stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
822a92faeebbceea6fa005b7eddb7572a8b29b41
git.stella-ops.org/docs/features/checked/libraries/replayable-evidence-packs.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

41 lines
3.3 KiB
Markdown
Raw Blame History

# Replayable evidence packs (time-stamped queryable bundles for audits)
## Module
__Libraries
## Status
VERIFIED
## Description
Replay executor with drift tracking, verdict attestation, and E2E tests implement time-travel replay of evidence bundles for audit use cases.
## Implementation Details
- **AuditPackBuilder**: `src/__Libraries/StellaOps.AuditPack/AuditPackBuilder.cs` -- multi-partial: `.Build.cs` (assemble audit pack), `.Collectors.cs` (evidence collectors), `.Digests.cs` (input digest computation), `.Export.cs` (export to archive), `.Files.cs` (file entry management)
- **AuditBundleWriter**: `src/__Libraries/StellaOps.AuditPack/AuditBundleWriter.cs` -- multi-partial: `.Write.cs`, `.Entries.cs`, `.EntryHelpers.cs`, `.Manifest.cs`, `.Merkle.cs` (Merkle tree for bundle integrity), `.Digests.cs`, `.Signing.cs` (DSSE signing), `.Models.cs`
- **AuditBundleReader**: `src/__Libraries/StellaOps.AuditPack/AuditBundleReader.cs` -- multi-partial: `.Read.cs`, `.Extract.cs`, `.ExtractionHandling.cs`, `.Hashing.cs`, `.InputDigests.cs`, `.Manifest.cs`, `.Merkle.cs`, `.Models.cs`, `.Paths.cs`, `.ReplayInputs.cs`, `.Signature.cs`, `.Verification.cs`
- **ReplayExecutor**: `src/__Libraries/StellaOps.AuditPack/ReplayExecutor.cs` -- multi-partial: `.Execute.cs`, `.ExecuteInternal.cs`, `.Drift.cs`, `.DriftTracking.cs`, `.Hashing.cs`, `.JsonDiff.cs`/`.JsonDiff.Helpers.cs`, `.Policy.cs`; tracks drift between original and replayed evidence
- **ReplayAttestationService**: `src/__Libraries/StellaOps.AuditPack/ReplayAttestationService.cs` -- multi-partial: `.Generate.cs`, `.Batch.cs`, `.DsseEnvelope.cs`, `.Hashing.cs`, `.Statement.cs` (in-toto statement), `.Verify.cs`
- **IsolatedReplayContext**: `src/__Libraries/StellaOps.AuditPack/IsolatedReplayContext.cs` -- multi-partial: `.Initialize.cs`, `.ExtractInputs.cs`, `.Digests.cs`, `.Dispose.cs`, `.Paths.cs`; provides isolated environment for deterministic replay
- **VerdictReplayPredicate**: `src/__Libraries/StellaOps.AuditPack/VerdictReplayPredicate.cs` -- multi-partial: `.Eligibility.cs`, `.Predict.cs`, `.Divergence.cs`, `.DivergenceHelpers.cs`
- **AuditPackExportService**: `src/__Libraries/StellaOps.AuditPack/AuditPackExportService.cs` -- multi-partial: `.Json.cs`, `.Zip.cs`, `.ZipHelpers.cs`, `.Dsse.cs`, `.Repository.cs`
- **Telemetry**: `src/__Libraries/StellaOps.AuditPack/ReplayTelemetry.cs` -- multi-partial: `.Activity.cs`, `.Attestation.cs`, `.Counters.cs`, `.Eligibility.cs`, `.Execution.cs`, `.Gauges.cs`, `.Histograms.cs`, `.Meter.cs`
- **Source**: Feature matrix scan
## E2E Test Plan
- [ ] Verify AuditPackBuilder assembles complete evidence pack with all collectors
- [ ] Test AuditBundleWriter produces signed bundle with Merkle tree integrity
- [ ] Verify AuditBundleReader can extract and verify bundle contents
- [ ] Test ReplayExecutor performs time-travel replay and tracks drift
- [ ] Verify ReplayAttestationService generates DSSE-signed in-toto attestations
- [ ] Test IsolatedReplayContext provides deterministic isolated replay environment
- [ ] Verify VerdictReplayPredicate correctly predicts replay eligibility and divergence
- [ ] Test AuditPackExportService exports to JSON and ZIP formats with DSSE signing
## Verification
- **Verified**: 2026-02-13T20:30:00Z
- **Run**: run-001
- **Tier**: Tier 2d (Library/Internal)
- **Verdict**: PASS
Reference in New Issue View Git Blame Copy Permalink