Skip to content

VALIDATION.md

Latest commit

 

History

History
212 lines (170 loc) · 10.6 KB

VALIDATION.md

File metadata and controls

212 lines (170 loc) · 10.6 KB

SCLite Validation

SCLite validation is local and public-safe. It does not run live targets.

The roadmap in ROADMAP.md preserves this boundary: scoped-ticket, receipt-bounded-evidence, trust-profile, carrier-profile, and review-bundle checks remain artifact validation/review surfaces unless explicitly implemented in an external runtime.

Fast local gate

python -m pip install -e '.[dev]'
scripts/dev_gate.sh

For Make users, make validate delegates to the same gate. The gate runs the public validation checklist, strict schema gate, guarded-strict security regression gate, public-truth validator, and full pytest.

Publication validation gate

Run the full public-safe checklist from the repository root:

scripts/public_validation_gate.sh
scripts/strict_schema_gate.sh
scripts/security_regression_gate.sh
python scripts/validate_public_truth.py
python -m pytest -q

The kernel_guard_hmac_v1 compatibility golden vector is under tests/golden/kernel_guard_hmac_v1/ and is enforced by tests/test_kernel_guard.py. It rebuilds the sidecar from fixed manifest, nonce, key, and key_id inputs, then compares the whole sidecar plus hard-coded entry tags and root tag. If canonical JSON, transcript fields, or HMAC inputs change without a new profile name, this test must fail.

Security regressions that define the guarded-strict threat boundary are grouped in:

scripts/security_regression_gate.sh

The gate uses only synthetic fixtures and test-local HMAC keys. It covers extra/duplicate lifecycle roles, artifact-body tampering, manifest metadata spoofing, root-chain-digest tampering, previous-tag tampering, nonce/key_id tampering, old guard reuse with changed manifest metadata, missing guard, and wrong guard key failures.

verification_result.v1 is validated in secure-bundle tests and strict schema validation. Its required layer statuses are artifact_chain, strict_lifecycle, kernel_guard, replay, public_identity, and runtime_enforcement; replay remains not_checked inside SCLite and identity/runtime authority remain not_claimed.

Security-model and profile-freeze claims are guarded by python scripts/validate_public_truth.py. The validator checks that SECURITY_MODEL.md, docs/SECURITY_PROFILES.md, SPEC.md, and README keep the current boundaries explicit:

  • kernel_guard_hmac_v1 is sidecar/domain-auth HMAC, not PKI;
  • guarded-strict is fail-closed secure-bundle verification;
  • replay freshness is not_checked in SCLite and belongs to GovEngine/host state;
  • transcript/canonicalization changes require a new profile name.

The dependency-free validator is intentionally a subset validator. It exists so SCLite can keep zero runtime dependencies and still validate the repository's simple schema shapes in offline/minimal environments. It is not a full JSON Schema Draft 2020-12 implementation.

JSON Schema keyword Dependency-free subset Strict jsonschema mode
const supported supported
enum supported supported
type supported, including simple type arrays supported
required supported supported
properties supported recursively supported
additionalProperties: false supported supported
items with one schema supported recursively supported
minLength supported supported
minimum supported supported
pattern, format, maxLength, maximum, oneOf, anyOf, allOf, not, if/then/else, dependentRequired, uniqueItems not implemented by the subset validator supported according to jsonschema behavior

For CI and release validation, run both:

scripts/public_validation_gate.sh
scripts/strict_schema_gate.sh

If strict mode and subset mode disagree, treat strict mode as authoritative for release readiness and either simplify the schema or add explicit implementation/tests for the missing subset keyword.

The scripts expand to the current lifecycle, ticket, profile, review-bundle, negative-bundle, and strict-schema checks. The superseded proof-trace fixture and its validation commands are retired; they are not part of this release gate or the installed package. The equivalent current command set starts with:

python -m sclite.cli validate-chain sclite/examples/contract-lifecycle-v0.2/artifact_chain_manifest.json
python -m sclite.cli verify-lifecycle sclite/examples/contract-lifecycle-v0.2/artifact_chain_manifest.json
python -m sclite.cli validate-ticket sclite/examples/scoped-ticket-v0.3/execution_ticket.json --contract sclite/examples/scoped-ticket-v0.3/execution_contract.json
python -m sclite.cli explain-ticket sclite/examples/scoped-ticket-v0.3/execution_ticket.json
python -m sclite.cli verify-ticket-use sclite/examples/scoped-ticket-v0.3/execution_ticket.json --contract sclite/examples/scoped-ticket-v0.3/execution_contract.json --receipt sclite/examples/scoped-ticket-v0.3/execution_receipt.json --evidence-contract sclite/examples/scoped-ticket-v0.3/evidence_contract.json
python -m sclite.cli review-lifecycle sclite/examples/contract-lifecycle-v0.2/artifact_chain_manifest.json --format json
python -m sclite.cli review examples/review-bundle --format json
python -m sclite.cli review examples/govengine-integration --format json --fail-on review
python -m sclite.cli review examples/local-admin-change --format json --fail-on review
python -m sclite.cli review examples/bad-review-bundle-cross-host --format json --fail-on none
python -m sclite.cli validate-trust-profile examples/govengine-integration/trust_profile_ref.json --subject examples/govengine-integration/04_execution_ticket.json
python -m sclite.cli validate-carrier-profile examples/govengine-integration/carrier_profile_ref.json --subject examples/govengine-integration/04_execution_ticket.json
python -m sclite.cli export-review-bundle examples/govengine-integration --format markdown
python -m sclite.cli validate-artifact --schema redaction_policy.v0.1 examples/redaction-policy/redaction_policy.json
python -m sclite.cli validate-artifact --schema redaction_receipt.v0.1 examples/redaction-receipt/redaction_receipt.json
python -m sclite.cli validate-artifact --schema public_validation_surface_index.v0.1 examples/public-validation-surface-index/public_validation_surface_index.json
python -m sclite.cli validate-artifact --schema public_snapshot_manifest.v0.1 examples/public-snapshot-manifest/public_snapshot_manifest.json
python -m pytest -q

verify-lifecycle is stricter than generic chain validation. It requires the canonical v0.2 lifecycle role sequence exactly, with no extra roles, duplicate roles, or changed order. validate-chain remains available for generic hash-chain verification; pass --strict-lifecycle when that command should also enforce lifecycle role strictness.

verify-guarded-chain is optional. It verifies a kernel_guard_hmac_v1 sidecar when a GovEngine/KERNEL-domain HMAC secret is available through --guard-key-env (default: SCLITE_KERNEL_GUARD_KEY). This command does not check replay freshness; GovEngine or another runtime must keep the replay store for root_tag, chain_id, ticket/run id, and key_id.

For runtime-consumable guarded bundles, prefer the fail-closed profile:

SCLITE_KERNEL_GUARD_KEY='local-test-secret' \
python -m sclite.cli verify-secure-bundle examples/govengine-integration \
  --guard /path/to/kernel_guard_manifest.json

verify-secure-bundle is guarded-strict: artifact-chain verification, strict lifecycle, kernel_guard_hmac_v1, manifest metadata binding, and fail-on-missing-guard. validate-chain, verify-lifecycle, review-lifecycle, and review also expose --require-guard / --fail-on-unguarded for callers that intentionally want guard preflight on those older commands.

Explicit --guard paths are resolved relative to the caller's current working directory. If --guard is omitted, SCLite looks for kernel_guard_manifest.json next to the manifest or review-bundle target. The public examples/govengine-integration fixture is intentionally unguarded; guard sidecars are produced by the host/GovEngine domain or by tests using synthetic local keys.

Public Python API

The frozen top-level Python import surface for the 1.0 line is documented in docs/PUBLIC_API.md and guarded by tests/test_public_api.py.

Review-bundle compatibility

The stable 0.5 review-bundle shape remains the downstream compatibility boundary for GovEngine and Ravenclaw on the 1.0 stable line. Consumers may rely on the canonical review_bundle directory shape, the review_record.v0.1 output contract, the sclite-review-bundle-v0.1 review profile, and review_bundle:<verdict>:<artifact_count>:<root_chain_digest> summary output. They must not assume a security fixture story, private fixture paths, runtime execution, trust authority, or adapter behavior from the bundle.

tests/test_review_bundles.py keeps the public-safe GovEngine integration and local-admin-change fixture families aligned at that contract level while their domain narratives remain different.

Expected result:

  • current lifecycle/review fixture validation passes;
  • v0.2 lifecycle chain validation and strict semantic lifecycle verification pass;
  • v0.3 scoped-ticket schema, binding, explanation, and static ticket-use checks pass;
  • lifecycle review records and lifecycle-aware Scope Fidelity checks are generated conservatively;
  • canonical review bundles validate and export to Markdown;
  • GovEngine integration fixture passes with --fail-on review;
  • local-admin-change fixture passes with --fail-on review and demonstrates the same lifecycle outside the security-domain fixture path;
  • the intentional cross-host negative fixture fails when --fail-on review is enforced;
  • public truth validation confirms the published 1.0.0 stable package line;
  • optional kernel_guard_hmac_v1 sidecar verification detects guard, metadata, sequence, previous-tag, and root-tag drift when a guard key is supplied;
  • secure-bundle verification fails closed on missing guard, loose lifecycle, metadata spoofing, and full-chain forgery attempts using an old guard;
  • artifact schema validation passes in default dependency-free mode and optional strict Draft 2020-12 mode;
  • hash and Scope Fidelity commands complete;
  • pytest passes.

Package build gate

Before any future PyPI/TestPyPI release:

python -m pip install build twine
python -m build
python -m twine check dist/*

Then test install from the generated wheel in a clean environment and confirm the distribution name sclite-core still imports as sclite.

Non-claims

Passing validation does not prove:

  • legal authorization;
  • live vulnerability evidence;
  • execution safety;
  • production deployment readiness;
  • adapter/protocol correctness.