Module events 

Canonical replayable frontier events.

Events are the authoritative record for user-visible state transitions in the finding-centered v0 kernel. Frontier snapshots remain the convenient materialized state, but checks and proof packets can validate the event log.

Structs

EventLogSummary

FindingEventInput

ReplayReport

RevocationPayload

Payload of an EVENT_KIND_KEY_REVOKE event. Carries the revoked Ed25519 pubkey (hex-encoded), the moment compromise was detected (ISO-8601), an optional replacement pubkey the actor is migrating to, and a free-form reason string. Stored on the event’s payload field; the event’s actor is the actor whose key is being revoked, and the event itself must be signed by a key that was authoritative before the revocation (typically a co-signer or the actor’s prior key — never the revoked key itself).

StateActor

StateEvent

StateTarget

Constants

EVENT_KIND_ARTIFACT_ASSERTED

Generic artifact lifecycle. Carries the full Artifact inline on payload.artifact so protocol snapshots can be replayed without resolving a sidecar file first.

EVENT_KIND_ARTIFACT_RETRACTED

EVENT_KIND_ARTIFACT_REVIEWED

EVENT_KIND_ATTESTATION_RECORDED

v0.79.4: Per-event attestation. The substrate’s existing frontier-wide signing path (vela attest <frontier>) is coarse-grained: it signs every unsigned finding under one key. Per-event attestation lets a reviewer or external verifier attest one specific canonical event (vev_*) by emitting a new attestation.recorded event that points at it.

EVENT_KIND_BRIDGE_REVIEWED

v0.67: Bridge review verdict. A reviewer confirms or refutes a vbr_* cross-frontier bridge by emitting this canonical event, which the reducer applies by setting the bridge’s status field. Pre-v0.67 bridge status was mutated by file write only; v0.67 makes the verdict an immutable canonical event so federation sync propagates it. Required payload: {bridge_id, status, note}. status must be one of confirmed or refuted.

EVENT_KIND_EVIDENCE_ATOM_LOCATOR_REPAIRED

v0.56: Mechanical evidence-atom locator repair. Targets a single evidence atom by id and sets its locator field to the value resolved from the parent source’s locator. Carries the resolved locator string and the source id it was derived from on the event payload so a fresh replay reconstructs the atom’s locator without needing to re-resolve the source.

EVENT_KIND_FINDING_ENTITY_ADDED

v0.79: Add a new entity to a finding’s assertion.entities after the finding was first asserted. Closes the v0.78.4 honest gap: the substrate previously could only attach entities at finding-creation time, so reviewers had to append new findings to add tags.

EVENT_KIND_FINDING_ENTITY_RESOLVED

v0.57: Entity resolution on a finding. Sets the canonical_id, resolution_method, resolution_provenance, and resolution_confidence fields on a single entity inside state.findings[i].assertion.entities, and clears the entity’s needs_review flag. Required payload: {proposal_id, entity_name, source, id, confidence} plus optional matched_name, resolution_method, resolution_provenance.

EVENT_KIND_FINDING_SPAN_REPAIRED

v0.57: Mechanical evidence-span repair on a finding. Appends one {section, text} span to state.findings[i].evidence.evidence_spans. Required payload: {proposal_id, section, text}. The reducer arm is idempotent under identical re-application (refuses to append an equal span twice on the same finding).

EVENT_KIND_FRONTIER_CONFLICT_RESOLVED

v0.59: Federation conflict resolution. Pairs with the existing frontier.conflict_detected event. The conflict event itself stays in the log unchanged (immutable history); the resolved event records the reviewer’s verdict, the conflict it pertains to, and an optional pointer at the winning proposal.

EVENT_KIND_KEY_REVOKE

v0.49: explicit event kind for actor-key revocation. Coalition governance promises that key compromise is handled by a signed RevocationEvent that names the key, the moment of compromise, and the recommended replacement. This constant pairs with RevocationPayload and new_revocation_event below.

EVENT_KIND_NEGATIVE_RESULT_ASSERTED

v0.49: NegativeResult lifecycle event kinds. Pair with the NegativeResult first-class object in bundle.rs. The substrate records nulls through the same proposal -> canonical event -> reducer pipeline as findings, so an underpowered Phase III readout and a confirmatory replication-failure both leave the same kind of auditable trace.

EVENT_KIND_NEGATIVE_RESULT_RETRACTED

EVENT_KIND_NEGATIVE_RESULT_REVIEWED

EVENT_KIND_PREDICTION_DEPOSITED

v0.70: Prediction deposit. Same shape as replication.deposited for Project.predictions. Deposits a Prediction record onto the frontier; reducer arm appends if vpred_* id is new. Required payload: {prediction} (the full Prediction record).

EVENT_KIND_REPLICATION_DEPOSITED

v0.70: Replication deposit. The substrate has had Replication as a first-class kernel object since v0.32 + vela replicate CLI, but the side-table mutation happened via direct file write. v0.70 makes the deposit event-driven so federation sync can propagate it. Reducer arm appends to Project.replications if the vrep_* id is not already present (idempotent under re-application). The CLI + Workbench paths emit this event; raw vrep_<id> entries on Project.replications from pre-v0.70 frontiers continue to load without an event. Required payload: {replication} (the full Replication record).

EVENT_KIND_TIER_SET

v0.51: Re-classify a finding/negative_result/trajectory’s read-side access tier. Audit-trail event for the dual-use channel: the fact that an object’s tier changed (and who changed it, when, with what reason) is itself part of the substrate’s accountability surface and must replay deterministically.

EVENT_KIND_TRAJECTORY_CREATED

v0.50: Trajectory lifecycle event kinds. Pair with the Trajectory first-class object in bundle.rs. The substrate records search paths through the same proposal -> canonical event -> reducer pipeline as findings, so an agent that explored five branches before arriving at a finding leaves a step-by-step audit the next agent can read instead of re-deriving.

EVENT_KIND_TRAJECTORY_RETRACTED

EVENT_KIND_TRAJECTORY_REVIEWED

EVENT_KIND_TRAJECTORY_STEP_APPENDED

EVENT_SCHEMA

NULL_HASH

Functions

compute_event_id

Public form of event_id so callers building non-finding events (e.g. the frontier.created genesis event in project::assemble) can compute the canonical event ID with the same canonical-JSON preimage shape as new_finding_event.

event_log_hash

events_for_finding

evidence_atom_hash

Canonical hash of one evidence atom. Mirrors finding_hash for the before/after pair on locator-repair events so a chain validator can confirm that exactly the named atom changed and exactly the named repair was applied.

evidence_atom_hash_by_id

finding_hash

finding_hash_by_id

new_bridge_reviewed_event

v0.67: build a bridge.reviewed event. Target is the bridge’s content-addressed id (vbr_*). Reducer arm projects the verdict onto the bridge’s status field on read.

new_evidence_atom_locator_repair_event

Construct an evidence_atom.locator_repaired event targeting an evidence atom by id. The payload carries the resolved locator and the parent source id so a fresh replay can both apply the repair and reconstruct its derivation. Returned event is unsigned; the caller signs it before persisting.

new_finding_event

new_frontier_conflict_resolved_event

v0.59: build a frontier.conflict_resolved event. Frontier-level observation; the target is the conflict’s frontier_id (same shape as frontier.synced_with_peer and frontier.conflict_detected).

new_revocation_event

Construct a signed-shape key.revoke event for the given actor. Mirrors new_finding_event in shape but targets an actor and carries a RevocationPayload in payload. The returned event is unsigned (caller signs it); event.id is the canonical content address of the unsigned shape.

replay_report

replay_report_json

snapshot_hash

summarize

validate_bridge_reviewed_against_state

v0.73: state-aware tightening of the bridge.reviewed validator.

validate_event_payload