stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
6d049905c7673685b19a16b56b3635dd248a30a9
git.stella-ops.org/docs/security/aoc-invariants.md
StellaOps Bot 9f6e6f7fb3
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Policy Simulation / policy-simulate (push) Has been cancelled
Details
SDK Publish & Sign / sdk-publish (push) Has been cancelled
Details
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
devportal-offline / build-offline (push) Has been cancelled
Details
up
2025-11-25 22:09:44 +02:00

30 lines
2.1 KiB
Markdown
Raw Blame History

# Aggregation-Only Contract (AOC) Invariants
Last updated: 2025-11-25 (DOCS-ATTEST-75-002)
## Core invariants (all components)
- **Tenant isolation**: Every API call requires `X-Stella-Tenant`; storage and caches are keyed by tenant.
- **Append-only inputs**: Evidence, advisories, and attestations are stored immutably; no in-place edits.
- **Determinism**: Sorting and pagination are stable; timestamps are UTC ISO-8601; hashes are lowercase hex.
- **No consensus**: Components enforce validation/verification only; no severity or policy decisions inside AOC services.
- **Offline-first**: All external data (feeds, keys, checkpoints) must be supplied via bundled inputs; no live fetches when sealed.
## Attestor-specific invariants
- **Trust roots**: Verification keys are loaded exclusively from the bundled trust store; network key discovery is disabled in sealed mode.
- **DSSE only**: Inputs must be DSSE envelopes; detached signatures are rejected with a deterministic error code.
- **Transparency optional, explicit**: If a mirrored checkpoint is provided, inclusion proof is validated; otherwise results record `transparency=skipped` without failing the request.
- **Rationale trail**: Each verification emits a rationale list (e.g., `key.match`, `transparency.included`, `transparency.skipped`) so results are replayable.
- **Immutability**: Verified statements and rationale are recorded append-only in the delivery/verification ledger; retries must not overwrite prior entries.
## Guardrails for implementers
- Never permit unsigned or partially signed payloads to proceed past parsing.
- Reject any outbound HTTP/S fetch during verification when `Attestor__Offline__Enabled=true`.
- Keep secret material out of logs; log statement digests and key ids only.
- Round numeric scores/weights only at the presentation boundary; internal math stays high-precision.
## Audit checklist
- [ ] Tenant header enforced on every endpoint.
- [ ] Trust bundle hash matches the signed manifest on disk.
- [ ] Transparency verification results are captured per request.
- [ ] Ledger entries are append-only and carry rationale + trace ids.
Reference in New Issue View Git Blame Copy Permalink