Proof of Exposure Export/Verify CLI

Module

Cli

Status

VERIFIED

Description

CLI commands for exporting and verifying Proof of Exposure artifacts for offline verification. Exports include Rekor inclusion proofs, richgraph subgraphs, and SBOM artifacts in tar.gz format. Verification validates bundle integrity independently.

Implementation Details

PoE Export: src/Cli/StellaOps.Cli/Commands/PoE/ExportCommand.cs -- PoE export command
PoE Verify: src/Cli/StellaOps.Cli/Commands/PoE/VerifyCommand.cs -- PoE verification command
Proof Commands: src/Cli/StellaOps.Cli/Commands/Proof/ProofCommandGroup.cs -- proof operations
Commands:
- stella poe export <digest> --output <path> -- export PoE bundle (tar.gz with Rekor proofs, richgraph, SBOM)
- stella poe verify <bundle> -- verify PoE bundle integrity offline

E2E Test Plan

Run stella poe export sha256:abc123 --output ./poe.tar.gz and verify bundle created
Verify bundle contains Rekor inclusion proofs
Verify bundle contains richgraph subgraph
Verify bundle contains SBOM artifacts
Run stella poe verify ./poe.tar.gz and verify bundle integrity
Verify offline verification without network
Verify tampered bundle fails verification

Verification

Verified: 2026-02-13T15:30:00Z
Tier 0 (Source): pass -- all referenced source files exist on disk
Tier 1 (Build): pass -- module builds cleanly, 412 tests pass in StellaOps.Cli.Commands.Tests
Tier 2d (Integration): pass -- targeted integration tests confirm behavioral correctness
Test Project: src/Cli/__Tests/StellaOps.Cli.Commands.Tests/StellaOps.Cli.Commands.Tests.csproj
Evidence: docs/qa/feature-checks/runs/cli/proof-of-exposure-export-verify-cli/run-001/tier2-integration-check.json

1.8 KiB Raw Blame History