swt3-ai 0.1.1 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/swt3_ai/fingerprint.rb +43 -0
- data/lib/swt3_ai/signing.rb +15 -0
- data/lib/swt3_ai/types.rb +29 -0
- data/lib/swt3_ai.rb +7 -3
- metadata +9 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 91d5ca9a917067963c5ab81b0a3cf7a90b092122e278342d8615df04f577778e
|
|
4
|
+
data.tar.gz: 7f4cfc6fa1073306cb6467893aa79004bcddd04c26ef9cf3da4238eaded93404
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7e627e85595287b88a118ca68fa7ff794728527fdeec26243632fd8fd17aada1c3e8e2a6f6372ae782bc3e7c7a3f004d195c8346da5f11201b7227da177c0d82
|
|
7
|
+
data.tar.gz: 551f2f3bc32b4bb5d80a620e44bc6d163296d148e9c029402ac21cfd4fcc4a12f7141563209a3db6feb6efeee664c840ad68e2ff66d5e62a83cfc37e7e697675
|
data/README.md
CHANGED
|
@@ -13,7 +13,7 @@ The EU AI Act takes effect **August 2, 2026**. When regulators ask "prove your A
|
|
|
13
13
|
|
|
14
14
|
This package reserves the `swt3-ai` namespace on RubyGems. The full Ruby SDK is under development.
|
|
15
15
|
|
|
16
|
-
Production SDKs are available today for Python and
|
|
16
|
+
Production SDKs are available today for Python, TypeScript, Rust, C#, and Ruby:
|
|
17
17
|
|
|
18
18
|
```bash
|
|
19
19
|
# Python
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
require "openssl"
|
|
2
|
+
|
|
3
|
+
module Swt3Ai
|
|
4
|
+
module Fingerprint
|
|
5
|
+
# Mint an SWT3 fingerprint from the canonical formula.
|
|
6
|
+
#
|
|
7
|
+
# Returns the first 12 hex characters of:
|
|
8
|
+
# SHA-256("WITNESS:{tenant}:{proc}:{fa}:{fb}:{fc}:{ts_ms}")
|
|
9
|
+
#
|
|
10
|
+
# This formula is locked and must produce identical output across
|
|
11
|
+
# all SWT3 SDK implementations (Python, TypeScript, Rust, C#, Ruby).
|
|
12
|
+
def self.mint_fingerprint(tenant_id, procedure_id, factor_a, factor_b, factor_c, timestamp_ms)
|
|
13
|
+
input = "WITNESS:#{tenant_id}:#{procedure_id}:#{num_str(factor_a)}:#{num_str(factor_b)}:#{num_str(factor_c)}:#{timestamp_ms}"
|
|
14
|
+
sha256_hex(input, 12)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
# Compute a truncated SHA-256 hash. Default length is 16 hex characters.
|
|
18
|
+
def self.sha256_truncated(data, length = 16)
|
|
19
|
+
sha256_hex(data, length)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
# Compute SHA-256 and return the first N hex characters.
|
|
23
|
+
def self.sha256_hex(data, length = 64)
|
|
24
|
+
digest = OpenSSL::Digest::SHA256.hexdigest(data.to_s)
|
|
25
|
+
digest[0, [length, 64].min]
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
# Get the current timestamp in milliseconds and epoch seconds.
|
|
29
|
+
def self.timestamp_ms
|
|
30
|
+
ms = (Time.now.to_f * 1000).to_i
|
|
31
|
+
epoch = ms / 1000
|
|
32
|
+
[ms, epoch]
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
# Format a numeric factor as a string matching the canonical formula.
|
|
36
|
+
# Integer-valued floats are formatted without decimals: 1.0 -> "1"
|
|
37
|
+
def self.num_str(v)
|
|
38
|
+
v == v.to_i ? v.to_i.to_s : v.to_s
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
private_class_method :num_str
|
|
42
|
+
end
|
|
43
|
+
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
require "openssl"
|
|
2
|
+
|
|
3
|
+
module Swt3Ai
|
|
4
|
+
module Signing
|
|
5
|
+
# Sign a payload with HMAC-SHA256 for non-repudiation.
|
|
6
|
+
#
|
|
7
|
+
# If agent_id is provided, the message is "{fingerprint}:{agent_id}".
|
|
8
|
+
# Otherwise, the message is just the fingerprint.
|
|
9
|
+
# Returns a 64-character lowercase hex string.
|
|
10
|
+
def self.sign_payload(signing_key, anchor_fingerprint, agent_id = nil)
|
|
11
|
+
message = agent_id ? "#{anchor_fingerprint}:#{agent_id}" : anchor_fingerprint
|
|
12
|
+
OpenSSL::HMAC.hexdigest("SHA256", signing_key, message)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
module Swt3Ai
|
|
2
|
+
# A witness payload ready for transmission to the witness endpoint.
|
|
3
|
+
WitnessPayload = Struct.new(
|
|
4
|
+
:procedure_id, :factor_a, :factor_b, :factor_c,
|
|
5
|
+
:clearing_level, :anchor_fingerprint, :anchor_epoch,
|
|
6
|
+
:fingerprint_timestamp_ms, :ai_model_id, :ai_prompt_hash,
|
|
7
|
+
:ai_response_hash, :ai_latency_ms, :ai_input_tokens,
|
|
8
|
+
:ai_output_tokens, :agent_id, :cycle_id,
|
|
9
|
+
:payload_signature, :signing_key_id, :signing_key_version,
|
|
10
|
+
:policy_version_hash,
|
|
11
|
+
keyword_init: true
|
|
12
|
+
)
|
|
13
|
+
|
|
14
|
+
# A receipt returned by the witness endpoint after successful anchoring.
|
|
15
|
+
WitnessReceipt = Struct.new(
|
|
16
|
+
:procedure_id, :verdict, :swt3_anchor, :clearing_level,
|
|
17
|
+
:witnessed_at, :verification_url, :ok, :error,
|
|
18
|
+
keyword_init: true
|
|
19
|
+
)
|
|
20
|
+
|
|
21
|
+
# Configuration for a Witness client.
|
|
22
|
+
WitnessConfig = Struct.new(
|
|
23
|
+
:endpoint, :api_key, :tenant_id, :clearing_level,
|
|
24
|
+
:buffer_size, :flush_interval, :timeout, :max_retries,
|
|
25
|
+
:agent_id, :signing_key, :signing_key_id, :signing_key_version,
|
|
26
|
+
:cycle_id, :policy_version,
|
|
27
|
+
keyword_init: true
|
|
28
|
+
)
|
|
29
|
+
end
|
data/lib/swt3_ai.rb
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
|
-
# SWT3 Witness
|
|
2
|
-
# Cryptographic
|
|
1
|
+
# SWT3 AI Witness SDK for Ruby.
|
|
2
|
+
# Cryptographic attestation for AI inference.
|
|
3
3
|
# See https://tenova.io for documentation.
|
|
4
4
|
|
|
5
|
+
require_relative "swt3_ai/fingerprint"
|
|
6
|
+
require_relative "swt3_ai/signing"
|
|
7
|
+
require_relative "swt3_ai/types"
|
|
8
|
+
|
|
5
9
|
module Swt3Ai
|
|
6
|
-
VERSION = "0.
|
|
10
|
+
VERSION = "0.3.6"
|
|
7
11
|
end
|
metadata
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: swt3-ai
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- TeNova Labs
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2026-
|
|
11
|
+
date: 2026-05-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
|
-
description:
|
|
14
|
-
|
|
13
|
+
description: Mint, verify, and sign SWT3 witness anchors for AI compliance. Cross-language
|
|
14
|
+
parity with Python and TypeScript SDKs. Zero external dependencies.
|
|
15
15
|
email:
|
|
16
16
|
- engineering@tenovaai.com
|
|
17
17
|
executables: []
|
|
@@ -20,12 +20,16 @@ extra_rdoc_files: []
|
|
|
20
20
|
files:
|
|
21
21
|
- README.md
|
|
22
22
|
- lib/swt3_ai.rb
|
|
23
|
+
- lib/swt3_ai/fingerprint.rb
|
|
24
|
+
- lib/swt3_ai/signing.rb
|
|
25
|
+
- lib/swt3_ai/types.rb
|
|
23
26
|
homepage: https://tenova.io
|
|
24
27
|
licenses:
|
|
25
28
|
- Apache-2.0
|
|
26
29
|
metadata:
|
|
27
30
|
source_code_uri: https://github.com/tenova-labs/swt3-ai
|
|
28
31
|
homepage_uri: https://tenova.io
|
|
32
|
+
keywords: ai,compliance,witness,swt3,eu-ai-act,nist-ai-rmf,ai-governance,ai-audit,ai-safety,agentic-ai,guardrails,model-governance,cryptographic-attestation
|
|
29
33
|
post_install_message:
|
|
30
34
|
rdoc_options: []
|
|
31
35
|
require_paths:
|
|
@@ -44,5 +48,5 @@ requirements: []
|
|
|
44
48
|
rubygems_version: 3.4.20
|
|
45
49
|
signing_key:
|
|
46
50
|
specification_version: 4
|
|
47
|
-
summary: SWT3 Witness
|
|
51
|
+
summary: 'SWT3 AI Witness SDK: cryptographic attestation for AI inference'
|
|
48
52
|
test_files: []
|