stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
fdf95e0f46a5c12e38590a9b57faecf646d16e2d
git.stella-ops.org/docs/modules/signer/README.md
master fdf95e0f46 docs: module dossier + install/quickstart sync for truthful cutover sprints 
- API_CLI_REFERENCE.md, INSTALL_GUIDE.md, quickstart.md, architecture/integrations.md, dev/DEV_ENVIRONMENT_SETUP.md, integrations/LOCAL_SERVICES.md: reflect real-service wiring.
- docs/modules/**: module dossier updates across the modules touched by SPRINT_20260415_001..007 + SPRINT_20260416_003..017 + SPRINT_20260417_018..024 + SPRINT_20260418_025 + SPRINT_20260419_026.
- docs/features/checked/web/**: update feature notes where UI changed.
- docs/qa/feature-checks/runs/web/evidence-presentation-ux/: QA evidence artifacts.
- docs/setup/**, docs/technical/**: align with setup wizard contracts.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-19 14:45:09 +03:00

21 lines
1.3 KiB
Markdown
Raw Blame History

# StellaOps Signer (Relocated)
> **Sprint 204 (2026-03-04):** The Signer module source has been consolidated under the Attestor trust domain.
> Source code is now at `src/Attestor/StellaOps.Signer/`.
> Architecture documentation is now in the [Attestor architecture dossier](../attestor/architecture.md#trust-domain-model-sprint-204----2026-03-04).
> Archived standalone docs are in `docs-archived/modules/signer/`.
## Runtime Identity (unchanged)
- Docker image: `stellaops/signer:dev`
- API base path: `/api/v1/signer/`
- DSSE signing endpoint: `POST /api/v1/signer/sign/dsse`
- Database schema: `signer` (includes ceremony state plus key-management tables such as `trust_anchors`, `key_history`, and `key_audit_log`)
- Authentication: Authority resource-server auth in live hosts; stub bearer auth is isolated to `Testing`
## Why the move
Signer, Attestor, and Provenance form the trust domain -- the set of services responsible for cryptographic evidence production, transparency logging, and verification. Consolidating source ownership under `src/Attestor/` makes trust-boundary responsibilities explicit while preserving runtime isolation between Signer state and Attestor evidence state.
See the [Trust Domain Model ADR](../attestor/architecture.md#security-boundary-no-merge-decision-adr) for the no-merge rationale.
Reference in New Issue View Git Blame Copy Permalink