tumunu/tumunu-audit-plugin

AI Summary: Modify the Tumunu Audit Plugin to use ISO 8601 durations for event timing and standardize timestamp representation across all events, ensuring consistency and clarity in the audit logs. This involves updating the `finalize` function, adjusting timestamp handling, and documenting the changes.

AI Summary: Improve the Tumunu Audit Plugin's API by enhancing error handling. This involves adding context to error messages (using anyhow::Context) to provide more specific diagnostics for operators, including file paths, operations, and byte counts. A consistent error taxonomy and user-friendly messages tailored for forensic staff are also required. The goal is to make errors actionable with clear remediation steps.

AI Summary: Implement a comprehensive testing suite for the Tumunu Audit Plugin, covering unit tests for log entry formats and error handling, concurrency tests for multi-threaded/multi-process scenarios, crash recovery tests to ensure data persistence, and schema stability tests to prevent regressions. The tests should be integrated into the CI pipeline.

AI Summary: Enhance the Tumunu Audit Plugin to persistently log custody chain transitions as first-class events. This involves adding an API to the `ForensicAuditSession` to manage custody transfers, updating the `CustodyChainManager`, logging `custody_transfer` events with versioned schema, and ensuring the report includes the persisted custody chain or allows reconstruction from logged events. Optional signing of custody events for higher assurance is also considered.

AI Summary: Refactor the Tumunu Audit Plugin to eliminate duplicated code related to plugin metadata and initialization. This involves centralizing metadata creation and extracting the initialization logic into a single function called from both the `SecurityPlugin` and `AuditPlugin` implementations. The solution should ensure a single source of truth for metadata and avoid redundant configuration parsing.

AI Summary: Refactor the Tumunu Audit Plugin to use strongly-typed enums for log formats and compliance standards, and introduce versioned schemas for event payloads using a versioning strategy (e.g., serde(tag = "version")). This involves replacing string-based configuration with enums, defining schemas for key events, implementing schema validation, and updating unit tests to ensure schema adherence and backward compatibility.

AI Summary: Implement a mechanism to prevent data corruption in the audit log files when multiple writers are accessing them concurrently. This involves either enforcing a single-writer policy or implementing a multi-writer coordination strategy using techniques like channels or file locking, ensuring that concurrent writes do not lead to interleaved or partial log entries. Thorough testing is required to validate the solution's correctness and robustness across different platforms.

AI Summary: Implement cryptographic hash chaining and optional digital signatures for the Tumunu Audit Plugin's audit logs to ensure tamper-evident integrity. This involves modifying the log entry format to include previous and current hashes, using canonical JSON serialization for deterministic hashing, adding Ed25519 signature support with public key storage in metadata, and updating the verification process to validate the hash chain and signatures. Feature flags should be added to control signature usage.

AI Summary: Implement configurable durability options (none, flush, fsync per entry, fsync interval) for the Tumunu Audit Plugin's logging mechanism, ensuring data persistence even in crash scenarios. Benchmark performance trade-offs and add tests to verify data persistence under simulated crashes. Document filesystem considerations and deployment recommendations.