stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
fa4823f46c4bc090294580a9136fb6b0e11e50f9
git.stella-ops.org/docs/features/unchecked/attestor/reachability-graph-service.md

2.5 KiB
Raw Blame History

Reachability Graph Service (Slice and Replay)

Module

Attestor

Status

IMPLEMENTED

Description

Full reachability graph service with slice extraction, deterministic replay, storage, and REST API.

Implementation Details

  • Reachability Subgraph Predicate: src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Predicates/ReachabilitySubgraphPredicate.cs -- predicate for attested reachability subgraphs (slices).
  • Reachability Subgraph Statement: Statements/ReachabilitySubgraphStatement.cs -- in-toto statement wrapping the subgraph slice.
  • Proof Graph Service: Graph/InMemoryProofGraphService.cs (with .Queries, .Subgraph) -- graph service supporting subgraph extraction (slice).
  • Graph Path: Graph/ProofGraphPath.cs -- path through the reachability graph.
  • Graph Subgraph: Graph/ProofGraphSubgraph.cs -- extracted minimal subgraph.
  • Replay Manifest: Replay/AIArtifactReplayManifest.cs -- manifest for deterministic replay of reachability analysis.
  • Replay Result: Replay/ReplayResult.cs -- result of replaying a reachability analysis.
  • Replay Verification: Replay/ReplayVerificationResult.cs -- verification of replay fidelity.
  • Replay Status: Replay/ReplayStatus.cs -- enum tracking replay outcome.
  • Replay Input Artifact: Replay/ReplayInputArtifact.cs -- input artifact for replay (graph data, configuration).
  • Witness Payload: Statements/ReachabilityWitnessPayload.cs (with .Path) -- witness data for reachability paths.
  • REST API: StellaOps.Attestor.WebService/Controllers/ChainController.cs -- API for querying reachability chains.
  • Tests: __Tests/StellaOps.Attestor.ProofChain.Tests/ReachabilitySubgraphTests.cs

E2E Test Plan

  • Extract a reachability slice from a proof graph via InMemoryProofGraphService.Subgraph and verify the minimal subgraph
  • Build a ReachabilitySubgraphPredicate from the extracted slice and sign it into a DSSE envelope
  • Replay a reachability analysis via AIArtifactReplayManifest and verify ReplayResult matches the original
  • Verify replay fidelity via ReplayVerificationResult and confirm the replayed graph matches the original
  • Query a reachability chain via ChainController REST API and verify the response contains path data
  • Store a reachability subgraph attestation and retrieve it by subject digest
  • Create ReplayInputArtifact entries for a reachability analysis and verify all inputs are captured for replay