Feat/order book

.github/workflows/aedb-tests.yml

@@ -38,10 +38,35 @@ jobs:
       - name: L1 balance conservation (must-pass smoke)
         run: cargo test --test stress arcana_l1_balance_conservation_under_load
 
-  crash:
+  security_strict:
     needs: integration
     runs-on: ubuntu-latest
     timeout-minutes: 45
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@stable
+      - uses: Swatinem/rust-cache@v2
+      - name: Security boundaries
+        run: |
+          cargo test --test security_boundaries -- --test-threads=1
+          cargo test --test security_properties -- --test-threads=1
+      - name: Security property tests (fuzz-style randomized)
+        env:
+          PROPTEST_CASES: "16"
+        run: cargo test --test security_properties_proptest -- --test-threads=1
+      - name: Strict backup hash-chain acceptance
+        run: |
+          cargo test --test backup_restore strict_backup_chain_restore_succeeds_with_hash_chain_enforcement -- --test-threads=1
+          cargo test --test backup_restore strict_backup_chain_restore_rejects_tampered_incremental_segment -- --test-threads=1
+      - name: Idempotency and audit trail behavior
+        run: |
+          cargo test --test read_assertions integration_idempotent_retry_skips_assertion_re_evaluation -- --test-threads=1
+          cargo test --test read_assertions integration_failed_assertion_is_logged_to_system_audit_table -- --test-threads=1
+
+  crash:
+    needs: security_strict
+    runs-on: ubuntu-latest
+    timeout-minutes: 45
     steps:
       - uses: actions/checkout@v4
       - uses: dtolnay/rust-toolchain@stable
@@ -50,7 +75,6 @@ jobs:
         run: cargo test --test crash_matrix -- --test-threads=1
 
   crash_longrun:
-    if: github.event_name == 'schedule' || startsWith(github.ref, 'refs/heads/release/')
     needs: crash
     runs-on: ubuntu-latest
     timeout-minutes: 90
@@ -63,17 +87,31 @@ jobs:
       - name: A17b durability crash loop
         run: cargo test --test crash_matrix crash_matrix_a17b_thousand_crash_cycles_preserve_state -- --ignored --test-threads=1
 
-  stress:
-    if: github.event_name == 'schedule' || startsWith(github.ref, 'refs/heads/release/')
+  chaos_longrun:
     needs: crash_longrun
     runs-on: ubuntu-latest
     timeout-minutes: 90
     steps:
       - uses: actions/checkout@v4
       - uses: dtolnay/rust-toolchain@stable
       - uses: Swatinem/rust-cache@v2
-      - name: Full ignored stress suite
-        run: cargo test --test stress -- --ignored --test-threads=1
+      - name: Orderbook adversarial randomized matrix
+        run: cargo test -p aedb-orderbook --test property_randomized_matrix -- --test-threads=1
+      - name: Orderbook adversarial SLO/SLA gate
+        env:
+          AEDB_ORDERBOOK_SLA_MIN_ATTEMPTED_TPS: "600"
+          AEDB_ORDERBOOK_SLA_MAX_P99_US: "1000000"
+          AEDB_ORDERBOOK_SLA_MAX_FINALITY_GAP: "10000"
+          AEDB_ORDERBOOK_SLA_MAX_PRIMARY_REJECT_RATIO_PPM: "900000"
+        run: cargo test -p aedb-orderbook --test adversarial_slo_sla -- --test-threads=1
+      - name: Orderbook CI chaos profile
+        run: cargo test -p aedb-orderbook --test chaos_ci_profile -- --test-threads=1
+      - name: Orderbook soak profiles (mandatory)
+        run: |
+          cargo test -p aedb-orderbook --test simulation_smoke simulation_soak_multi_asset_mixed -- --ignored --test-threads=1
+          cargo test -p aedb-orderbook --test simulation_smoke simulation_soak_single_asset_contention_limit -- --ignored --test-threads=1
+      - name: Core orderbook chaos read/write accuracy
+        run: cargo test --test order_book_simulation order_book_chaos_read_write_accuracy -- --test-threads=1
 
   benchmark:
     if: github.event_name == 'schedule' || startsWith(github.ref, 'refs/heads/release/')

Cargo.toml

@@ -17,6 +17,10 @@ exclude = [
     ".github/*",
 ]
 
+[workspace]
+members = [".", "crates/aedb-orderbook"]
+resolver = "2"
+
 [dependencies]
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"

README.md

@@ -144,12 +144,18 @@ let db = aedb::AedbInstance::open(config, dir.path())?;
 AEDB supports permission-aware APIs via `CallerContext` and `Permission`.
 
 - `open_production` and `open_secure` require authenticated `*_as` calls
-- `open_secure` enforces hardened durability/recovery settings
+- `open_secure` enforces hardened durability/recovery settings (`DurabilityMode::Full`, strict recovery, hash chain, HMAC)
 - table/KV/query access can be scoped per project/scope/resource
+- `authz_audit` and `assertion_audit` system tables provide built-in audit trails
+
+Security/operations docs:
+
+- `docs/SECURITY_ACCEPTANCE_CRITERIA.md`
+- `docs/SECURITY_OPERATIONS_RUNBOOK.md`
 
 ## Operational APIs
 
-- `checkpoint_now()` to force a checkpoint
+- `checkpoint_now()` to force a fuzzy checkpoint (does not block commit/query traffic)
 - `backup_full(...)` / restore helpers for backup workflows
 - `operational_metrics()` for commit latency, queue depth, durable head lag, and more
 
@@ -186,6 +192,12 @@ cargo test --test crash_matrix
 cargo test --test stress
 ```
 
+Security acceptance gate (mandatory profile):
+
+```bash
+./scripts/security_gate.sh
+```
+
 ## License
 
 Dual-licensed under:

benches/perf.rs

@@ -131,8 +131,8 @@ fn bench_aedb_hot_paths(c: &mut Criterion) {
                 if next_multi_commit_base > SEEDED_ROWS {
                     next_multi_commit_base = 1;
                 }
-                for offset in 0..BATCH_INSERT_ROWS {
-                    let id = ((base + offset - 1) % SEEDED_ROWS) + 1;
+                for row_offset in 0..BATCH_INSERT_ROWS {
+                    let id = ((base + row_offset - 1) % SEEDED_ROWS) + 1;
                     seed_db
                         .commit(Mutation::Upsert {
                             project_id: PROJECT_ID.into(),
@@ -164,8 +164,8 @@ fn bench_aedb_hot_paths(c: &mut Criterion) {
                     next_batch_commit_base = 1;
                 }
                 let mut rows = Vec::with_capacity(BATCH_INSERT_ROWS as usize);
-                for offset in 0..BATCH_INSERT_ROWS {
-                    let id = ((base + offset - 1) % SEEDED_ROWS) + 1;
+                for row_offset in 0..BATCH_INSERT_ROWS {
+                    let id = ((base + row_offset - 1) % SEEDED_ROWS) + 1;
                     rows.push(Row {
                         values: vec![
                             Value::Integer(id),

crates/aedb-orderbook/Cargo.toml

@@ -0,0 +1,19 @@
+[package]
+name = "aedb-orderbook"
+version = "0.1.0"
+edition = "2024"
+description = "Order book workload toolkit and security validation harness for AEDB"
+license = "MIT OR Apache-2.0"
+
+[dependencies]
+aedb = { path = "../.." }
+rand = "0.8"
+primitive-types = "0.12"
+tokio = { version = "1", features = ["full"] }
+tempfile = "3"
+serde = { version = "1", features = ["derive"] }
+rmp-serde = "1"
+
+[dev-dependencies]
+tokio = { version = "1", features = ["macros", "rt-multi-thread"] }
+proptest = "1"