app.matakite.audit

matakite.app

Documentation

An append-only attestation that a policy-selected auditor observed an app.matakite.* record create, update, or delete, or intentionally voided an unrepresentable event. The auditor repository establishes observation chronology for clients that trust its DID; source-record createdAt and Jetstream time_us remain provenance rather than trusted time.

main record

An append-only attestation that a policy-selected auditor observed an app.matakite.* record create, update, or delete, or intentionally voided an unrepresentable event. The auditor repository establishes observation chronology for clients that trust its DID; source-record createdAt and Jetstream time_us remain provenance rather than trusted time.

Record Key any Any valid record key

Properties

epoch string record-key Required

Auditor-defined chronology epoch. Reference validators prohibit colon because it separates epoch from sequence in the record key. Sequence values are unique and monotonic within one auditor DID and epoch.

maxLength: 64 bytes
observedAt string datetime Required

UTC time at which the auditor's durable intake first accepted the source event. Trusted scoring uses this time, not publication time.

operation string Required

Audit lifecycle entry. Create/update/delete mirror the source operation; void intentionally consumes an unrepresentable sequence. Reference validators reject unknown values until their lifecycle semantics are specified.

Known values: create, update, delete, void
previousCid string cid Optional

CID previously observed at subjectUri when known. Meaningful only for update.

record unknown Optional

Exact public app.matakite.* source-record snapshot for create/update, including its $type. Omitted for delete/void. Reference validators require the $type to match the subject URI collection and its canonical DAG-CBOR CID to equal subjectCid. Unknown is used because common Lexicon validators do not currently validate record definitions nested through unions.

sequence integer Required

Auditor-issued total order within the epoch. This breaks observedAt ties and is the authoritative lifecycle order.

minimum: 1
source string Required

Observation transport. Provenance only; clients select trust by auditor DID and policy.

maxLength: 640 bytesmaxGraphemes: 64 graphemes
Known values: jetstream-legacy
sourceOperation string Optional

Original repository operation. Required only when operation is void.

Known values: create, update, delete
sourceRev string tid Required

Source repository revision reported by the observation transport. It is repository-scoped provenance, not a global ordering key.

sourceTimeUs integer Required

Source event time_us in Unix microseconds. Retained for provenance and replay analysis; not used as trusted scoring chronology.

minimum: 0
subjectCid string cid Optional

CID observed for a create or update. Reference validators require the canonical DAG-CBOR CID of a create/update record snapshot to equal this value. For a delete or void, the last CID observed for the URI when known.

subjectUri string at-uri Required

URI of the app.matakite.* source record observed by the auditor.

voidNote string Optional

Optional public explanation for an operator-authorized void. Must not contain private source material.

maxLength: 3000 bytesmaxGraphemes: 300 graphemes
voidReason string Optional

Terminal exclusion reason. Required only for an explicitly operator-authorized void.

maxLength: 640 bytesmaxGraphemes: 64 graphemes
Known values: invalidSourceRecord, unsupportedSourceRecord, recordTooLarge, unrecoverable
View raw schema
{
  "key": "any",
  "type": "record",
  "record": {
    "type": "object",
    "required": [
      "epoch",
      "sequence",
      "subjectUri",
      "operation",
      "observedAt",
      "source",
      "sourceRev",
      "sourceTimeUs"
    ],
    "properties": {
      "epoch": {
        "type": "string",
        "format": "record-key",
        "maxLength": 64,
        "description": "Auditor-defined chronology epoch. Reference validators prohibit colon because it separates epoch from sequence in the record key. Sequence values are unique and monotonic within one auditor DID and epoch."
      },
      "record": {
        "type": "unknown",
        "description": "Exact public app.matakite.* source-record snapshot for create/update, including its $type. Omitted for delete/void. Reference validators require the $type to match the subject URI collection and its canonical DAG-CBOR CID to equal subjectCid. Unknown is used because common Lexicon validators do not currently validate record definitions nested through unions."
      },
      "source": {
        "type": "string",
        "maxLength": 640,
        "description": "Observation transport. Provenance only; clients select trust by auditor DID and policy.",
        "knownValues": [
          "jetstream-legacy"
        ],
        "maxGraphemes": 64
      },
      "sequence": {
        "type": "integer",
        "minimum": 1,
        "description": "Auditor-issued total order within the epoch. This breaks observedAt ties and is the authoritative lifecycle order."
      },
      "voidNote": {
        "type": "string",
        "maxLength": 3000,
        "description": "Optional public explanation for an operator-authorized void. Must not contain private source material.",
        "maxGraphemes": 300
      },
      "operation": {
        "type": "string",
        "description": "Audit lifecycle entry. Create/update/delete mirror the source operation; void intentionally consumes an unrepresentable sequence. Reference validators reject unknown values until their lifecycle semantics are specified.",
        "knownValues": [
          "create",
          "update",
          "delete",
          "void"
        ]
      },
      "sourceRev": {
        "type": "string",
        "format": "tid",
        "description": "Source repository revision reported by the observation transport. It is repository-scoped provenance, not a global ordering key."
      },
      "observedAt": {
        "type": "string",
        "format": "datetime",
        "description": "UTC time at which the auditor's durable intake first accepted the source event. Trusted scoring uses this time, not publication time."
      },
      "subjectCid": {
        "type": "string",
        "format": "cid",
        "description": "CID observed for a create or update. Reference validators require the canonical DAG-CBOR CID of a create/update record snapshot to equal this value. For a delete or void, the last CID observed for the URI when known."
      },
      "subjectUri": {
        "type": "string",
        "format": "at-uri",
        "description": "URI of the app.matakite.* source record observed by the auditor."
      },
      "voidReason": {
        "type": "string",
        "maxLength": 640,
        "description": "Terminal exclusion reason. Required only for an explicitly operator-authorized void.",
        "knownValues": [
          "invalidSourceRecord",
          "unsupportedSourceRecord",
          "recordTooLarge",
          "unrecoverable"
        ],
        "maxGraphemes": 64
      },
      "previousCid": {
        "type": "string",
        "format": "cid",
        "description": "CID previously observed at subjectUri when known. Meaningful only for update."
      },
      "sourceTimeUs": {
        "type": "integer",
        "minimum": 0,
        "description": "Source event time_us in Unix microseconds. Retained for provenance and replay analysis; not used as trusted scoring chronology."
      },
      "sourceOperation": {
        "type": "string",
        "description": "Original repository operation. Required only when operation is void.",
        "knownValues": [
          "create",
          "update",
          "delete"
        ]
      }
    }
  },
  "description": "An append-only attestation that a policy-selected auditor observed an app.matakite.* record create, update, or delete, or intentionally voided an unrepresentable event. The auditor repository establishes observation chronology for clients that trust its DID; source-record createdAt and Jetstream time_us remain provenance rather than trusted time."
}

Lexicon Garden

@