stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
1bf6bbf3955ecbd8d20f5eeb767da5c7f8324b57
git.stella-ops.org/docs/features/unchecked/attestor/checkpoint-signature-verification.md

2.6 KiB
Raw Blame History

Checkpoint Signature Verification

Module

Attestor

Status

IMPLEMENTED

Description

Checkpoint divergence detection and alert publishing for Rekor transparency log verification.

Implementation Details

  • Checkpoint Signature Verifier: src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Core/Verification/CheckpointSignatureVerifier.cs -- verifies cryptographic signatures on Rekor checkpoints against known public keys.
  • Checkpoint Divergence Detector: StellaOps.Attestor.Core/Rekor/CheckpointDivergenceDetector.cs -- implements ICheckpointDivergenceDetector. Detects split-world attacks by comparing checkpoints from multiple Rekor instances.
  • Alert Publisher: Rekor/CheckpointDivergenceAlertPublisher.cs -- publishes alerts when checkpoint divergence is detected.
  • Rekor Checkpoint Store: IRekorCheckpointStore.cs -- interface for storing and retrieving checkpoints. StellaOps.Attestor.Storage/Rekor/PostgresRekorCheckpointStore.cs -- PostgreSQL implementation.
  • Rekor Backend: Rekor/RekorBackend.cs -- backend configuration. IRekorBackendResolver.cs -- resolves backend instances. Infrastructure/Rekor/RekorBackendResolver.cs, ServiceMapAwareRekorBackendResolver.cs -- implementations.
  • Rekor Sync: Rekor/RekorSyncBackgroundService.cs -- background service for checkpoint synchronization.
  • Time Skew Validation: Verification/TimeSkewValidator.cs, InstrumentedTimeSkewValidator.cs -- validates time consistency between checkpoints.
  • Tests: StellaOps.Attestor.Core.Tests/Verification/CheckpointSignatureVerifierTests.cs, StellaOps.Attestor.Core.Tests/Rekor/CheckpointDivergenceDetectorTests.cs, CheckpointDivergenceByzantineTests.cs, __Tests/StellaOps.Attestor.Conformance.Tests/CheckpointParityTests.cs

E2E Test Plan

  • Verify a checkpoint signature against a known Rekor public key via CheckpointSignatureVerifier and confirm success
  • Verify a checkpoint with an invalid signature and confirm the verifier rejects it
  • Feed two consistent checkpoints (same tree) to CheckpointDivergenceDetector and verify no divergence is detected
  • Feed two divergent checkpoints (different roots for same tree size) and verify divergence is detected and alert is published via CheckpointDivergenceAlertPublisher
  • Store checkpoints via PostgresRekorCheckpointStore and retrieve them, verifying data integrity
  • Verify TimeSkewValidator detects unacceptable time skew between checkpoint timestamps
  • Run RekorSyncBackgroundService and verify it periodically fetches and stores new checkpoints