3.9 KiB
3.9 KiB
Unified IEvidence Interface with Cross-Module Adapters
Module
__Libraries
Status
IMPLEMENTED
Description
Defines a unified IEvidence interface (SubjectNodeId, EvidenceType, EvidenceId, Payload, Signatures, Provenance) with EvidenceRecord implementation (content-addressed ID via SHA-256 of canonical JSON) and cross-module adapters (EvidenceBundleAdapter, EvidenceStatementAdapter, ProofSegmentAdapter, ExceptionApplicationAdapter). Enables "get evidence for node X" queries across all modules through IEvidenceStore.
Implementation Details
- IEvidence:
src/__Libraries/StellaOps.Evidence.Core/IEvidence.cs-- interface:SubjectNodeId(string, content-addressed subject identifier),EvidenceType(EvidenceType enum),EvidenceId(string, content-addressed sha256:...),Payload(ReadOnlyMemory),Signatures(IReadOnlyList),Provenance(EvidenceProvenance),ExternalPayloadCid(optional CID for external storage),PayloadSchemaVersion(string) - EvidenceRecord:
src/__Libraries/StellaOps.Evidence.Core/EvidenceRecord.cs-- sealed record implementingIEvidence;Create(subjectNodeId, type, payload, generatorId, generatorVersion, generatedAt)factory method;ComputeEvidenceId()computes SHA-256 of canonical JSON{SubjectNodeId, EvidenceType, PayloadBase64, GeneratorId, GeneratorVersion, GeneratedAt}->sha256:...format;VerifyIntegrity()recomputes and compares ID - EvidenceType:
src/__Libraries/StellaOps.Evidence.Core/EvidenceType.cs-- enum of evidence types - EvidenceSignature:
src/__Libraries/StellaOps.Evidence.Core/EvidenceSignature.cs-- signature model withSignerType - EvidenceProvenance:
src/__Libraries/StellaOps.Evidence.Core/EvidenceProvenance.cs-- provenance model (generator, version, timestamp) - IEvidenceStore:
src/__Libraries/StellaOps.Evidence.Core/IEvidenceStore.cs-- storage interface:StoreAsync(evidence),StoreBatchAsync(records),GetByIdAsync(evidenceId),GetBySubjectAsync(subjectNodeId, typeFilter?),GetByTypeAsync(evidenceType, limit),ExistsAsync(subjectNodeId, type),DeleteAsync(evidenceId),CountBySubjectAsync(subjectNodeId); idempotent storage (duplicate IDs are no-ops) - InMemoryEvidenceStore:
src/__Libraries/StellaOps.Evidence.Core/InMemoryEvidenceStore.cs-- multi-partial:.Store.cs,.Lookup.cs,.Delete.cs,.Subject.cs; in-memory implementation for testing - Cross-Module Adapters (
src/__Libraries/StellaOps.Evidence.Core/Adapters/):- EvidenceBundleAdapter:
.cs,.BinaryDiff.cs,.CallStack.cs,.Diff.cs,.GraphRevision.cs,.Provenance.cs,.Reachability.cs,.VexStatus.cs-- adapts evidence bundles to IEvidence - EvidenceStatementAdapter:
.cs,.Payload.cs-- adapts in-toto statements to IEvidence;EvidenceStatementInputfor input binding - ProofSegmentAdapter:
.cs,.Payload.cs-- adapts proof chain segments to IEvidence;ProofSegmentInputfor input binding - ExceptionApplicationAdapter:
.cs-- adapts exception/override decisions to IEvidence - IEvidenceAdapter:
.cs-- adapter interface contract - EvidenceAdapterBase:
.cs-- base class for all adapters
- EvidenceBundleAdapter:
- Source: SPRINT_8100_0012_0002_unified_evidence_model.md
E2E Test Plan
- Verify EvidenceRecord.Create produces content-addressed EvidenceId (sha256:...)
- Test EvidenceRecord.VerifyIntegrity detects tampered records
- Verify IEvidenceStore.GetBySubjectAsync returns all evidence for a given subject node
- Test IEvidenceStore.StoreAsync is idempotent (duplicate EvidenceIds are no-ops)
- Verify EvidenceBundleAdapter correctly adapts bundle types (BinaryDiff, Reachability, VexStatus, etc.)
- Test EvidenceStatementAdapter converts in-toto statements to IEvidence format
- Verify ProofSegmentAdapter converts proof chain segments to IEvidence format
- Test cross-module query: evidence from different adapters can be queried uniformly via GetBySubjectAsync