2.7 KiB
2.7 KiB
Binary Proof Verification Pipeline
Module
BinaryIndex
Status
PARTIALLY_IMPLEMENTED
Description
Full binary proof verification with ground truth sources (buildinfo, debuginfod, reproducible builds), validation, and golden set testing.
Implementation Details
- Modules:
src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/,src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Validation/,src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Validation.Abstractions/ - Key Classes:
ValidationHarnessService(src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/ValidationHarnessService.cs) - orchestrates reproducible-build-based validation runsValidationHarness(src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Validation/ValidationHarness.cs) - main validation harness with matcher adapter factory integrationKpiRegressionService(src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/Services/KpiRegressionService.cs) - KPI regression detection across validation runsGroundTruthProvenanceResolver(src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/Provenance/GroundTruthProvenanceResolver.cs) - resolves symbol provenance from ground truth sources
- Interfaces:
IValidationHarness(src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Validation.Abstractions/IValidationHarness.cs),IKpiRegressionService,ISymbolProvenanceResolver - Registration:
ServiceCollectionExtensions.AddCorpusBundleExport/Importfor bundle exchange
E2E Test Plan
- Run a validation harness against a known binary pair and verify proof correctness
- Verify ground truth resolution from buildinfo sources produces correct provenance data
- Verify KPI regression service detects accuracy drops between validation runs
- Verify golden set validation produces deterministic, reproducible results
- Verify corpus bundle export/import round-trips correctly
- Verify validation run attestor generates valid attestation predicates with corpus snapshot IDs
Verification Outcome (run-001)
- Tier 0/1/2 artifacts: docs/qa/feature-checks/runs/binaryindex/binary-proof-verification-pipeline/run-001/
- Result: not implemented at claim parity.
- Missing behavior:
- ValidationHarnessService still uses placeholder stubs for symbol recovery, IR lifting, fingerprint generation, function matching, and SBOM hash calculation.
- Validation matcher adapters (SemanticDiff, InstructionHash, CallGraph) are TODO-backed placeholders with synthetic scores instead of production matching logic.
- Current tests explicitly validate scaffold behavior (skeleton contract), so passing suites do not prove the full proof-verification contract described in this dossier.