Per VESTA-SPEC-017 (koad/vesta#57): every event in the activity stream carries an entity+host signature. Janus should validate each event against the entity's permission table.
What to check per stream event:
- Is the entity+host combination in the entity's
trust/permissions.md?
- Is the action type authorized for that host?
- If unknown host or unauthorized action → flag for Salus + report to Argus
Outcome: the stream becomes a verified audit trail, not just an activity log. Every event is attributable, permission-checked, anomaly-flagged.
Depends on: VESTA-SPEC-017 (permission table format), daemon batch signing implementation.
Per VESTA-SPEC-017 (koad/vesta#57): every event in the activity stream carries an entity+host signature. Janus should validate each event against the entity's permission table.
What to check per stream event:
trust/permissions.md?Outcome: the stream becomes a verified audit trail, not just an activity log. Every event is attributable, permission-checked, anomaly-flagged.
Depends on: VESTA-SPEC-017 (permission table format), daemon batch signing implementation.