Runbook: Anchor Doctrine to Civilization Ledger

Purpose

Produce tamper-evident, witness-backed receipts for doctrine files so audits can verify: git state ↔ signed entry ↔ inclusion proof ↔ witness attestation.

Preconditions

Access/role required: operator key + (optional) witness key.
Systems required:
- ops/ working tree
- Civilization Ledger CLI (ledger)
Expected safe state:
- No plaintext secrets in ops/ or civilization-ledger/
- Doctrine files have been reviewed and are ready to anchor
Time estimate: 2–5 minutes

Steps

Build the ledger CLI if needed:

cd ../civilization-ledger
cargo build -p ledger-cli

Choose a ledger directory (persistent, not inside Git), e.g.:
```
export LEDGER_DIR="$HOME/.local/share/civ-ledger/ops-law"
```

Ensure keys exist (store outside Git):

mkdir -p ~/.config/civ-ledger/keys
ledger keygen --out ~/.config/civ-ledger/keys/operator.json
ledger keygen --out ~/.config/civ-ledger/keys/witness.json

Anchor doctrine and emit receipts into ops/70-audits/reports/ledger/:

cd ops
./80-automation/scripts/anchor-doctrine-to-ledger.sh \
  --ledger-dir "$LEDGER_DIR" \
  --operator-key ~/.config/civ-ledger/keys/operator.json \
  --witness-key ~/.config/civ-ledger/keys/witness.json

(Optional) Commit the receipts as audit evidence:

git add 70-audits/reports/ledger
git commit -m "audit: anchor doctrine receipts"

Validation

Receipts exist under 70-audits/reports/ledger/.

Each receipt passes verification:

ledger verify-receipt --receipt 70-audits/reports/ledger/<receipt>.json --require-attestation

Rollback / Abort

Ledger writes are append-only. If you anchored something you didn’t intend:
- correct the doctrine in Git,
- anchor again (new entry),
- record the supersession in audit notes.

Evidence

Receipt files: 70-audits/reports/ledger/*.receipt.json
(Optional) ledger verify-attestations --dir "$LEDGER_DIR" --format json output

2.1 KiB Raw Permalink Blame History Unescape Escape