Phase 1: Revocation-focused workloads #75

Merged

erikinkinen merged 3 commits from 1-revocation-focused-workloads into main 2026-03-06 11:00:01 +01:00

Conversation 0 Commits 3 Files changed 13 +1559 -9

erikinkinen commented 2026-03-06 10:59:03 +01:00

Owner

Copy link

Closes #35

---

Summary

This PR adds three deterministic, revocation-focused workload kinds to stress
strategy behavior in controlled patterns:

1. deep_chain_root_revoke
2. fanout_tree_mid_revoke
3. mixed_delegation_random_revoke

The goal is to exercise revocation semantics under repeatable workload
structures while preserving replay correctness and event-log compatibility.

---

Scope

Included

• New first-class workload implementations in aes_workload:
  • deep chain + root revoke + post-revoke probes
  • fan-out tree + mid-level revoke + post-revoke probes
  • mixed delegation + random live-edge revoke + per-round probe
• CLI workload surface extensions:
  • --workload deep_chain_root_revoke
  • --workload fanout_tree_mid_revoke
  • --workload mixed_delegation_random_revoke
• Mixed-workload CLI parameters:
  • --rounds (required)
  • --subject-pool (optional, default 8)
  • --revoke-width (optional, default 1)
• Deterministic validation/parse rules for required/forbidden flags and minima.
• New workload test suite (aes_revocation_focused_workloads_tests) with:
  • canonical event-shape checks,
  • selector ordering/uniqueness checks,
  • probe adjacency checks,
  • repeat determinism checks.
• Expanded CLI and invariant coverage for all new workloads.
• Phase 1 documentation updates for workload semantics.

Explicitly excluded

• No core revocation API changes.
• No event-log schema/version changes (v=3 unchanged).
• No strategy semantic changes.

---

Design intent

The workloads are intentionally deterministic for fixed (seed, revoker, parameters) and are structured to make revocation effects observable through
explicit post-revoke UseCap probes.

• deep_chain_root_revoke stresses root revocation in long ancestry.
• fanout_tree_mid_revoke stresses breadth and selective subtree impact.
• mixed_delegation_random_revoke stresses repeated revoke pressure with
  deterministic randomization over current live edges.

For mixed workload, traces are deterministic per revoker but may diverge across
revokers because selectors are sampled from live edge state.

---

Workload contracts

deep_chain_root_revoke

• Requires: --chain-length
• Validates: chain_length >= 2
• Forbids: --depth, --fanout, --rounds, --subject-pool,
  --revoke-width

fanout_tree_mid_revoke

• Requires: --depth, --fanout
• Validates: depth >= 2, fanout >= 2
• Forbids: --chain-length, --rounds, --subject-pool,
  --revoke-width
• Revoke selector: all edges at depth floor(depth/2), sorted ascending.

mixed_delegation_random_revoke

• Requires: --rounds
• Defaults: --subject-pool=8, --revoke-width=1
• Validates: rounds >= 1, subject_pool >= 2, revoke_width >= 1
• Forbids: --chain-length, --depth, --fanout
• Per round: DelegateCap, RevokeCap, UseCap(min(selector))
• Selector semantics:
  • sampled from sorted live edge ids,
  • unique edge ids,
  • sorted output,
  • width k = min(revoke_width, live_edge_count).

---

Verification

• cmake --build _build --target aes_revocation_focused_workloads_tests aes_cli_simulate_tests aes_invariant_property_tests aes_replay_hash_tests
• ctest --test-dir _build --output-on-failure -R "aes_revocation_focused_workloads_tests|aes_cli_simulate_tests|aes_invariant_property_tests|aes_replay_hash_tests"
• ctest --test-dir _build --output-on-failure -R "aes_revocation_strategy_tests|aes_strategy_equivalence_tests|aes_event_log_replay_tests|aes_invalid_event_determinism_tests"

All listed tests passed.

---

Review focus

• New workload event sequencing and deterministic contracts.
• CLI workload/flag validation correctness (required, forbidden, defaults).
• Mixed selector generation guarantees (sorted, unique, width clamp).
• Probe placement immediately after revoke events.
• No regressions in replay/determinism suites.

Closes #35 --- ## Summary This PR adds three deterministic, revocation-focused workload kinds to stress strategy behavior in controlled patterns: 1. `deep_chain_root_revoke` 2. `fanout_tree_mid_revoke` 3. `mixed_delegation_random_revoke` The goal is to exercise revocation semantics under repeatable workload structures while preserving replay correctness and event-log compatibility. --- ## Scope ### Included - New first-class workload implementations in `aes_workload`: - deep chain + root revoke + post-revoke probes - fan-out tree + mid-level revoke + post-revoke probes - mixed delegation + random live-edge revoke + per-round probe - CLI workload surface extensions: - `--workload deep_chain_root_revoke` - `--workload fanout_tree_mid_revoke` - `--workload mixed_delegation_random_revoke` - Mixed-workload CLI parameters: - `--rounds` (required) - `--subject-pool` (optional, default `8`) - `--revoke-width` (optional, default `1`) - Deterministic validation/parse rules for required/forbidden flags and minima. - New workload test suite (`aes_revocation_focused_workloads_tests`) with: - canonical event-shape checks, - selector ordering/uniqueness checks, - probe adjacency checks, - repeat determinism checks. - Expanded CLI and invariant coverage for all new workloads. - Phase 1 documentation updates for workload semantics. ### Explicitly excluded - No core revocation API changes. - No event-log schema/version changes (`v=3` unchanged). - No strategy semantic changes. --- ## Design intent The workloads are intentionally deterministic for fixed `(seed, revoker, parameters)` and are structured to make revocation effects observable through explicit post-revoke `UseCap` probes. - `deep_chain_root_revoke` stresses root revocation in long ancestry. - `fanout_tree_mid_revoke` stresses breadth and selective subtree impact. - `mixed_delegation_random_revoke` stresses repeated revoke pressure with deterministic randomization over current live edges. For mixed workload, traces are deterministic per revoker but may diverge across revokers because selectors are sampled from live edge state. --- ## Workload contracts ### `deep_chain_root_revoke` - Requires: `--chain-length` - Validates: `chain_length >= 2` - Forbids: `--depth`, `--fanout`, `--rounds`, `--subject-pool`, `--revoke-width` ### `fanout_tree_mid_revoke` - Requires: `--depth`, `--fanout` - Validates: `depth >= 2`, `fanout >= 2` - Forbids: `--chain-length`, `--rounds`, `--subject-pool`, `--revoke-width` - Revoke selector: all edges at depth `floor(depth/2)`, sorted ascending. ### `mixed_delegation_random_revoke` - Requires: `--rounds` - Defaults: `--subject-pool=8`, `--revoke-width=1` - Validates: `rounds >= 1`, `subject_pool >= 2`, `revoke_width >= 1` - Forbids: `--chain-length`, `--depth`, `--fanout` - Per round: `DelegateCap`, `RevokeCap`, `UseCap(min(selector))` - Selector semantics: - sampled from sorted live edge ids, - unique edge ids, - sorted output, - width `k = min(revoke_width, live_edge_count)`. --- ## Verification - [x] `cmake --build _build --target aes_revocation_focused_workloads_tests aes_cli_simulate_tests aes_invariant_property_tests aes_replay_hash_tests` - [x] `ctest --test-dir _build --output-on-failure -R "aes_revocation_focused_workloads_tests|aes_cli_simulate_tests|aes_invariant_property_tests|aes_replay_hash_tests"` - [x] `ctest --test-dir _build --output-on-failure -R "aes_revocation_strategy_tests|aes_strategy_equivalence_tests|aes_event_log_replay_tests|aes_invalid_event_determinism_tests"` All listed tests passed. --- ## Review focus - New workload event sequencing and deterministic contracts. - CLI workload/flag validation correctness (required, forbidden, defaults). - Mixed selector generation guarantees (sorted, unique, width clamp). - Probe placement immediately after revoke events. - No regressions in replay/determinism suites.

erikinkinen added this to the Phase 1 milestone 2026-03-06 10:59:03 +01:00

erikinkinen added the

experiment

phase-1

workload

labels 2026-03-06 10:59:03 +01:00

erikinkinen self-assigned this 2026-03-06 10:59:03 +01:00

erikinkinen added 3 commits 2026-03-06 10:59:03 +01:00

Phase 1: Add deep chain root revoke workload (#35) fb211972c3

Phase 1: Add fan-out tree mid-level revoke workload (#35) 1c4ae3dca1

Phase 1: Add mixed delegation random revoke workload (#35) f4fbd120bc

erikinkinen added this to the AES — Active Workboard project 2026-03-06 10:59:03 +01:00

erikinkinen merged commit 9c744b19da into main 2026-03-06 11:00:01 +01:00

erikinkinen referenced this pull request from a commit 2026-03-06 11:00:02 +01:00

Phase 1: Revocation-focused workloads (#75)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

bug

  

cli

  

core

  

docs

  

event

  

experiment

  

figure

  

invariant

  

metrics

  

oracle

  

phase-0

  

phase-1

  

phase-2

  

phase-3

  

phase-4

  

phase-5

  

phase-6

  

provenance

  

revocation

  

tests

  

workload

No labels

bug

cli

core

docs

event

experiment

figure

invariant

metrics

oracle

phase-0

phase-1

phase-2

phase-3

phase-4

phase-5

phase-6

provenance

revocation

tests

workload

Milestone

Clear milestone

No items

No milestone

Phase 1

Projects

Clear projects

No items

No project

AES — Active Workboard

Assignees

Clear assignees

No assignees

erikinkinen

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

erikinkinen/AES!75

No description provided.