# Noise Ledger (Audit Log of Suppressions)

## Module
Attestor

## Status
VERIFIED

## Description
Suppression witnesses and audit hash logging exist in the backend. CLI audit commands exist. A dedicated "Noise Ledger" UX component is not present, though the underlying audit/suppression infrastructure is in place.

## What's Implemented
- **Audit Hash Logger**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Audit/AuditHashLogger.cs` (with `.Validation`) -- tamper-evident audit logging for all actions including suppressions.
- **Hash Audit Record**: `Audit/HashAuditRecord.cs` -- individual audit record with hash chain.
- **Audit Artifact Types**: `Audit/AuditArtifactTypes.cs` -- enumeration of auditable artifact types.
- **VEX Override System**: `__Libraries/StellaOps.Attestor.StandardPredicates/VexOverride/` -- structured VEX overrides (suppressions) with evidence and justification.
- **Change Trace Attestation Service**: `ProofChain/ChangeTrace/ChangeTraceAttestationService.cs` -- tracks changes including suppressions.
- **VEX Delta Tracking**: `Predicates/VexDeltaPredicate.cs`, `VexDeltaChange.cs` -- tracks VEX status transitions.

## What's Missing
- **Dedicated Noise Ledger service**: No standalone service aggregating all suppression/noise decisions into a queryable ledger.
- **Noise Ledger UI component**: No frontend page showing a filterable, sortable list of all suppressions with justifications and evidence.
- **Suppression statistics**: No aggregated statistics (suppressions per severity, per component, per time period).
- **Suppression review workflow**: No periodic review workflow that surfaces suppressions due for re-evaluation.
- **Suppression export**: No dedicated export format for suppression audit trail (e.g., for compliance reporting).
- **Noise pattern detection**: No automated detection of noise patterns (e.g., same CVE suppressed across all environments).

## Implementation Plan
- Create `NoiseLedgerService` aggregating suppressions from VEX overrides, audit logs, and change traces
- Add REST endpoints for querying the noise ledger with filtering/pagination
- Build Angular UI component showing suppression list with details, justification, and evidence links
- Implement suppression statistics and trend analysis
- Add periodic review workflow surfacing stale suppressions
- Add export functionality for compliance auditors
- Add tests for ledger aggregation, statistics, and review scheduling

## Related Documentation
- Source: See feature catalog

## Verification

| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |