test(replay): audit survivability simulation suite (Wave 14)#344
Conversation
Stacked on #343 (Wave 10). Pins the six runtime-turbulence scenarios the brief names against the canonical replay-identity scheme, plus three audit-chain integrity invariants the identity layer must uphold. Scenarios simulated (20 jest tests, all green): 1. deploy replacement — same v1 algorithm across two independent input objects → byte- identical ids; scheme-version prefix recognizable. 2. replay corruption — tampering with entityId / lastCheckedAt / artifact checksum / channel always diverges the runId; ids cannot be forged from a different evidence set. 3. degraded restoration — empty-artifact run produces a deterministic distinct id (NOT a random fallback); lineageKey preserved across complete → degraded → restored cycle. 4. runtime restart — 50-iteration loop yields one unique id; no in-memory state drift. 5. partial persistence — checksum subset preserves lineageKey, outage yields a different well-defined runId; runId space behaves like a hash (adjacent inputs do not collide). 6. stale replay recovery — wall-clock independence; six-month-old inputs yield same id today. Audit-chain invariants: - chronological lineage continuity preserved across N snapshots - gap tolerance (missing intermediate snapshots do not break lineage) - cross-subject collision impossibility New doc: docs/architecture/replay-survivability-matrix.md - Survivability matrix for the 10 named runtime events - 6 audit-chain integrity properties enumerated - Out-of-scope follow-ups linked to their wave numbers No product code changed. No new dependencies. Test-only PR. Validation: 20/20 jest tests passing; no banned strings.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3d173966e9
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| it('a verifier comparing two runIds for the same lineageKey can detect inconsistency', () => { | ||
| const lineageA = computeReplayIdentity(BASE).lineageKey; | ||
| const lineageB = computeReplayIdentity({ ...BASE, entityId: '0000000000' }).lineageKey; |
There was a problem hiding this comment.
This test claims to validate that a verifier can detect inconsistent runIds for the same lineage, but it never compares any runId values and it switches entityId, which creates a different lineage entirely. As written, a regression where two snapshots for the same subject incorrectly produce the same runId would still pass, leaving the stated partial-persistence invariant untested.
Useful? React with 👍 / 👎.
2 participants
Summary
Wave 14 of the trust-convergence migration. Stacked on #343 (Wave 10 canonical replay identity). Test-only PR — no product code changes.
Pins the six runtime-turbulence scenarios the brief named against the canonical replay-identity scheme, plus three audit-chain integrity invariants.
Scenarios simulated (20 jest tests)
Audit-chain integrity invariants
New doc
docs/architecture/replay-survivability-matrix.md— survivability matrix for 10 named runtime events + 6 audit-chain integrity properties + out-of-scope follow-ups linked to their wave numbers.Truth rules
Validation
src/services/replay/__tests__/replaySurvivability.test.ts)Scope