46 lines
4.1 KiB
Markdown
46 lines
4.1 KiB
Markdown
# Unified IEvidence Interface with Cross-Module Adapters
|
|
|
|
## Module
|
|
__Libraries
|
|
|
|
## Status
|
|
VERIFIED
|
|
|
|
## Description
|
|
Defines a unified IEvidence interface (SubjectNodeId, EvidenceType, EvidenceId, Payload, Signatures, Provenance) with EvidenceRecord implementation (content-addressed ID via SHA-256 of canonical JSON) and cross-module adapters (EvidenceBundleAdapter, EvidenceStatementAdapter, ProofSegmentAdapter, ExceptionApplicationAdapter). Enables "get evidence for node X" queries across all modules through IEvidenceStore.
|
|
|
|
## Implementation Details
|
|
- **IEvidence**: `src/__Libraries/StellaOps.Evidence.Core/IEvidence.cs` -- interface: `SubjectNodeId` (string, content-addressed subject identifier), `EvidenceType` (EvidenceType enum), `EvidenceId` (string, content-addressed sha256:...), `Payload` (ReadOnlyMemory<byte>), `Signatures` (IReadOnlyList<EvidenceSignature>), `Provenance` (EvidenceProvenance), `ExternalPayloadCid` (optional CID for external storage), `PayloadSchemaVersion` (string)
|
|
- **EvidenceRecord**: `src/__Libraries/StellaOps.Evidence.Core/EvidenceRecord.cs` -- sealed record implementing `IEvidence`; `Create(subjectNodeId, type, payload, generatorId, generatorVersion, generatedAt)` factory method; `ComputeEvidenceId()` computes SHA-256 of canonical JSON `{SubjectNodeId, EvidenceType, PayloadBase64, GeneratorId, GeneratorVersion, GeneratedAt}` -> `sha256:...` format; `VerifyIntegrity()` recomputes and compares ID
|
|
- **EvidenceType**: `src/__Libraries/StellaOps.Evidence.Core/EvidenceType.cs` -- enum of evidence types
|
|
- **EvidenceSignature**: `src/__Libraries/StellaOps.Evidence.Core/EvidenceSignature.cs` -- signature model with `SignerType`
|
|
- **EvidenceProvenance**: `src/__Libraries/StellaOps.Evidence.Core/EvidenceProvenance.cs` -- provenance model (generator, version, timestamp)
|
|
- **IEvidenceStore**: `src/__Libraries/StellaOps.Evidence.Core/IEvidenceStore.cs` -- storage interface: `StoreAsync(evidence)`, `StoreBatchAsync(records)`, `GetByIdAsync(evidenceId)`, `GetBySubjectAsync(subjectNodeId, typeFilter?)`, `GetByTypeAsync(evidenceType, limit)`, `ExistsAsync(subjectNodeId, type)`, `DeleteAsync(evidenceId)`, `CountBySubjectAsync(subjectNodeId)`; idempotent storage (duplicate IDs are no-ops)
|
|
- **InMemoryEvidenceStore**: `src/__Libraries/StellaOps.Evidence.Core/InMemoryEvidenceStore.cs` -- multi-partial: `.Store.cs`, `.Lookup.cs`, `.Delete.cs`, `.Subject.cs`; in-memory implementation for testing
|
|
- **Cross-Module Adapters** (`src/__Libraries/StellaOps.Evidence.Core/Adapters/`):
|
|
- **EvidenceBundleAdapter**: `.cs`, `.BinaryDiff.cs`, `.CallStack.cs`, `.Diff.cs`, `.GraphRevision.cs`, `.Provenance.cs`, `.Reachability.cs`, `.VexStatus.cs` -- adapts evidence bundles to IEvidence
|
|
- **EvidenceStatementAdapter**: `.cs`, `.Payload.cs` -- adapts in-toto statements to IEvidence; `EvidenceStatementInput` for input binding
|
|
- **ProofSegmentAdapter**: `.cs`, `.Payload.cs` -- adapts proof chain segments to IEvidence; `ProofSegmentInput` for input binding
|
|
- **ExceptionApplicationAdapter**: `.cs` -- adapts exception/override decisions to IEvidence
|
|
- **IEvidenceAdapter**: `.cs` -- adapter interface contract
|
|
- **EvidenceAdapterBase**: `.cs` -- base class for all adapters
|
|
- **Source**: SPRINT_8100_0012_0002_unified_evidence_model.md
|
|
|
|
## E2E Test Plan
|
|
- [ ] Verify EvidenceRecord.Create produces content-addressed EvidenceId (sha256:...)
|
|
- [ ] Test EvidenceRecord.VerifyIntegrity detects tampered records
|
|
- [ ] Verify IEvidenceStore.GetBySubjectAsync returns all evidence for a given subject node
|
|
- [ ] Test IEvidenceStore.StoreAsync is idempotent (duplicate EvidenceIds are no-ops)
|
|
- [ ] Verify EvidenceBundleAdapter correctly adapts bundle types (BinaryDiff, Reachability, VexStatus, etc.)
|
|
- [ ] Test EvidenceStatementAdapter converts in-toto statements to IEvidence format
|
|
- [ ] Verify ProofSegmentAdapter converts proof chain segments to IEvidence format
|
|
- [ ] Test cross-module query: evidence from different adapters can be queried uniformly via GetBySubjectAsync
|
|
|
|
|
|
## Verification
|
|
|
|
- **Verified**: 2026-02-13T20:30:00Z
|
|
- **Run**: run-001
|
|
- **Tier**: Tier 2d (Library/Internal)
|
|
- **Verdict**: PASS
|