WIP: Audit Trails#161
Open
itsyaasir wants to merge 282 commits into
Open
Conversation
itsyaasir
commented
Jan 5, 2026
- Changed capability permission checks in `has_capability_permission` and `destroy_capability` functions to use `cap.trail_id()` instead of `cap.id()`. - Improved test cases for capability creation, revocation, and metadata updates, ensuring proper permission handling and error scenarios. - Added new tests for locking configurations and metadata management, enhancing overall test coverage for the audit trail functionality.
- Reformatted function calls in locking and role tests for better readability by aligning parameters across multiple lines. - Enhanced clarity in test cases related to locking configurations and role permissions, ensuring easier maintenance and understanding of the test logic.
- Fixed typos in comments related to the `Permission` enum and `admin_permissions` function for clarity. - Enhanced documentation to better reflect the intended roles and permissions within the audit trail system.
…ns to use non-optional name field; adjust tests for consistency
chore: function refactor, adding of emitting events & improving test coverage
chore: make `ImmutableMetadata` optional
…extended # Conflicts: # audit-trail-move/sources/audit_trail.move # audit-trail-move/tests/capability_tests.move
fix: creation of roles & make the sequence and record number clear
…update related assertions
- Updated compiler version to 1.15.0. - Added a new module `record_correction` for managing correction relationships between audit records. - Integrated `RecordCorrection` into the `Record` struct to track corrections. - Updated relevant functions to utilize the new correction tracking feature.
…rade feat: add version specifier for package upgrades
…-tag Skip unauthorized tagged records in batch deletes
…omments chore: refactor and rename functions
# Conflicts: # Cargo.toml # bindings/wasm/notarization_wasm/Cargo.toml
…lated documentation
Split product-specific workflow publishing and docs uploads
) - Rewrite of the `delete_records_batch()` and `is_record_locked()` functions to only evaluate against the existing records once when the transaction begins (has been evaluated for each deleted record before) - `window_count_based(0)` is now forbidden in favor of using `window_none()` instead to prevent silently misconfigured trails. - Client-relevant asserts in Move `locking` module are validated in the AT Rust libraries public surface now The Move locking module has two client-relevant asserts, now being also validated in the Rust crate: 1. ECountWindowMustBePositive — window_count_based(0) is rejected. 2. EUntilDestroyedNotSupportedForDeleteTrail — TimeLock::UntilDestroyed cannot be used as the trail-level delete lock (but it is valid for write_lock). The tf_components::timelock module also asserts EPastTimestamp on unlock_at/unlock_at_ms when the timestamp is in the past. This is not mirrored in the Rust crate because it depends on the on-chain clock at execution time, so a client-side check would either be redundant (if the user picks a far-future timestamp) or wrong (if the transaction is built well before submission and a borderline timestamp lapses). --------- Co-authored-by: Yasir <yasir@shariff.dev>
Fix audit-trail Move security audit findings
…otarization (#257) Aligns the documentation across the three implementation layers — Move smart contracts, Rust client crates, and WASM/TypeScript bindings — for both **Audit Trail** and **Notarization**. The goals are * users can live with the docs in the language they use - no need to traverse from TS do Rust or Move * every public Move entity, its Rust counterpart, and its WASM/TS counterpart describe the same behaviour with the same vocabulary, so a reader can move between layers without re-deriving the contract semantics. No behavioural changes — documentation, style guides, and tooling only. See DOC-SKILL-EXAMPLES.md for examples and explanations how to use the SKILL based doc alignment process. Additionally, the README files and the source-docs of public exposed entities for Move, Rust and WASM/TS packages in the repository have been checked against a new [Naming Conventions guideline](https://github.com/iotaledger/notarization/blob/77413f9cf3f6142f78a302b9b95dabb1b6f0bce1/CLAUDE.md#naming-conventions) and edited accordingly. ## What's in the PR **Style guides (new, top-level)** - `MOVE-DOC-STYLEGUIDE.md` — authoritative rules for Move doc comments (audience, block ordering, capability gating, abort/event conventions). - `bindings/wasm/DOC-STYLEGUIDE.md` — equivalent rules for wasm-bindgen-generated TSDoc/JSDoc (TS-visible names, `{@link}` syntax, allowed tags, etc.). - No Rust style guide ATM - Audit Trail and Notarization follow different styles. Discussion needed which path to follow. - `Naming Conventions` section in the root `CLAUDE.md` file which can be seen as the source of truth regarding wording, terminology, prose and capitalization rules. **Per-product `CLAUDE.md` guides** - `audit-trail-move/CLAUDE.md`, `notarization-move/CLAUDE.md` — reference the Move styleguide and pin product-specific terminology (e.g. the "Notarization Methods" rules). - `bindings/wasm/audit_trail_wasm/CLAUDE.md`, `bindings/wasm/notarization_wasm/CLAUDE.md` — same for the TS side. **API mapping files (new)** - `audit-trail-move/api_mapping.toml`, `notarization-move/api_mapping.toml` — map every public Move function/struct/enum to its Rust and WASM/TS counterparts. Used as index when syncing docs across layers to reduce token consumption resp. compare docs of the specific languages more efficiently. **Product-agnostic skills (new, under `.claude/skills/`)** - `init-api-mapping` — bootstraps an `api_mapping.toml` for a new product. - `update-api-mapping` — reconciles the mapping against a git revision (added/removed entities). - `sync-product-docs` — syncs Move/Rust/WASM doc comments using the mapping. - `naming-convention` — Audit README files and public-entity docs for compliance with the `Naming Conventions` **Doc comment rewrites** - `audit-trail-move/sources/*.move`, `notarization-move/sources/*.move` — full rewrite under the new style guide, including consistent abort and event sections. - `audit-trail-rs/src/**`, `notarization-rs/src/**` — Rust docs updated to mirror the Move semantics (per-method bullet lists where behaviour differs, accurate lock semantics, `TimeLock::Infinite` destruction rule, etc.). - `bindings/wasm/audit_trail_wasm/src/**`, `bindings/wasm/notarization_wasm/src/**` — TSDoc rewritten to TS-visible names with `{@link}` references, matching the Move/Rust semantics from the mapping.
# Conflicts: # Cargo.toml # bindings/wasm/notarization_wasm/Cargo.toml
…rmat Cargo.toml files for consistency
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of change
Links to any relevant issues
Type of change
How the change has been tested
Change checklist