7503c19b8f
- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering. - Created helper methods for generating sample verdict inputs and computing canonical hashes. - Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics. - Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.
23 lines
1.3 KiB
Markdown
23 lines
1.3 KiB
Markdown
# Findings Ledger and Replay (Vulnerability Explorer)
|
|
|
|
The Findings Ledger is the append-only backbone for auditable triage. It records current finding state, history transitions, and operator actions in a way that supports deterministic replay and offline verification.
|
|
|
|
This document provides a conceptual overview; the authoritative schema and hashing rules are in the Findings Ledger module docs.
|
|
|
|
## What the Ledger Stores
|
|
|
|
- **Finding records:** enriched, policy-derived findings (with references to advisories/VEX/SBOM/reachability and explain traces).
|
|
- **History:** append-only state transitions with actor identity, justification, and timestamps (UTC).
|
|
- **Triage actions:** discrete operator actions (comment, assignment, mitigation note, ticket link) with immutable provenance.
|
|
|
|
## Replay and Verification
|
|
|
|
- Replay reconstructs derived state from append-only history/actions and compares deterministic digests.
|
|
- Offline bundles include the ledger exports plus integrity metadata so auditors can verify without trusting a live service.
|
|
|
|
## References
|
|
|
|
- Findings Ledger schema: `docs/modules/findings-ledger/schema.md`
|
|
- Merkle anchoring policy: `docs/modules/findings-ledger/merkle-anchor-policy.md`
|
|
- Vulnerability Explorer dossier: `docs/modules/vuln-explorer/architecture.md`
|