RubyGems - lex-mesh - Versions diffs - 0.1.1 → 0.2.4 - Mend

lex-mesh 0.1.1 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6b30e6f5f2a0518bde780c8b661c910fe26ec503ddb285ce60883120f8826825
-  data.tar.gz: 456c2c731747543cebb0515abfc44b497382f6c3ca10eb0ad52b21f5816367f8
+  metadata.gz: 25cafa977ed6aaf671c903e71895312253a412c32c141e8de9674b1a86747bff
+  data.tar.gz: c7bbdde6f4c065f0fdaea58a5a5124bd53e49f0c48e0d275de0828bd93ec2439
 SHA512:
-  metadata.gz: 3b6044cd55148c45c91ce715476a0566a8f2aa6a4aafba4607d0049b80eeffe3578e31ceb6e53a5828b9e857335b0a72a6f4eb3af170fd2ca60c4ce4047da534
-  data.tar.gz: c8002ef1a93733b0e8f7848bf4db6903c90146cd67882d015c6b2d229b3f03dcff3d2abc2fcdeefb0c7b1ab043d1b5a6c172a129475f1044e1063dad6273d63e
+  metadata.gz: 76357a6ca4c31089fd7f5317097f935b07df6349476b344bd2681dccfbd796d79b1061922b22d42ca45b92d045bdbf901ed8d6c502f525cff3a668099dfea56c
+  data.tar.gz: 9e17a698c0b941fd2000ab9affffa87cd3bad983b37acacce794ee0fb4d975a8cdc04eee44480f976856e712fb6af8dfa80f976d07c2fd94ea302ba61f31b389

data/Gemfile CHANGED Viewed

@@ -4,7 +4,7 @@ source 'https://rubygems.org'
 gemspec
+gem 'base64'
+gem 'ed25519', '~> 1.3'
 gem 'rspec', '~> 3.13'
 gem 'rubocop', '~> 1.75', require: false
-gem 'legion-gaia', path: '../../legion-gaia'

data/lex-mesh.gemspec CHANGED Viewed

@@ -25,5 +25,7 @@ Gem::Specification.new do |spec|
     Dir.glob('{lib,spec}/**/*') + %w[lex-mesh.gemspec Gemfile]
   end
   spec.require_paths = ['lib']
-  spec.add_development_dependency 'legion-gaia'
+  spec.add_dependency 'base64'
+  spec.add_dependency 'ed25519', '~> 1.3'
 end

data/lib/legion/extensions/mesh/actors/pending_expiry.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+require 'legion/extensions/actors/every'
+module Legion
+  module Extensions
+    module Mesh
+      module Actor
+        class PendingExpiry < Legion::Extensions::Actors::Every
+          def runner_class
+            Legion::Extensions::Mesh::Runners::Preferences
+          end
+          def runner_function
+            'expire_pending_requests'
+          end
+          def time
+            30
+          end
+          def use_runner?
+            false
+          end
+          def check_subtask?
+            false
+          end
+          def generate_task?
+            false
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/mesh/actors/preference_listener.rb ADDED Viewed

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+require 'legion/extensions/actors/subscription'
+module Legion
+  module Extensions
+    module Mesh
+      module Actor
+        class PreferenceListener < Legion::Extensions::Actors::Subscription
+          def runner_class
+            Legion::Extensions::Mesh::Runners::Preferences
+          end
+          def runner_function
+            'dispatch_preference_message'
+          end
+          def check_subtask?
+            false
+          end
+          def generate_task?
+            false
+          end
+          def use_runner?
+            false
+          end
+          def queue
+            Legion::Extensions::Mesh::Transport::Queues::Preference
+          end
+          def enabled?
+            defined?(Legion::Extensions::Mesh::Runners::Preferences) &&
+              defined?(Legion::Transport)
+          rescue StandardError
+            false
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/mesh/actors/silence_watchdog.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+require 'legion/extensions/actors/every'
+module Legion
+  module Extensions
+    module Mesh
+      module Actor
+        class SilenceWatchdog < Legion::Extensions::Actors::Every
+          def runner_class
+            Legion::Extensions::Mesh::Runners::Mesh
+          end
+          def runner_function
+            'expire_silent_agents'
+          end
+          def time
+            15
+          end
+          def use_runner?
+            false
+          end
+          def check_subtask?
+            false
+          end
+          def generate_task?
+            false
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/mesh/client.rb CHANGED Viewed

@@ -1,16 +1,21 @@
 # frozen_string_literal: true
+require 'legion/extensions/mesh/runners/mesh'
+require 'legion/extensions/mesh/runners/preferences'
+require 'legion/extensions/mesh/helpers/preference_profile'
+require 'legion/extensions/mesh/helpers/pending_requests'
 require 'legion/extensions/mesh/helpers/topology'
 require 'legion/extensions/mesh/helpers/registry'
-require 'legion/extensions/mesh/runners/mesh'
 module Legion
   module Extensions
     module Mesh
       class Client
         include Runners::Mesh
+        include Runners::Preferences
-        def initialize(**)
+        def initialize(**opts)
+          @opts = opts
           @mesh_registry = Helpers::Registry.new
         end

data/lib/legion/extensions/mesh/helpers/delegation.rb ADDED Viewed

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+require 'securerandom'
+module Legion
+  module Extensions
+    module Mesh
+      module Helpers
+        class Delegation
+          CONSENT_LEVELS = %i[read execute admin].freeze
+          attr_reader :delegations
+          def initialize(max_depth: 3, max_active_per_agent: 10)
+            @delegations = {}
+            @agent_delegations = Hash.new { |h, k| h[k] = [] }
+            @max_depth = max_depth
+            @max_active_per_agent = max_active_per_agent
+          end
+          def create(from:, to:, task_context:, consent_level:, parent_delegation_id: nil)
+            depth = compute_depth(parent_delegation_id)
+            return { error: :max_depth_exceeded } if depth >= @max_depth
+            if parent_delegation_id
+              parent = find(parent_delegation_id)
+              return { error: :consent_escalation } if parent && CONSENT_LEVELS.index(consent_level) > CONSENT_LEVELS.index(parent[:consent_level])
+            end
+            active_count = (@agent_delegations[from] || []).count do |id|
+              @delegations[id]&.fetch(:status, nil) == :active
+            end
+            return { error: :max_active_exceeded } if active_count >= @max_active_per_agent
+            id = "del-#{SecureRandom.uuid}"
+            record = {
+              delegation_id:        id,
+              from_agent_id:        from,
+              to_agent_id:          to,
+              task_context:         task_context,
+              consent_level:        consent_level,
+              parent_delegation_id: parent_delegation_id,
+              depth:                depth,
+              status:               :active,
+              created_at:           Time.now.utc,
+              completed_at:         nil
+            }
+            @delegations[id] = record
+            @agent_delegations[from] << id
+            @agent_delegations[to] << id
+            record
+          end
+          def complete(delegation_id)
+            record = @delegations[delegation_id]
+            return nil unless record && record[:status] == :active
+            record[:status] = :completed
+            record[:completed_at] = Time.now.utc
+            record
+          end
+          def revoke(delegation_id)
+            record = @delegations[delegation_id]
+            return nil unless record && record[:status] == :active
+            record[:status] = :revoked
+            record[:completed_at] = Time.now.utc
+            cascade_revoke(delegation_id)
+            record
+          end
+          def chain(delegation_id)
+            result = []
+            current = @delegations[delegation_id]
+            while current
+              result.unshift(current)
+              current = current[:parent_delegation_id] ? @delegations[current[:parent_delegation_id]] : nil
+            end
+            result
+          end
+          def for_agent(agent_id, status: nil)
+            ids = @agent_delegations[agent_id] || []
+            results = ids.filter_map { |id| @delegations[id] }
+            results = results.select { |d| d[:status] == status } if status
+            results
+          end
+          def find(delegation_id)
+            @delegations[delegation_id]
+          end
+          def stats
+            active = @delegations.values.count { |d| d[:status] == :active }
+            depths = @delegations.values.map { |d| d[:depth] }
+            {
+              total:     @delegations.size,
+              active:    active,
+              avg_depth: depths.empty? ? 0 : depths.sum.to_f / depths.size,
+              max_depth: depths.max || 0
+            }
+          end
+          private
+          def compute_depth(parent_delegation_id)
+            return 0 unless parent_delegation_id
+            parent = find(parent_delegation_id)
+            (parent&.fetch(:depth, 0) || 0) + 1
+          end
+          def cascade_revoke(parent_id)
+            @delegations.each_value do |d|
+              next unless d[:parent_delegation_id] == parent_id && d[:status] == :active
+              d[:status] = :revoked
+              d[:completed_at] = Time.now.utc
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/mesh/helpers/peer_verify.rb ADDED Viewed

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+require 'base64'
+module Legion
+  module Extensions
+    module Mesh
+      module Helpers
+        module PeerVerify
+          class << self
+            def sign_message(payload, private_key_b64)
+              require 'ed25519'
+              key = Ed25519::SigningKey.new(Base64.strict_decode64(private_key_b64))
+              message_bytes = json_dump(payload)
+              signature = key.sign(message_bytes)
+              { payload: payload, signature: Base64.strict_encode64(signature), signed_bytes: message_bytes }
+            end
+            def verify_message(signed_message, org_id:)
+              peer = find_peer(org_id)
+              return { valid: false, org_id: org_id, reason: :unknown_peer } unless peer
+              require 'ed25519'
+              pub_key_b64 = peer[:public_key].sub(/\Aed25519:/, '')
+              verify_key  = Ed25519::VerifyKey.new(Base64.strict_decode64(pub_key_b64))
+              signature   = Base64.strict_decode64(signed_message[:signature])
+              message_bytes = signed_message[:signed_bytes] || json_dump(signed_message[:payload])
+              verify_key.verify(signature, message_bytes)
+              { valid: true, org_id: org_id }
+            rescue Ed25519::VerifyError
+              { valid: false, org_id: org_id, reason: :invalid_signature }
+            rescue StandardError => e
+              { valid: false, org_id: org_id, reason: :error, message: e.message }
+            end
+            def check_rate_limit(org_id)
+              @counters ||= Hash.new { |h, k| h[k] = { count: 0, window_start: Time.now.utc } }
+              counter = @counters[org_id]
+              peer  = find_peer(org_id)
+              limit = peer&.dig(:rate_limit) || 100
+              if Time.now.utc - counter[:window_start] > 60
+                counter[:count] = 0
+                counter[:window_start] = Time.now.utc
+              end
+              counter[:count] += 1
+              return { allowed: true, remaining: limit - counter[:count] } if counter[:count] <= limit
+              { allowed: false, error: :rate_limited, org_id: org_id }
+            end
+            def reset_counters!
+              @counters = nil
+            end
+            private
+            def find_peer(org_id)
+              return nil unless defined?(Legion::Settings)
+              peers = Legion::Settings.dig(:mesh, :trusted_peers) || []
+              peers.find { |p| p[:org_id] == org_id }
+            end
+            def json_dump(data)
+              if defined?(Legion::JSON)
+                Legion::JSON.dump({ data: data })
+              else
+                require 'json'
+                ::JSON.dump({ data: data })
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/mesh/helpers/pending_requests.rb ADDED Viewed

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+module Legion
+  module Extensions
+    module Mesh
+      module Helpers
+        class PendingRequests
+          def initialize(default_ttl: 5)
+            @default_ttl = default_ttl
+            @requests = {}
+            @mutex = Mutex.new
+          end
+          def register(correlation_id:, callback:, ttl: nil)
+            @mutex.synchronize do
+              @requests[correlation_id] = {
+                callback:      callback,
+                registered_at: Time.now,
+                ttl:           ttl || @default_ttl
+              }
+            end
+          end
+          def resolve(correlation_id:, result:) # rubocop:disable Naming/PredicateMethod
+            entry = @mutex.synchronize { @requests.delete(correlation_id) }
+            return false unless entry
+            entry[:callback]&.call(result)
+            true
+          end
+          def pending?(correlation_id)
+            @mutex.synchronize { @requests.key?(correlation_id) }
+          end
+          def pending_count
+            @mutex.synchronize { @requests.size }
+          end
+          def expire
+            now = Time.now
+            expired = []
+            @mutex.synchronize do
+              @requests.each do |id, entry|
+                next unless now - entry[:registered_at] >= entry[:ttl]
+                expired << id
+              end
+              expired.each { |id| @requests.delete(id) }
+            end
+            expired
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/mesh/helpers/registry.rb CHANGED Viewed

@@ -65,6 +65,18 @@ module Legion
             msg
           end
+          def expire_silent_agents(timeout: Topology::MESH_SILENCE_TIMEOUT)
+            cutoff = Time.now.utc - timeout
+            expired = []
+            @agents.each_value do |agent|
+              next unless agent[:status] == :online && agent[:last_seen] < cutoff
+              agent[:status] = :offline
+              expired << agent[:agent_id]
+            end
+            expired
+          end
           def online_agents
             @agents.values.select { |a| a[:status] == :online }
           end

data/lib/legion/extensions/mesh/runners/delegation.rb ADDED Viewed

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+require_relative '../helpers/delegation'
+module Legion
+  module Extensions
+    module Mesh
+      module Runners
+        module Delegation
+          include Legion::Extensions::Helpers::Lex if defined?(Legion::Extensions::Helpers::Lex)
+          def delegate(from:, to:, task_context:, consent_level: :execute, parent_delegation_id: nil, **) # rubocop:disable Metrics/ParameterLists
+            result = delegation_tracker.create(
+              from:                 from,
+              to:                   to,
+              task_context:         task_context,
+              consent_level:        consent_level.to_sym,
+              parent_delegation_id: parent_delegation_id
+            )
+            return { success: false, **result } if result[:error]
+            publish_delegation_event('delegation.created', result)
+            { success: true, delegation_id: result[:delegation_id], depth: result[:depth] }
+          end
+          def complete_delegation(delegation_id:, **)
+            result = delegation_tracker.complete(delegation_id)
+            return { success: false, reason: :not_found_or_inactive } unless result
+            publish_delegation_event('delegation.completed', result)
+            { success: true, delegation_id: delegation_id }
+          end
+          def revoke_delegation(delegation_id:, **)
+            result = delegation_tracker.revoke(delegation_id)
+            return { success: false, reason: :not_found_or_inactive } unless result
+            publish_delegation_event('delegation.revoked', result)
+            { success: true, delegation_id: delegation_id }
+          end
+          def delegation_chain(delegation_id:, **)
+            chain = delegation_tracker.chain(delegation_id)
+            { success: true, chain: chain, depth: [chain.size - 1, 0].max }
+          end
+          def agent_delegations(agent_id:, status: nil, **)
+            results = delegation_tracker.for_agent(agent_id, status: status&.to_sym)
+            { success: true, delegations: results, count: results.size }
+          end
+          def delegation_stats(**)
+            delegation_tracker.stats.merge(success: true)
+          end
+          private
+          def publish_delegation_event(event_type, record)
+            return unless defined?(Legion::Extensions::Audit::Transport::Messages::Audit)
+            Legion::Extensions::Audit::Transport::Messages::Audit.new(
+              event_type:   event_type,
+              principal_id: record[:from_agent_id],
+              action:       event_type.split('.').last,
+              resource:     "delegation:#{record[:delegation_id]}",
+              detail:       { to: record[:to_agent_id], depth: record[:depth], consent: record[:consent_level] }
+            ).publish
+          rescue StandardError => e
+            Legion::Logging.warn "[mesh] failed to publish #{event_type}: #{e.message}" if defined?(Legion::Logging)
+          end
+          def delegation_tracker
+            @delegation_tracker ||= begin
+              max_depth = nil
+              max_active = nil
+              if defined?(Legion::Settings)
+                max_depth  = Legion::Settings.dig(:mesh, :delegation, :max_depth)
+                max_active = Legion::Settings.dig(:mesh, :delegation, :max_active_per_agent)
+              end
+              Helpers::Delegation.new(max_depth: max_depth || 3, max_active_per_agent: max_active || 10)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/mesh/runners/mesh.rb CHANGED Viewed

@@ -18,6 +18,7 @@ module Legion
             result = mesh_registry.unregister_agent(agent_id)
             if result
               Legion::Logging.info "[mesh] unregistered: agent=#{agent_id}"
+              publish_mesh_departure(agent_id: agent_id, capabilities: result[:capabilities] || [])
               { unregistered: true }
             else
               Legion::Logging.debug "[mesh] unregister failed: agent=#{agent_id} not found"
@@ -55,8 +56,27 @@ module Legion
             { total: total, online: online.size, message_count: msgs }
           end
+          def expire_silent_agents(**)
+            expired = mesh_registry.expire_silent_agents
+            expired.each do |agent_id|
+              Legion::Logging.info "[mesh] expired silent agent: #{agent_id}"
+            end
+            { success: true, expired: expired, count: expired.size }
+          end
           private
+          def publish_mesh_departure(agent_id:, capabilities:)
+            return unless defined?(Legion::Extensions::Mesh::Transport::Messages::MeshDeparture)
+            Legion::Extensions::Mesh::Transport::Messages::MeshDeparture.new(
+              agent_id: agent_id, capabilities: capabilities
+            ).publish
+            Legion::Logging.debug "[mesh] departure signal published: agent=#{agent_id}"
+          rescue StandardError => e
+            Legion::Logging.warn "[mesh] failed to publish departure signal: #{e.message}"
+          end
           def mesh_registry
             @mesh_registry ||= Helpers::Registry.new
           end