Struct SignedEvent 

pub struct SignedEvent {
    pub id: String,
    pub agent_id: String,
    pub event_type: String,
    pub payload_hash: Vec<u8>,
    pub signature: Option<Vec<u8>>,
    pub attest_level: String,
    pub timestamp: String,
    pub prev_hash: Vec<u8>,
    pub sequence: i64,
}

One row of the signed_events audit table.

id is a UUIDv4 minted by the writer; payload_hash is the 32-byte SHA-256 over the canonical-CBOR bytes that H2 hashed for the original signature; signature mirrors the source row’s memory_links.signature (NULL when the source write was unsigned).

prev_hash and sequence are populated by append_signed_event (writer fills them from the current chain head — callers MUST NOT set them) and by [row_to_event] on read (selecting back rows from the table).

Fields

id: String

agent_id: String

event_type: String

payload_hash: Vec<u8>

signature: Option<Vec<u8>>

attest_level: String

timestamp: String

prev_hash: Vec<u8>

v34 — SHA-256 (32 bytes) over the canonical-bytes encoding of the preceding row, or 32 zero bytes for the first row. Filled by append_signed_event at insert time; callers MUST NOT pre-populate this field — any value set by the caller is ignored. Use ..SignedEvent::default() at the struct-literal tail to leave this empty.

sequence: i64

v34 — monotonically-increasing chain rank starting at 1. Filled by append_signed_event at insert time; callers MUST NOT pre-populate this field — any value set by the caller is ignored. Use ..SignedEvent::default() at the struct-literal tail to leave this zero.

Implementations

impl SignedEvent

pub fn with_daemon_signature( payload_hash: Vec<u8>, agent_id: String, event_type: String, timestamp: String, ) -> Self

v0.7.0 #1099 (SR-1 #4, HIGH) — build a SignedEvent that consults the process-wide daemon audit signing key (installed at boot via crate::governance::audit::init) and applies it to payload_hash. When a key is installed, the returned row carries signature: Some(sig_bytes) + attest_level: "daemon_signed"; when no key is installed, falls back to signature: None, attest_level: "unsigned".

Homogenises every production audit-row writer (pending_action approve/reject/timeout, federation.quota_refused on both sqlite + postgres paths, governance.check) so a downstream auditor sees per-row signatures matching the daemon’s VerifyingKey and the cross-row chain head together.

The other chain columns (prev_hash, sequence) are left at their defaults — append_signed_event fills them at INSERT time. Callers MUST NOT pre-populate them.

Trait Implementations

impl Clone for SignedEvent

fn clone(&self) -> SignedEvent

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for SignedEvent

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for SignedEvent

fn default() -> SignedEvent

Returns the “default value” for a type.

impl Eq for SignedEvent

impl PartialEq for SignedEvent

fn eq(&self, other: &SignedEvent) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for SignedEvent