|
| 1 | +{ |
| 2 | + "$schema": "https://json-schema.org/draft/2020-12/schema", |
| 3 | + "$id": "https://schemas.srcos.ai/v2/AuditAnchorRecord.json", |
| 4 | + "title": "AuditAnchorRecord", |
| 5 | + "description": "An append-only audit anchoring record that binds an entry digest into a rolling root together with witness and media references.", |
| 6 | + "type": "object", |
| 7 | + "additionalProperties": false, |
| 8 | + "required": [ |
| 9 | + "id", |
| 10 | + "type", |
| 11 | + "specVersion", |
| 12 | + "targetId", |
| 13 | + "recordType", |
| 14 | + "entryHash", |
| 15 | + "root", |
| 16 | + "anchoredAt" |
| 17 | + ], |
| 18 | + "properties": { |
| 19 | + "id": { |
| 20 | + "type": "string", |
| 21 | + "pattern": "^urn:srcos:audit-anchor:", |
| 22 | + "description": "Stable URN identifier. Pattern: urn:srcos:audit-anchor:<local-id>" |
| 23 | + }, |
| 24 | + "type": { |
| 25 | + "const": "AuditAnchorRecord", |
| 26 | + "description": "Discriminator constant — always \"AuditAnchorRecord\"." |
| 27 | + }, |
| 28 | + "specVersion": { |
| 29 | + "type": "string", |
| 30 | + "description": "Spec version of this document, e.g. \"2.0.0\"." |
| 31 | + }, |
| 32 | + "targetId": { |
| 33 | + "type": "string", |
| 34 | + "description": "URN or stable identifier of the object being anchored." |
| 35 | + }, |
| 36 | + "recordType": { |
| 37 | + "enum": ["telemetry", "policy-decision", "validator-decision", "quarantine", "allowlist-mutation", "replay-envelope", "generic"], |
| 38 | + "description": "Classification of the anchored entry." |
| 39 | + }, |
| 40 | + "entryHash": { |
| 41 | + "type": "string", |
| 42 | + "pattern": "^sha256:", |
| 43 | + "description": "sha256: prefixed digest of the exact anchored entry payload." |
| 44 | + }, |
| 45 | + "previousRoot": { |
| 46 | + "type": ["string", "null"], |
| 47 | + "pattern": "^sha256:", |
| 48 | + "description": "Optional sha256: prefixed digest of the previous rolling root." |
| 49 | + }, |
| 50 | + "root": { |
| 51 | + "type": "string", |
| 52 | + "pattern": "^sha256:", |
| 53 | + "description": "sha256: prefixed digest of the current rolling root after inclusion of this record." |
| 54 | + }, |
| 55 | + "witnessSet": { |
| 56 | + "type": "array", |
| 57 | + "items": {"type": "string"}, |
| 58 | + "description": "Optional set of witness identities that observed or countersigned the anchored state." |
| 59 | + }, |
| 60 | + "signerSet": { |
| 61 | + "type": "array", |
| 62 | + "items": {"type": "string"}, |
| 63 | + "description": "Optional set of signers whose signatures attest to this anchored record." |
| 64 | + }, |
| 65 | + "mediaRefs": { |
| 66 | + "type": "array", |
| 67 | + "items": {"type": "string"}, |
| 68 | + "description": "Optional references to the storage locations that carry this record or its enclosing log segment." |
| 69 | + }, |
| 70 | + "anchoredAt": { |
| 71 | + "type": "string", |
| 72 | + "format": "date-time", |
| 73 | + "description": "ISO 8601 date-time when the entry was committed into the rolling root." |
| 74 | + } |
| 75 | + } |
| 76 | +} |
0 commit comments