Event channels
Lerian STA publishes on two channels:
- An audit channel, keyed by the file’s source product, carrying inbound-success and inbound-failure facts for observability and reconciliation.
- A signed business channel, keyed by direction and source product, for external product consumers. Its terminal event types are
sta.transfer.accepted,sta.transfer.rejected,sta.transfer.inconsistent,sta.transfer.canceled, andsta.transfer.download_finished.
The claim-check
On a completed inbound download, Lerian STA emits its terminal download-finished event, keyed by the file’s source product. The event carries a claim-check — the object key, the SHA-256, the size, the file name, and the document type — but not the bytes themselves. The consuming domain product subscribes to its own key, fetches the durable artefact by its object key, re-verifies the SHA-256, and reconciles the result into the Midaz ledger. Lerian STA is the transport and integrity boundary; the consuming product owns the ledger posting.
Midaz boundary
Lerian STA does not write to Midaz itself. It delivers the file and the claim-check; the consuming product — for example, Lerian SISBAJUD for judicial asset-order files — performs the ledger reconciliation. This keeps Lerian STA a pure transport-and-integrity layer, independent of any one file’s business meaning.
Integration conventions
- Commit-coupled events. Every event flows through the transactional outbox, so it is published only when its transfer’s state change has committed.
- Claim-check, not payload. Consumers receive a reference to the durable artefact, fetch it, and re-verify its SHA-256 before acting on it.
- Keyed subscription. Each source-product consumer subscribes only to its own key, so a discovered file reaches exactly the product that owns it.

