs` -- complete micro-witness with binary, CVE, and function refs
  - `MicroWitnessBinaryRef.cs` -- binary reference
  - `MicroWitnessCveRef.cs` -- CVE reference
  - `MicroWitnessFunctionEvidence.cs` -- function-level evidence with call-stack position
  - `MicroWitnessSbomRef.cs` -- SBOM component cross-reference
  - `MicroWitnessTooling.cs` -- analysis tool metadata
  - `MicroWitnessVerdicts.cs` -- function-level verdicts
- **Reachability Witness**: `Statements/ReachabilityWitnessPayload.cs` (with `.Path`) -- call paths. `ReachabilityWitnessStatement.cs` -- in-toto wrapper.
- **Call Path Nodes**: `Statements/WitnessCallPathNode.cs`, `WitnessPathNode.cs` -- path nodes with function details.
- **VEX Integration**: `Generators/VexProofIntegrator.cs` (with `.Helpers`, `.Metadata`) -- integrates reachability evidence into VEX decisions. `VexVerdictProofPayload.cs` -- combined VEX + reachability proof.
- **Tests**: `__Tests/StellaOps.Attestor.ProofChain.Tests/BinaryMicroWitnessPredicateTests.cs`

## E2E Test Plan
- [ ] Create a `BinaryMicroWitnessPredicate` with function evidence showing a vulnerable function is reachable and verify the micro-witness is well-formed
- [ ] Create function evidence with `MicroWitnessFunctionEvidence` at different call-stack depths and verify depth tracking
- [ ] Link micro-witness evidence to a VEX decision via `VexProofIntegrator` with status "not_affected" (function unreachable) and verify the proof payload
- [ ] Link micro-witness evidence to a VEX decision with status "affected" (function reachable) and verify
- [ ] Create witnesses from multiple language call graphs and verify `MicroWitnessTooling` captures per-language analysis tools
- [ ] Verify `MicroWitnessSbomRef` correctly links function evidence to SBOM component entries
- [ ] Create `MicroWitnessVerdicts` for multiple functions and verify per-function reachability verdicts

## Verification

| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |