crtx-verifier 0.1.0

Pure independent-witness reducer for trusted release/compliance evidence (ADR 0041).
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

//! Stable invariant names emitted by [`crate::verify`].
//!
//! Per ADR 0041 §"Stable failure taxonomy", these names appear verbatim in
//! machine-readable verifier output and in `Broken { edge: { invariant, ... } }`
//! payloads. Operators, downstream tests, and policy rules MUST be able to
//! key off these strings without scanning prose. Renaming any of them is a
//! contract break and requires an ADR.

/// A required witness class was not supplied for the claim kind.
pub const WITNESS_MISSING: &str = "verifier.witness.missing";

/// A witness asserted a subject digest that does not match the producer-supplied
/// `EvidenceInput::evidence_blake3`. Per ADR 0041 §"Subject binding".
pub const WITNESS_DISAGREEMENT: &str = "verifier.witness.disagreement";

/// A witness is older than the caller-supplied `max_age` window.
pub const WITNESS_STALE: &str = "verifier.witness.stale";

/// The witness's tier is below the minimum required for this evidence kind.
/// For release-readiness and compliance-evidence, remote-CI and reproducible-build
/// witnesses MUST be `ThirdParty`.
pub const WITNESS_TIER_INSUFFICIENT: &str = "verifier.witness.tier_insufficient";

/// Two witnesses share the same `authority_domain`, or a witness's declared
/// `authority_domain` does not match its `class`. Per ADR 0013
/// §"Invariant: what 'external' means" and ADR 0040 §"composition boundary".
pub const WITNESS_AUTHORITY_OVERLAP: &str = "verifier.witness.authority_overlap";

/// In-memory signature verification failed for at least one witness.
pub const WITNESS_SIGNATURE_INVALID: &str = "verifier.witness.signature_invalid";

/// Composition reduced the effective ceiling below the required ceiling for
/// this claim kind, even after every witness verified.
pub const COMPOSITION_CEILING_BELOW_REQUIRED: &str = "verifier.composition.ceiling_below_required";

/// An ADR 0026 policy outcome (`Reject` or `Quarantine`) overrides the verifier
/// output. The trust path falls closed independently of witness composition.
pub const COMPOSITION_POLICY_FAIL_CLOSED: &str = "verifier.composition.policy_fail_closed";