stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
abbfe64bd71af5da1fe48b28c2a8d878111d9cc4
git.stella-ops.org/docs/modules/evidence-locker
History
master 8e1cb9448d consolidation of some of the modules, localization fixes, product advisories work, qa work
2026-03-05 03:54:22 +02:00
..
guides
compose and authority fixes. finish sprints.
2026-02-18 12:00:10 +02:00
samples
docs consolidation and others
2026-01-06 19:07:48 +02:00
schemas
save checkpoint
2026-02-11 01:32:14 +02:00
architecture.md
save checkpoint
2026-02-11 01:32:14 +02:00
attestation-contract.md
save checkpoint
2026-02-11 01:32:14 +02:00
attestation-scope-note.md
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
bundle-packaging.md
product advisories add change contiang folder
2026-01-08 09:06:03 +02:00
bundle-packaging.schema.json
feat: Add native binary analyzer test utilities and implement SM2 signing tests
2025-12-07 13:12:41 +02:00
CHANGELOG.md
Add signal contracts for reachability, exploitability, trust, and unknown symbols
2025-12-05 00:27:00 +02:00
compliance-checklist.md
Add unit tests for SBOM ingestion and transformation
2025-11-04 07:49:39 +02:00
eb-gaps-161-007-plan.md
product advisories add change contiang folder
2026-01-08 09:06:03 +02:00
evidence-bundle-v1.md
docs consolidation
2026-01-07 10:23:21 +02:00
export-format.md
compose and authority fixes. finish sprints.
2026-02-18 12:00:10 +02:00
incident-mode.md
feat(graph): introduce graph.inspect.v1 contract and schema for SBOM relationships
2025-12-04 09:36:59 +02:00
portable-audit-pack-cli-runbook.md
save checkpoint
2026-02-11 01:32:14 +02:00
portable-audit-pack-compatibility.md
save checkpoint
2026-02-11 01:32:14 +02:00
portable-audit-pack-contract.md
save checkpoint
2026-02-11 01:32:14 +02:00
portable-audit-pack-determinism.md
save checkpoint
2026-02-11 01:32:14 +02:00
portable-audit-pack-parquet-profile.md
save checkpoint
2026-02-11 01:32:14 +02:00
portable-audit-pack-rekor-offline.md
save checkpoint
2026-02-11 01:32:14 +02:00
portable-audit-pack-test-matrix.md
save checkpoint
2026-02-11 01:32:14 +02:00
promotion-evidence-contract.md
consolidation of some of the modules, localization fixes, product advisories work, qa work
2026-03-05 03:54:22 +02:00
README.md
save checkpoint
2026-02-11 01:32:14 +02:00
replay-payload-contract.md
feat(graph): introduce graph.inspect.v1 contract and schema for SBOM relationships
2025-12-04 09:36:59 +02:00
verify-offline.md
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00

README.md

EvidenceLocker

Status: Implemented Source: src/EvidenceLocker/ Owner: Platform Team

Purpose

EvidenceLocker provides sealed, immutable storage for vulnerability scan evidence and audit logs. Ensures tamper-proof evidence chains for compliance and forensic analysis with content-addressable storage and cryptographic sealing.

Components

Services:

  • StellaOps.EvidenceLocker.WebService - HTTP API for evidence submission and retrieval
  • StellaOps.EvidenceLocker.Worker - Background sealing and archival workers

Libraries:

  • StellaOps.EvidenceLocker.Core - Evidence sealing, verification, and chain validation
  • StellaOps.EvidenceLocker.Infrastructure - Storage adapters and evidence bundle management

Configuration

See etc/evidence-locker.yaml.sample for configuration options (if available).

Key settings:

  • Storage backend (filesystem, object storage)
  • Sealing policy (immediate vs. batch)
  • Retention policies
  • Export destinations
  • Authority integration for access control

Dependencies

  • PostgreSQL (schema: evidence_locker)
  • Authority (authentication and authorization)
  • Signer (cryptographic sealing operations)
  • ExportCenter (evidence bundle export)

Related Documentation

  • Operations: ./operations/ (if exists)
  • Portable pack contract: ./portable-audit-pack-contract.md
  • Portable manifest schema: ./schemas/portable-audit-pack-manifest.v1.schema.json
  • Portable compatibility mapping: ./portable-audit-pack-compatibility.md
  • Portable determinism profile: ./portable-audit-pack-determinism.md
  • Portable Rekor offline profile: ./portable-audit-pack-rekor-offline.md
  • Portable CLI runbook: ./portable-audit-pack-cli-runbook.md
  • Portable Parquet profile: ./portable-audit-pack-parquet-profile.md
  • Portable verification matrix: ./portable-audit-pack-test-matrix.md
  • Promotion evidence contract: ./promotion-evidence-contract.md
  • ExportCenter: ../export-center/
  • Attestor: ../attestor/
  • High-Level Architecture: ../../ARCHITECTURE_OVERVIEW.md

Current Status

Implemented with WebService and Worker components. Supports sealed evidence storage with cryptographic verification. Integrated with ExportCenter for audit bundle generation.