stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9ca2de05dff9c7db11eb49df6d4e47bbfe7a99f6
git.stella-ops.org/docs/features/checked/binaryindex/delta-signature-predicates.md
master 5bca406787 save checkpoint: save features
2026-02-12 10:27:23 +02:00

2.9 KiB
Raw Blame History

Delta-Signature Predicates (Function-Level Binary Diffs)

Module

BinaryIndex

Status

VERIFIED

Description

Function-level delta signature predicates (v1 and v2) with signature generation, matching, and symbol change tracing. V2 adds symbol provenance and IR diffs, which is architecturally superior to the byte-level hunks proposed in the advisory.

Implementation Details

  • Modules: src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/
  • Key Classes:
    • DeltaSigPredicate (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/Attestation/DeltaSigPredicate.cs) - V1 predicate for attestation
    • DeltaSigPredicateV2 (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/Attestation/DeltaSigPredicateV2.cs) - V2 predicate with symbol provenance and IR diff support
    • DeltaSigPredicateConverter (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/Attestation/DeltaSigPredicateConverter.cs) - converts between predicate versions
    • DeltaSigAttestorIntegration (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/Attestation/DeltaSigAttestorIntegration.cs) - integrates delta-sig predicates with the Attestor module
    • GroundTruthProvenanceResolver (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/Provenance/GroundTruthProvenanceResolver.cs) - enriches matches with symbol provenance data
    • CfgExtractor (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/CfgExtractor.cs) - extracts control flow graphs for delta-sig generation
  • Models: Models.cs in DeltaSig namespace - function match records, signature models
  • VEX Integration: DeltaSigVexBridge (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/VexIntegration/)

E2E Test Plan

  • Generate a V1 delta-sig predicate and verify it contains function-level diff data
  • Generate a V2 delta-sig predicate and verify it includes symbol provenance and IR diff metadata
  • Convert between V1 and V2 predicates via DeltaSigPredicateConverter and verify data fidelity
  • Verify DeltaSigAttestorIntegration produces valid attestation predicates for the Attestor module
  • Verify GroundTruthProvenanceResolver enriches function matches with provenance sources
  • Verify V2 predicates flow into VEX observations via DeltaSigVexBridge

Verification

  • Tier 0/1/2 artifacts: docs/qa/feature-checks/runs/binaryindex/delta-signature-predicates/run-001/.
  • Result: verified.
  • Evidence summary:
    • tier1-test-deltasig.log: Passed 132/132.
    • tier1-test-vexbridge.log: Passed 29/29.
    • tier2-test-deltasig.log: Passed 132/132.
    • tier2-test-vexbridge.log: Passed 29/29.
  • Note: feature dossier key-class naming references DeltaSigAttestorIntegration; implementation currently exposes attestation integration behavior through IDeltaSigAttestorService and DeltaSigEnvelopeBuilder in DeltaSigAttestorIntegration.cs.