Context
The export (#6478) and collector-client (#6479) issues produce and transport signed, anonymized calibration bundles between self-hosted instances, per #1970 (opt-in federated fleet intelligence). This issue is the receiving side: verifying a bundle's signature and applying the trust-gating/poisoning-resistance rule before folding it into local calibration or the peer-median benchmark. This issue is blocked by #6477 (the maintainer-only design spec for the trust-gating rule) — the actual poisoning-resistance mechanism must be decided before this can be implemented correctly; do not start this until #6477 is resolved and its decision is available to read.
Requirements
Deliverables
Test Coverage Requirements
99%+ Codecov patch coverage on the diff (src/**) — including both the signature-failure and trust-gating-failure rejection paths, not just the happy path.
Expected Outcome
An opted-in instance can safely accept a peer's anonymized bundle, verified and trust-gated per #6477's design, and folds it into local calibration without being exposable to a poisoned or forged bundle from a bad actor.
Links & Resources
Context
The export (#6478) and collector-client (#6479) issues produce and transport signed, anonymized calibration bundles between self-hosted instances, per #1970 (opt-in federated fleet intelligence). This issue is the receiving side: verifying a bundle's signature and applying the trust-gating/poisoning-resistance rule before folding it into local calibration or the peer-median benchmark. This issue is blocked by #6477 (the maintainer-only design spec for the trust-gating rule) — the actual poisoning-resistance mechanism must be decided before this can be implemented correctly; do not start this until #6477 is resolved and its decision is available to read.
Requirements
Deliverables
Test Coverage Requirements
99%+ Codecov patch coverage on the diff (
src/**) — including both the signature-failure and trust-gating-failure rejection paths, not just the happy path.Expected Outcome
An opted-in instance can safely accept a peer's anonymized bundle, verified and trust-gated per #6477's design, and folds it into local calibration without being exposable to a poisoned or forged bundle from a bad actor.
Links & Resources