Module replay 

JSONL replay — drive the core pipeline from an Android CollectorEvent trace.

Each input line is the Android CollectorEvent JSON shape; we extract its inner rawEvent, synthesize a CollectorEnvelope, and push it through RustCollectorIngress → DefaultPrivacyAirGap → WindowAggregator → DecisionRouter → PolicyEngine. Window boundaries use the captured timestamps from the trace, not wall-clock time — replay is deterministic.

Determinism is enforced by the canonical audit stream: every per-stage record is also serialized into a sorted-key, volatility-stripped projection that is both mirrored to an optional audit sink and folded into a SHA-256 hasher. The resulting hex digest (audit_hash) is pinned by golden tests: any divergence in the pipeline’s observable state transitions for a given input trace is caught immediately.

Structs

ReplaySummary

Aggregate counters surfaced both in the NDJSON summary record and to integration tests.

ReplayWithAudit

Return value of run_with_audit: the summary (with the same audit_hash as the field below) plus the hash hoisted for convenient assertions.

Enums

Stage

Pipeline stage at which replay should stop emitting events.

Functions

run

Replay a JSONL stream through the core pipeline without writing a separate audit file. The canonical-projection hash is still computed and surfaced as ReplaySummary.audit_hash so callers can pin determinism without managing an audit sink.

run_with_audit

Replay a JSONL stream through the core pipeline, mirroring every per-stage record into audit (volatility-stripped, sorted-key canonical form) and returning the SHA-256 of that canonical stream.