{"id":51067172,"url":"https://github.com/mokkunsuzuki-code/stage353","last_synced_at":"2026-06-23T07:32:21.714Z","repository":{"id":366287989,"uuid":"1275058581","full_name":"mokkunsuzuki-code/stage353","owner":"mokkunsuzuki-code","description":"Stage354: Signature Key Rotation Ledger Layer with Stage178 Assumption, Threat Model, and Guarantee Binding. Transparent key lifecycle tracking, signature key status recording, ledger chaining, and PQC migration-aware verification metadata.","archived":false,"fork":false,"pushed_at":"2026-06-21T05:07:17.000Z","size":75,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-21T07:09:39.720Z","etag":null,"topics":["audit","cybersecurity","evidence-verification","fail-closed","hash-chain","qsp","remeda","sha256","supply-chain-security","transparency-chain","transparency-log","verification","zero-trust"],"latest_commit_sha":null,"homepage":"https://mokkunsuzuki-code.github.io/stage353/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mokkunsuzuki-code.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-20T07:40:38.000Z","updated_at":"2026-06-21T05:09:54.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/mokkunsuzuki-code/stage353","commit_stats":null,"previous_names":["mokkunsuzuki-code/stage353"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/mokkunsuzuki-code/stage353","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mokkunsuzuki-code%2Fstage353","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mokkunsuzuki-code%2Fstage353/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mokkunsuzuki-code%2Fstage353/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mokkunsuzuki-code%2Fstage353/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mokkunsuzuki-code","download_url":"https://codeload.github.com/mokkunsuzuki-code/stage353/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mokkunsuzuki-code%2Fstage353/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34680620,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-23T02:00:07.161Z","response_time":65,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","cybersecurity","evidence-verification","fail-closed","hash-chain","qsp","remeda","sha256","supply-chain-security","transparency-chain","transparency-log","verification","zero-trust"],"created_at":"2026-06-23T07:32:19.707Z","updated_at":"2026-06-23T07:32:21.700Z","avatar_url":"https://github.com/mokkunsuzuki-code.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Stage353: Verification Transparency Chain Layer\n\nStage353 extends Stage352 by recording the Stage352 verification result into a transparency chain.\n\n## What Stage353 Adds\n\n- Reads `docs/signatures/stage352_signature_manifest_verification.json`\n- Generates a SHA256 hash for the Stage352 verification result\n- Creates a transparency entry for the verification result\n- Chains entries with `previous_hash` and `entry_hash`\n- Carries forward the Stage352 decision\n- Fails closed if Stage352 is `reject`, `block`, or unknown\n- Does not claim external Rekor registration\n- Does not claim Bitcoin anchoring\n\n## Public Evidence\n\n- `docs/transparency/stage353_verification_transparency_result.json`\n- `docs/transparency/stage353_verification_transparency_chain.json`\n- `docs/transparency/stage353_verification_transparency_summary.txt`\n\n## Decision Model\n\n- `accept`: Stage352 verification result is acceptable and chain link is valid\n- `warn`: Stage352 result was warning-level and logged as warning\n- `reject`: Stage352 failed, is missing, or the chain is invalid\n\n## Safety Boundary\n\nStage353 does not publish private keys, raw secrets, fake signature claims, external Rekor claims, or Bitcoin anchor claims.\n\n---\n\n## Stage354: Signature Key Rotation Ledger Layer\n\nStage354 adds a signature key lifecycle and rotation ledger on top of Stage353.\n\nIt records safe public metadata for:\n\n- GPG\n- Sigstore OIDC\n- Ed25519 witness\n- PQC ML-DSA intent\n\nStage354 also binds the Stage178 framework:\n\n- Assumption\n- Threat Model\n- Guarantee\n\n### Safety Boundary\n\nStage354 does not publish:\n\n- private keys\n- raw secrets\n- seed material\n- real PQC private key material\n- fake active PQC key claims\n- fake external Rekor claims\n\n### Current Decision\n\n```text\naccept_policy_initialization\n\nThis means the key rotation policy ledger was initialized safely,\nbut no real production key rotation is being falsely claimed.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmokkunsuzuki-code%2Fstage353","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmokkunsuzuki-code%2Fstage353","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmokkunsuzuki-code%2Fstage353/lists"}