PROPOSAL: Canton Vetting Radar — Read-Only Package Vetting Drift Detector & CI Gate

OPENPull Request
by Crackdevs26-02-2026Incoming
View on GitHub ↗← All Proposals

…ft Detector & CI Gate.md

Development Fund Proposal Submission

Proposal file: Link to the proposal added in this PR /proposal/Canton-Vetting-Radar-Read-Only Package-Vetting-Drift-Detector-&-CI-Gate.md

---

Summary

Canton Vetting Radar is a safe, read-only CLI that scans vetted-package state via the Ledger API and produces a deterministic drift report (Markdown + JSON) plus a CI-friendly check mode that fails when required vetting conditions are not met. It makes package rollout readiness reviewable and repeatable across participants and synchronizers without requiring topology write access or any changes to Canton nodes

---

Checklist

  • [X] Proposal file added under /proposals/
  • [X] Milestones and funding amounts defined
  • [X] Acceptance criteria included
  • [X] Alignment with Canton priorities described

---

Notes for Reviewers

  • Read-only by design: The tool never submits topology transactions or attempts auto-fixes; it only reports and gates based on observed state.
  • Deterministic outputs: Reports and exit codes are stable (versioned JSON schema, stable rule IDs, golden fixtures) to make results trustworthy in CI and change reviews.
  • Explicit scoping to avoid false confidence: Requirements files define the intended synchronizers/participants; “discover mode” is allowed but emits warnings when scope is incomplete.
  • Minimal, testable rule set: Drift rules are deliberately small and objective (missing required vetting, incompatible version sets, partial rollouts), with fixtures proving each scenario.