Documentation
¶
Index ¶
- func CanonicalJSON(v any) ([]byte, error)
- func ComputeEventHash(e *AuditEvent) (string, error)
- func VerifyAuditIntegrity(ctx context.Context, envelopeRepo EnvelopeRepository, ...) error
- type AuditEvent
- type AuditEventRepository
- type AuditEventType
- type AuditRepository
- type EnvelopeRepository
- type EventPerformerType
- type MemoryRepository
- type PostgresRepository
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CanonicalJSON ¶
func ComputeEventHash ¶
func ComputeEventHash(e *AuditEvent) (string, error)
func VerifyAuditIntegrity ¶
func VerifyAuditIntegrity( ctx context.Context, envelopeRepo EnvelopeRepository, auditRepo AuditRepository, ) error
VerifyAuditIntegrity checks that all envelopes have complete, valid audit trails.
Types ¶
type AuditEvent ¶
type AuditEvent struct {
ID string
EnvelopeID string
RequestSource string // Schema v2.1: source system identifier
RequestID string
SequenceNo int
EventType AuditEventType
PerformedByType EventPerformerType
PerformedByID string
Payload map[string]any
OccurredAt time.Time
PrevHash string
EventHash string
// Hash is an alias for EventHash used by the orchestrator integrity tracking.
// Both fields refer to the same value; repositories populate EventHash and
// the orchestrator reads Hash. They are kept in sync by the Append methods.
Hash string
}
func NewEvent ¶
func NewEvent( envelopeID string, requestSource string, requestID string, eventType AuditEventType, performerType EventPerformerType, performerID string, payload map[string]any, ) *AuditEvent
NewEvent creates a new audit event with schema v2.1 request scoping.
type AuditEventRepository ¶
type AuditEventRepository interface {
Append(ctx context.Context, ev *AuditEvent) error
ListByEnvelopeID(ctx context.Context, envelopeID string) ([]*AuditEvent, error)
ListByRequestID(ctx context.Context, requestID string) ([]*AuditEvent, error)
}
type AuditEventType ¶
type AuditEventType string
const ( AuditEventEnvelopeCreated AuditEventType = "ENVELOPE_CREATED" AuditEventEvaluationStarted AuditEventType = "EVALUATION_STARTED" // RECEIVED → EVALUATING AuditEventOutcomeRecorded AuditEventType = "OUTCOME_RECORDED" // EVALUATING → OUTCOME_RECORDED or ESCALATED AuditEventEscalationPending AuditEventType = "ESCALATION_PENDING" // ESCALATED → AWAITING_REVIEW AuditEventEnvelopeClosed AuditEventType = "ENVELOPE_CLOSED" // any → CLOSED (normal and escalated paths) AuditEventEscalationReviewed AuditEventType = "ESCALATION_REVIEWED" // review decision recorded before close AuditEventSurfaceResolved AuditEventType = "SURFACE_RESOLVED" AuditEventAgentResolved AuditEventType = "AGENT_RESOLVED" AuditEventAuthorityChainResolved AuditEventType = "AUTHORITY_CHAIN_RESOLVED" AuditEventContextValidated AuditEventType = "CONTEXT_VALIDATED" AuditEventConfidenceChecked AuditEventType = "CONFIDENCE_CHECKED" AuditEventConsequenceChecked AuditEventType = "CONSEQUENCE_CHECKED" AuditEventPolicyEvaluated AuditEventType = "POLICY_EVALUATED" // Deprecated: use AuditEventEvaluationStarted, AuditEventOutcomeRecorded, // AuditEventEscalationPending, or AuditEventEnvelopeClosed. AuditEventStateTransitioned AuditEventType = "STATE_TRANSITIONED" )
type AuditRepository ¶
type AuditRepository interface {
ListByEnvelopeID(ctx context.Context, envelopeID string) ([]*AuditEvent, error)
}
AuditRepository is the minimal interface needed for integrity verification.
type EnvelopeRepository ¶
type EventPerformerType ¶
type EventPerformerType string
EventPerformerType identifies who emitted or executed an audit event.
const ( // Event emitted by the MIDAS system itself EventPerformerSystem EventPerformerType = "system" // Event emitted by an autonomous agent EventPerformerAgent EventPerformerType = "agent" // Event emitted by a human reviewer EventPerformerReviewer EventPerformerType = "reviewer" )
type MemoryRepository ¶
type MemoryRepository struct {
// contains filtered or unexported fields
}
func NewMemoryRepository ¶
func NewMemoryRepository() *MemoryRepository
func (*MemoryRepository) Append ¶
func (r *MemoryRepository) Append(ctx context.Context, ev *AuditEvent) error
func (*MemoryRepository) ListByEnvelopeID ¶
func (r *MemoryRepository) ListByEnvelopeID(ctx context.Context, envelopeID string) ([]*AuditEvent, error)
func (*MemoryRepository) ListByRequestID ¶
func (r *MemoryRepository) ListByRequestID(ctx context.Context, requestID string) ([]*AuditEvent, error)
type PostgresRepository ¶
type PostgresRepository struct {
// contains filtered or unexported fields
}
func NewPostgresRepository ¶
func NewPostgresRepository(db sqltx.DBTX) *PostgresRepository
func (*PostgresRepository) Append ¶
func (r *PostgresRepository) Append(ctx context.Context, ev *AuditEvent) error
func (*PostgresRepository) ListByEnvelopeID ¶
func (r *PostgresRepository) ListByEnvelopeID(ctx context.Context, envelopeID string) ([]*AuditEvent, error)
func (*PostgresRepository) ListByRequestID ¶
func (r *PostgresRepository) ListByRequestID(ctx context.Context, requestID string) ([]*AuditEvent, error)
Source Files
Click to show internal directories.
Click to hide internal directories.