Initialize repository snapshot
This commit is contained in:
Vault Sovereign
12
testvectors/sentinel/black-box-that-refused/README.md
Normal file
12
testvectors/sentinel/black-box-that-refused/README.md
Normal file
@@ -0,0 +1,12 @@
|
||||
# Black Box That Refused (Sentinel v1 testvector)
|
||||
|
||||
This directory is a deterministic, offline-verifiable Sentinel v1 seal bundle.
|
||||
|
||||
Scenario: A high-risk operation is attempted at 03:17 UTC and is denied with a ShadowReceipt (proof of restraint).
|
||||
|
||||
Verify:
|
||||
python3 ../../tools/vm_verify_sentinel_bundle.py --bundle .
|
||||
|
||||
Notes:
|
||||
- hash_algo: sha256 (no external dependencies)
|
||||
- canonicalization_version: sentinel-event-jcs-v1
|
||||
31
testvectors/sentinel/black-box-that-refused/integrity.json
Normal file
31
testvectors/sentinel/black-box-that-refused/integrity.json
Normal file
@@ -0,0 +1,31 @@
|
||||
{
|
||||
"files": [
|
||||
{
|
||||
"digest": "sha256:254b0df96e3ef1dd0639124eed3cebaa3947016e9f5b248bb2d959340f84ce88",
|
||||
"path": "README.md",
|
||||
"size_bytes": 422
|
||||
},
|
||||
{
|
||||
"digest": "sha256:d35ad9da08534fe90840055668967f1892d69bfed7e2de7a5e37b0ae39229602",
|
||||
"path": "receipts.jsonl",
|
||||
"size_bytes": 3944
|
||||
},
|
||||
{
|
||||
"digest": "sha256:8cbcf3b70d46dd3d79302489a0522d1468ac23ebdd1fcae5ea12643b6b909d92",
|
||||
"path": "roots.txt",
|
||||
"size_bytes": 460
|
||||
},
|
||||
{
|
||||
"digest": "sha256:a95af94b8b0a5e3f507e423183ca2dcc2460423a847a437fe4da56126ea901a2",
|
||||
"path": "seal.json",
|
||||
"size_bytes": 736
|
||||
},
|
||||
{
|
||||
"digest": "sha256:b68082e3fab021062c9084802c2438b74e8d3198caa8676e29af0b10be2baabd",
|
||||
"path": "verifier_manifest.json",
|
||||
"size_bytes": 239
|
||||
}
|
||||
],
|
||||
"format": "vm-sentinel-integrity-v1",
|
||||
"hash_algo": "sha256"
|
||||
}
|
||||
@@ -0,0 +1,5 @@
|
||||
{"actor":"did:vm:sentinel:demo","cap_hash":"none","event_hash":"sha256:1e90417fd3c5c703deb4c6a33f89b32cb17d579116b872ba4873b05080fdb6bc","event_id":"00000000-0000-4000-8000-000000000001","event_type":"boot_event","op":"sentinel.boot_event.v1","op_digest":"sha256:d5b3a96e7033a4d0dcf2b452826cbe950f80f354ee5166487312fba6fde10758","payload":{"params":{"canonicalization_version":"sentinel-event-jcs-v1","hash_algo":"sha256","schema_version":"1.0.0","sentinel_version":"0.1.0"}},"prev_event_hash":"0","result":"ok","seq":0,"trace_id":"11111111-1111-4111-8111-111111111111","ts":"2025-03-17T03:17:40Z"}
|
||||
{"actor":"did:vm:actor:cloudflare:ops","cap_hash":"none","event_hash":"sha256:28f1aa938399720d18a561be7aa376a5f08577bc700bf5348a8c3ce5a18e73a2","event_id":"00000000-0000-4000-8000-000000000002","event_type":"action_intent","op":"cloudflare.waf.apply_rule.v1","op_digest":"sha256:2054406539fc9904fd1f04ffe4c257174496f4c035a1a06b5156f888a9a84b3f","payload":{"params":{"action":"block","notes":"03:17 drift candidate","rule_id":"vm-demo-317","target":"api.example.com"},"policy":{"classification":"ambiguous","confidence_bp":7100,"note":"Ambiguous -> trending forbidden (03:17 incident)","reason_code":"invariant_drift"}},"prev_event_hash":"sha256:1e90417fd3c5c703deb4c6a33f89b32cb17d579116b872ba4873b05080fdb6bc","result":"ok","seq":1,"trace_id":"22222222-2222-4222-8222-222222222222","ts":"2025-03-17T03:17:42Z"}
|
||||
{"actor":"did:vm:sentinel:demo","cap_hash":"none","event_hash":"sha256:63035ec50c6f983e1803358384e49a6d3e7ab5bf54f8ef1f19aeec874dd90e63","event_id":"00000000-0000-4000-8000-000000000003","event_type":"shadow_receipt","op":"cloudflare.waf.apply_rule.v1","op_digest":"sha256:2054406539fc9904fd1f04ffe4c257174496f4c035a1a06b5156f888a9a84b3f","payload":{"constraints_applied":{"mode":"DEGRADED","scopes_narrowed":["cloudflare.waf.read"]},"context_snapshot_hash":"sha256:e1d3e26c9b2c38c77d44d9fe7ee1d24e955ad0f07c457373edd545265d54d757","energy":{"benefit_bp":700,"debit_units":1000},"params":{"action":"block","notes":"03:17 drift candidate","rule_id":"vm-demo-317","target":"api.example.com"},"reason_code":"unsafe_context","reason_text":"Cost exceeded probabilistic benefit; invariant drift containment","side_effects":"none","would_have_done":{"op":"cloudflare.waf.apply_rule.v1","op_digest":"sha256:2054406539fc9904fd1f04ffe4c257174496f4c035a1a06b5156f888a9a84b3f"}},"prev_event_hash":"sha256:28f1aa938399720d18a561be7aa376a5f08577bc700bf5348a8c3ce5a18e73a2","result":"deny","seq":2,"trace_id":"22222222-2222-4222-8222-222222222222","ts":"2025-03-17T03:17:43Z"}
|
||||
{"actor":"did:vm:sentinel:demo","cap_hash":"none","event_hash":"sha256:3ee6d2408d85c911ce3ea1af0bd8427a43910e10a6ffa22e1623b20b897fe487","event_id":"00000000-0000-4000-8000-000000000004","event_type":"root_published","op":"sentinel.root_published.v1","op_digest":"sha256:188abbdb94b993cf8e542d6dca2e760abe421698ebeda6bbac0c655cd6e21dda","payload":{"params":{"coverage_seq":2},"root_hex":"sha256:81841fe0288d58b04dcb9f1d3c11e84a246665befc67f93871f31b9ef2c8c9e3"},"prev_event_hash":"sha256:63035ec50c6f983e1803358384e49a6d3e7ab5bf54f8ef1f19aeec874dd90e63","result":"ok","seq":3,"trace_id":"33333333-3333-4333-8333-333333333333","ts":"2025-03-17T03:17:44Z"}
|
||||
{"actor":"did:vm:sentinel:demo","cap_hash":"none","event_hash":"sha256:1034ffe70214290d7e0c7fd5ec85a0f44872bf0d6d2bd87e0d5b04ad2c2a1f4b","event_id":"00000000-0000-4000-8000-000000000005","event_type":"seal_created","op":"sentinel.seal_created.v1","op_digest":"sha256:1e2e86210bc67f26758ce3101c860672b743566cbad53dc4c3a61b319b58e4f3","payload":{"params":{"canonicalization_version":"sentinel-event-jcs-v1","hash_algo":"sha256","seal_id":"ouroboros_seal_20250317_031742Z_black_box_that_refused","since_seq":0,"until_seq":4}},"prev_event_hash":"sha256:3ee6d2408d85c911ce3ea1af0bd8427a43910e10a6ffa22e1623b20b897fe487","result":"ok","seq":4,"trace_id":"44444444-4444-4444-8444-444444444444","ts":"2025-03-17T03:17:45Z"}
|
||||
6
testvectors/sentinel/black-box-that-refused/roots.txt
Normal file
6
testvectors/sentinel/black-box-that-refused/roots.txt
Normal file
@@ -0,0 +1,6 @@
|
||||
# Sentinel root history (seq -> merkle root)
|
||||
seq=0 root=sha256:1e90417fd3c5c703deb4c6a33f89b32cb17d579116b872ba4873b05080fdb6bc
|
||||
seq=1 root=sha256:701a1ae4b6c56b0508746a0f425947fa5ce3ed0554b9632d2ba993862d09553b
|
||||
seq=2 root=sha256:81841fe0288d58b04dcb9f1d3c11e84a246665befc67f93871f31b9ef2c8c9e3
|
||||
seq=3 root=sha256:2ef9222e3c9fceae815837584c2eda262e64df3fa5c1960e42914fa1fdd1f9be
|
||||
seq=4 root=sha256:b68479558afa41325a0a18f7087bca9549be90e61134bf5f584c598a956a6385
|
||||
1
testvectors/sentinel/black-box-that-refused/seal.json
Normal file
1
testvectors/sentinel/black-box-that-refused/seal.json
Normal file
@@ -0,0 +1 @@
|
||||
{"canonicalization_version":"sentinel-event-jcs-v1","created_at":"2025-03-17T03:17:42Z","files":{"integrity":"integrity.json","receipts":"receipts.jsonl","roots":"roots.txt","verifier_manifest":"verifier_manifest.json"},"format":"vm-sentinel-seal-v1","hash_algo":"sha256","instance_id":"did:vm:sentinel:demo","ledger_type":"jsonl","range":{"since_seq":0,"since_ts":"2025-03-17T03:17:40Z","until_seq":4,"until_ts":"2025-03-17T03:17:45Z"},"root":{"end":"sha256:b68479558afa41325a0a18f7087bca9549be90e61134bf5f584c598a956a6385","seq":4,"start":"sha256:2e1cfa82b035c26cbbbdae632cea070514eb8b773f616aaeaf668e2f0be8f10d"},"schema_version":"1.0.0","seal_id":"ouroboros_seal_20250317_031742Z_black_box_that_refused","sentinel_version":"0.1.0"}
|
||||
@@ -0,0 +1 @@
|
||||
{"canonicalization_version":"sentinel-event-jcs-v1","format":"vm-sentinel-verifier-manifest-v1","hash_algo":"sha256","schema_version":"1.0.0","sentinel_version":"0.1.0","verifier":{"name":"vm_verify_sentinel_bundle.py","version":"0.1.0"}}
|
||||
Reference in New Issue
Block a user