feat: persist accountability evidence identities

workplans/RAIL-FAB-WP-0018-accountability-root-discovery-update-loop.md

@@ -135,7 +135,7 @@ Result:
 
 ```task
 id: RAIL-FAB-WP-0018-T03
-status: todo
+status: done
 priority: high
 state_hub_task_id: "2a79938f-13e2-41b4-b692-74420d31bec4"
 ```
@@ -157,6 +157,28 @@ Done when:
 - identity normalization produces reviewable candidates;
 - repeated scans produce deterministic identities for unchanged sources.
 
+Result:
+
+- Added `schemas/accountability-identity-projection.schema.yaml` for
+  normalized `AccountabilityIdentityProjection` payloads.
+- Extended `railiance_fabric/accountability_roots.py` with deterministic
+  identity normalization for netkingdoms, actors, fabrics, subfabrics,
+  repositories, deployables, endpoint/service/config roots, host paths,
+  catalog roots, secret roots, and backup/recovery roots.
+- Added duplicate/ambiguous alias marking on identity candidates and a
+  candidate graph section that remains separate from accepted registry graph
+  snapshots.
+- Added `AccountabilityEvidenceStore`, a SQLite store for raw evidence runs,
+  evidence items, and identity candidates.
+- Extended `railiance-fabric discover-roots` with `--identity-projection` and
+  `--store-db`.
+- Added focused tests for deterministic identity keys, schema validation,
+  persistence, CLI output, and store inspection.
+- Verified with
+  `python3 -m pytest tests/test_accountability_roots.py tests/test_accountability_root_adapters.py -q`,
+  `python3 -m railiance_fabric.cli discover-roots --max-items-per-root 5 --identity-projection --store-db /tmp/railiance-root-evidence.sqlite3`,
+  and full `python3 -m pytest`.
+
 ## T04 - Add Ownership Resolution And Review Flow
 
 ```task