feat(ttp): E.3.7 RuleEngine — evaluate + atomic-swap watch_store

Implements the rule engine body left empty at contract phase: evaluate()
dispatches by source_kind through self._by_kind, runs the rule's match
spec against event.payload, and emits one TTPTag per emits entry.
watch_store() loads the initial corpus from RuleStore.load_compiled,
then drains subscribe_changes, applying definition changes via
single-statement dict assignment (atomic swap, GIL-atomic to readers)
and state changes via NamedTuple._replace on the existing CompiledRule.

Why: with the FS + DB stores in place (E.3.5/E.3.6), the engine is the
last piece of the rule plane. Lifters (E.3.9–E.3.13) consume the
engine; the worker bootstrap (E.3.14) wires watch_store into the
asyncio event loop. After this commit a CompositeTagger constructed
with a RuleEngine + a populated rules dir will produce real tags.

Notes:
- CompiledRule.emits extended to 4-tuple
  (technique_id, sub_technique_id, tactic, confidence). Tactic + confidence
  ride per-emit so a single rule can carry multiple precision targets
  (the "one event maps to many techniques" property). Compile helpers in
  both backends extract them from the YAML emits dict; missing tactic
  or confidence is a deploy-time error.
- v0 match operator is "pattern" (regex). The field defaults per
  source_kind (command_text / raw_url / subject / verdict / …) and is
  overridable via match.field. Future ops (contains, equals, in_set)
  extend _match_event without touching the engine surface.
- Confidence model: rules with state="clipped" + confidence_max set
  cap the per-emit confidence downward; clipped is a soft suppress, not
  a hard skip. Disabled rules are skipped wholly; expires_at past is
  re-checked at evaluate as defense-in-depth (the store auto-reverts,
  but a racing read between expiry and revert must not fire the rule).
- _span(name, **attrs) helper in engine + both stores short-circuits on
  decnet.telemetry._ENABLED — matches the project's @traced /
  wrap_repository zero-overhead-when-disabled pattern instead of relying
  solely on the no-op tracer indirection.
- Late-bound tracer (telemetry.get_tracer called per-span, not at
  module load) so test_tracing's monkeypatch reaches the production
  code path.

xfails flipped: tests/ttp/test_rule_engine.py multi-emit fan-out +
rule_version-collision-via-engine; tests/ttp/test_multi_mapping.py
N×M engine fan-out + idempotent replay; tests/ttp/test_tracing.py
ttp.eval span hierarchy + ttp.rule.fire span attributes.

Tests: 214 passed, 19 xfailed (gated on E.3.8 lifters / rule pack /
worker bootstrap).
mypy: clean on prod code; pre-existing test-stub arg-type warnings
unchanged.

tests/ttp/test_tracing.py

@@ -121,15 +121,58 @@ def span_exporter(
 # ── Eval span hierarchy (xfail until E.3.7) ─────────────────────────
 
 
-@pytest.mark.xfail(
-    strict=True,
-    reason="impl phase E.3.7 — RuleEngine.evaluate() emits no spans "
-    "today; ttp.eval span lands with the engine impl",
-)
-def test_eval_emits_top_level_span(span_exporter: tuple[InMemorySpanExporter, TracerProvider]) -> None:
+def test_eval_emits_top_level_span(
+    span_exporter: tuple[InMemorySpanExporter, TracerProvider],
+) -> None:
     """``evaluate()`` produces a ``ttp.eval`` span with
     ``attacker_uuid`` and ``identity_uuid`` attributes."""
-    pytest.fail("ttp.eval span not yet emitted")
+    import asyncio
+
+    from decnet.ttp.base import TaggerEvent
+    from decnet.ttp.impl.rule_engine import CompiledRule, RuleEngine
+    from decnet.ttp.store.base import RuleState
+
+    class _Stub:
+        async def load_compiled(self):  # pragma: no cover
+            return []
+
+        async def get_state(self, _):  # pragma: no cover
+            return RuleState()
+
+        async def set_state(self, *_a, **_kw):  # pragma: no cover
+            return None
+
+        def subscribe_changes(self):  # pragma: no cover
+            async def _g():
+                if False:
+                    yield None
+            return _g()
+
+    exporter, _ = span_exporter
+    rule = CompiledRule(
+        rule_id="R0001",
+        rule_version=1,
+        name="r",
+        applies_to=frozenset({"command"}),
+        match_spec={"pattern": "hydra"},
+        emits=(("T1110", None, "TA0006", 0.85),),
+        evidence_fields=(),
+        state=RuleState(),
+    )
+    eng = RuleEngine(store=_Stub())
+    eng._by_kind = {"command": [rule]}
+    event = TaggerEvent(
+        source_kind="command", source_id="src1",
+        attacker_uuid="ATT_X", identity_uuid="IDY_Y",
+        session_id=None, decky_id=None,
+        payload={"command_text": "hydra"},
+    )
+    asyncio.run(eng.evaluate(event))
+    eval_spans = [s for s in exporter.get_finished_spans() if s.name == "ttp.eval"]
+    assert eval_spans
+    attrs = dict(eval_spans[0].attributes or {})
+    assert attrs.get("attacker_uuid") == "ATT_X"
+    assert attrs.get("identity_uuid") == "IDY_Y"
 
 
 @pytest.mark.xfail(
@@ -143,17 +186,59 @@ def test_lifter_child_spans_emitted(span_exporter: tuple[InMemorySpanExporter, T
     pytest.fail("per-lifter spans not yet emitted")
 
 
-@pytest.mark.xfail(
-    strict=True,
-    reason="impl phase E.3.7 — ttp.rule.fire spans with rule_id + "
-    "technique_id land with the engine impl",
-)
 def test_rule_fire_spans_carry_rule_and_technique_attrs(
     span_exporter: tuple[InMemorySpanExporter, TracerProvider],
 ) -> None:
     """Each matched rule produces a ``ttp.rule.fire`` span with
     ``rule_id`` and ``technique_id`` attributes set."""
-    pytest.fail("ttp.rule.fire spans not yet emitted")
+    import asyncio
+
+    from decnet.ttp.base import TaggerEvent
+    from decnet.ttp.impl.rule_engine import CompiledRule, RuleEngine
+    from decnet.ttp.store.base import RuleState
+
+    class _Stub:
+        async def load_compiled(self):  # pragma: no cover
+            return []
+
+        async def get_state(self, _):  # pragma: no cover
+            return RuleState()
+
+        async def set_state(self, *_a, **_kw):  # pragma: no cover
+            return None
+
+        def subscribe_changes(self):  # pragma: no cover
+            async def _g():
+                if False:
+                    yield None
+            return _g()
+
+    exporter, _ = span_exporter
+    rule = CompiledRule(
+        rule_id="R_FIRE",
+        rule_version=1,
+        name="r",
+        applies_to=frozenset({"command"}),
+        match_spec={"pattern": "hydra"},
+        emits=(("T1110", None, "TA0006", 0.85),),
+        evidence_fields=(),
+        state=RuleState(),
+    )
+    eng = RuleEngine(store=_Stub())
+    eng._by_kind = {"command": [rule]}
+    asyncio.run(eng.evaluate(TaggerEvent(
+        source_kind="command", source_id="s",
+        attacker_uuid="a", identity_uuid=None,
+        session_id=None, decky_id=None,
+        payload={"command_text": "hydra"},
+    )))
+    fire_spans = [
+        s for s in exporter.get_finished_spans() if s.name == "ttp.rule.fire"
+    ]
+    assert fire_spans
+    attrs = dict(fire_spans[0].attributes or {})
+    assert attrs.get("rule_id") == "R_FIRE"
+    assert attrs.get("technique_id") == "T1110"
 
 
 # ── set_state span hierarchy (xfail until E.3.5/E.3.6) ──────────────