Module audit_spool 

AUDIT spool — binary length-prefixed envelope file with CRC32C tail integrity. Spec 11 § 6.4.

Format:

audit-spool-record := u32_le_length || ObsEnvelope_buffa_bytes
audit-spool-file   := record* (no header)
audit-spool-crc    := u32_le crc per record (parallel `.crc` file)

std::fs is used synchronously here because the AUDIT path runs on the emit thread (spec 11 § 6.4 documents the blocking trade-off); switching to tokio::fs would require a block_on round-trip per envelope, defeating the latency budget.

Structs

RecoveryReport

Outcome of recovering one spool file.

SpoolWriter

One spool batch is bounded by record count or wall-clock time; larger of the two is kept simple here.

Functions

crc32c

Compute CRC32C (Castagnoli). Software implementation, fast enough for the AUDIT path’s bounded throughput.

recover

Walk dir for any *.audit.bin files, validate each record’s CRC32C, and feed valid records to consume. CRC-mismatched tails are discarded; the .audit.bin and .crc files are deleted only after consume returns Ok(()) for every valid record.