@kognai/orchestrator-core 0.1.0

package/dist/lib/omel/wipe-witness.js

@@ -0,0 +1,398 @@
+"use strict";
+// OMEL Wipe Witness — Sprint 178 + Sprint 183 Hardening (AMD-13)
+// Detection layer for destructive agent writes and file deletions.
+// Would have caught Sprint 171 qwen3:14b 2800-line file rewrites.
+//
+// Public API:
+//   beforeWrite(filePath, agentId) → WitnessToken  (SHA-256 + size before write)
+//   afterWrite(token, newSizeBytes) → void           (shrink alert if new < 50% old)
+//   beforeDelete(filePath, agentId) → void            (log deletion event)
+//   getShrinkAlerts() → ShrinkAlert[]
+//   rollback(filePath, stepsBack?) → boolean          (Sprint 183)
+//   integrityReport(scanDir) → IntegrityReport        (Sprint 183)
+//
+// Sprint 183 hardening additions:
+//   - Last-3-state rollback: restore file to any of last 3 pre-write states
+//   - Auto-rollback on ShrinkAlert unless WIPE_WITNESS_NO_ROLLBACK=true
+//   - Nightly integrity report: scan agent files vs last known hashes
+//   - run-swarm.sh integration: pre-run snapshot + post-run drift report
+//
+// Audit log: logs/omel/wipe-witness-YYYY-MM-DD.jsonl
+// Telegram:  TELEGRAM_BOT_TOKEN / OWNER_TELEGRAM_CHAT_ID (fire-and-forget)
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.wipeWitness = exports.WipeWitness = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const engine_paths_1 = require("../engine-paths");
+const https = __importStar(require("https"));
+const crypto_1 = require("crypto");
+const LOGS_DIR = path.join((0, engine_paths_1.resolveEnginePaths)().root, 'logs', 'omel');
+const SNAPSHOTS_DIR = path.join(LOGS_DIR, 'wipe-witness-snapshots');
+const HASHES_FILE = path.join(LOGS_DIR, 'wipe-witness-hashes.json');
+fs.mkdirSync(LOGS_DIR, { recursive: true });
+fs.mkdirSync(SNAPSHOTS_DIR, { recursive: true });
+const LOG_FILE = () => {
+    const date = new Date().toISOString().slice(0, 10);
+    return path.join(LOGS_DIR, `wipe-witness-${date}.jsonl`);
+};
+// ── Internal helpers ──────────────────────────────────────────────────────────
+function appendLog(entry) {
+    try {
+        fs.appendFileSync(LOG_FILE(), JSON.stringify(entry) + '\n');
+    }
+    catch { /* never crash caller */ }
+}
+function sha256File(filePath) {
+    try {
+        const data = fs.readFileSync(filePath);
+        return (0, crypto_1.createHash)('sha256').update(data).digest('hex');
+    }
+    catch {
+        return '';
+    }
+}
+function sha256Buf(buf) {
+    return (0, crypto_1.createHash)('sha256').update(buf).digest('hex');
+}
+function sendTelegramAlert(message) {
+    const botToken = process.env.TELEGRAM_BOT_TOKEN || '';
+    const chatId = process.env.OWNER_TELEGRAM_CHAT_ID || '';
+    if (!botToken || !chatId)
+        return; // silently skip if not configured
+    const payload = JSON.stringify({ chat_id: chatId, text: message, parse_mode: 'Markdown' });
+    try {
+        const req = https.request({
+            hostname: 'api.telegram.org',
+            path: `/bot${botToken}/sendMessage`,
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(payload) },
+        });
+        req.on('error', () => { }); // fire-and-forget, never crash server
+        req.write(payload);
+        req.end();
+    }
+    catch { /* silent */ }
+}
+function loadSnapshotStore() {
+    const storePath = path.join(SNAPSHOTS_DIR, 'index.json');
+    try {
+        if (fs.existsSync(storePath)) {
+            return JSON.parse(fs.readFileSync(storePath, 'utf-8'));
+        }
+    }
+    catch { /* ignore */ }
+    return {};
+}
+function saveSnapshotStore(store) {
+    const storePath = path.join(SNAPSHOTS_DIR, 'index.json');
+    try {
+        fs.writeFileSync(storePath, JSON.stringify(store, null, 2), 'utf-8');
+    }
+    catch { /* non-fatal */ }
+}
+function snapshotFile(filePath) {
+    try {
+        if (!fs.existsSync(filePath))
+            return null;
+        const data = fs.readFileSync(filePath);
+        const hash = sha256Buf(data);
+        const key = Buffer.from(filePath).toString('base64').replace(/[/+=]/g, '_');
+        const ts = Date.now();
+        const snapName = `${key}-${ts}.snap`;
+        const snapPath = path.join(SNAPSHOTS_DIR, snapName);
+        fs.writeFileSync(snapPath, data);
+        return {
+            snapshotPath: snapPath,
+            hash,
+            sizeBytes: data.length,
+            savedAt: new Date(ts).toISOString(),
+        };
+    }
+    catch {
+        return null;
+    }
+}
+function saveSnapshot(filePath) {
+    const store = loadSnapshotStore();
+    const snap = snapshotFile(filePath);
+    if (!snap)
+        return null;
+    if (!store[filePath])
+        store[filePath] = [];
+    store[filePath].unshift(snap); // newest first
+    // Keep only last 3
+    const evicted = store[filePath].splice(3);
+    for (const old of evicted) {
+        try {
+            fs.unlinkSync(old.snapshotPath);
+        }
+        catch { /* ok */ }
+    }
+    saveSnapshotStore(store);
+    return snap.snapshotPath;
+}
+function loadHashStore() {
+    try {
+        if (fs.existsSync(HASHES_FILE)) {
+            return JSON.parse(fs.readFileSync(HASHES_FILE, 'utf-8'));
+        }
+    }
+    catch { /* ignore */ }
+    return {};
+}
+function saveHashStore(store) {
+    try {
+        fs.writeFileSync(HASHES_FILE, JSON.stringify(store, null, 2), 'utf-8');
+    }
+    catch { /* non-fatal */ }
+}
+// ── WipeWitness class ─────────────────────────────────────────────────────────
+class WipeWitness {
+    shrinkAlerts = [];
+    /**
+     * Capture SHA-256 hash + size of file before write.
+     * Saves a snapshot for rollback (last 3 states).
+     * If file does not exist (new file): returns token with oldSizeBytes=0 and oldHash=''.
+     */
+    beforeWrite(filePath, agentId) {
+        const exists = fs.existsSync(filePath);
+        const snapshotKey = exists ? (saveSnapshot(filePath) ?? undefined) : undefined;
+        const token = {
+            filePath,
+            agentId,
+            oldHash: exists ? sha256File(filePath) : '',
+            oldSizeBytes: exists ? fs.statSync(filePath).size : 0,
+            createdAt: new Date().toISOString(),
+            snapshotKey,
+        };
+        appendLog({ event: 'before_write', ...token });
+        return token;
+    }
+    /**
+     * Compare new size against old size.
+     * If new_size < 0.5 * old_size → emit ShrinkAlert + Telegram notification.
+     * Auto-rollback unless WIPE_WITNESS_NO_ROLLBACK=true.
+     * Skips shrink check if oldSizeBytes === 0 (new file creation).
+     */
+    afterWrite(token, newSizeBytes) {
+        appendLog({
+            event: 'after_write',
+            filePath: token.filePath,
+            agentId: token.agentId,
+            oldSizeBytes: token.oldSizeBytes,
+            newSizeBytes,
+            ts: new Date().toISOString(),
+        });
+        if (token.oldSizeBytes === 0)
+            return; // new file — no baseline to compare
+        const ratio = newSizeBytes / token.oldSizeBytes;
+        if (newSizeBytes < 0.5 * token.oldSizeBytes) {
+            let rolledBack = false;
+            // Auto-rollback unless disabled
+            if (process.env.WIPE_WITNESS_NO_ROLLBACK !== 'true' && token.snapshotKey) {
+                try {
+                    fs.copyFileSync(token.snapshotKey, token.filePath);
+                    rolledBack = true;
+                    appendLog({
+                        event: 'auto_rollback',
+                        filePath: token.filePath,
+                        agentId: token.agentId,
+                        from: token.snapshotKey,
+                        ts: new Date().toISOString(),
+                    });
+                }
+                catch (err) {
+                    appendLog({
+                        event: 'auto_rollback_failed',
+                        filePath: token.filePath,
+                        error: err.message,
+                        ts: new Date().toISOString(),
+                    });
+                }
+            }
+            const alert = {
+                filePath: token.filePath,
+                agentId: token.agentId,
+                oldSizeBytes: token.oldSizeBytes,
+                newSizeBytes,
+                ratio,
+                ts: new Date().toISOString(),
+                rolledBack,
+            };
+            this.shrinkAlerts.push(alert);
+            appendLog({ event: 'shrink_alert', ...alert });
+            const pct = (ratio * 100).toFixed(1);
+            sendTelegramAlert(`⚠️ *[OMEL WipeWitness] Shrink Alert*\n` +
+                `File: \`${token.filePath}\`\n` +
+                `Agent: ${token.agentId}\n` +
+                `${token.oldSizeBytes} bytes → ${newSizeBytes} bytes (${pct}% of original)\n` +
+                `Threshold: <50% triggers alert\n` +
+                (rolledBack
+                    ? `✅ Auto-rolled back to previous state.`
+                    : `⚠️ Auto-rollback skipped (WIPE_WITNESS_NO_ROLLBACK=true or no snapshot).`));
+        }
+    }
+    /**
+     * Log a deletion event before the file is removed.
+     * Captures hash + size for audit trail.
+     */
+    beforeDelete(filePath, agentId) {
+        const exists = fs.existsSync(filePath);
+        appendLog({
+            event: 'before_delete',
+            filePath,
+            agentId,
+            sizeBytes: exists ? fs.statSync(filePath).size : 0,
+            hash: exists ? sha256File(filePath) : '',
+            ts: new Date().toISOString(),
+        });
+    }
+    /**
+     * Return all shrink alerts accumulated in this session.
+     */
+    getShrinkAlerts() {
+        return [...this.shrinkAlerts];
+    }
+    /**
+     * Restore a file to a previous state (one of last 3 snapshots).
+     * @param filePath   Absolute path to the file to restore
+     * @param stepsBack  1 = most recent snapshot, 2 = second most recent, 3 = oldest. Default 1.
+     * @returns true if rollback succeeded, false otherwise.
+     */
+    rollback(filePath, stepsBack = 1) {
+        const store = loadSnapshotStore();
+        const snaps = store[filePath];
+        if (!snaps || snaps.length === 0) {
+            appendLog({ event: 'rollback_no_snapshot', filePath, stepsBack, ts: new Date().toISOString() });
+            return false;
+        }
+        const idx = Math.min(stepsBack - 1, snaps.length - 1);
+        const snap = snaps[idx];
+        try {
+            fs.copyFileSync(snap.snapshotPath, filePath);
+            appendLog({
+                event: 'rollback',
+                filePath,
+                stepsBack,
+                snapshotPath: snap.snapshotPath,
+                savedAt: snap.savedAt,
+                ts: new Date().toISOString(),
+            });
+            return true;
+        }
+        catch (err) {
+            appendLog({
+                event: 'rollback_failed',
+                filePath,
+                stepsBack,
+                error: err.message,
+                ts: new Date().toISOString(),
+            });
+            return false;
+        }
+    }
+    /**
+     * Take a hash snapshot of all .ts files in a directory.
+     * Returns a HashStore map for later comparison.
+     * Used by run-swarm.sh pre-run.
+     */
+    snapshotDir(scanDir) {
+        const store = {};
+        function walk(dir) {
+            try {
+                for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
+                    const full = path.join(dir, entry.name);
+                    if (entry.isDirectory() && entry.name !== 'node_modules' && entry.name !== '.git') {
+                        walk(full);
+                    }
+                    else if (entry.isFile() && entry.name.endsWith('.ts')) {
+                        const rel = path.relative(scanDir, full);
+                        store[rel] = sha256File(full);
+                    }
+                }
+            }
+            catch { /* skip unreadable dirs */ }
+        }
+        walk(scanDir);
+        saveHashStore(store);
+        appendLog({ event: 'snapshot_taken', scan_dir: scanDir, file_count: Object.keys(store).length, ts: new Date().toISOString() });
+        return store;
+    }
+    /**
+     * Nightly integrity report: compare current file hashes vs last snapshot.
+     * Returns drifted, new, and deleted files.
+     */
+    integrityReport(scanDir) {
+        const oldStore = loadHashStore();
+        const newStore = this.snapshotDir(scanDir);
+        const ts = new Date().toISOString();
+        const drifted = [];
+        const newFiles = [];
+        const delFiles = [];
+        for (const [file, newHash] of Object.entries(newStore)) {
+            if (!oldStore[file]) {
+                newFiles.push(file);
+            }
+            else if (oldStore[file] !== newHash) {
+                drifted.push({ file, old_hash: oldStore[file], new_hash: newHash });
+            }
+        }
+        for (const file of Object.keys(oldStore)) {
+            if (!newStore[file])
+                delFiles.push(file);
+        }
+        const report = {
+            ts,
+            scan_dir: scanDir,
+            total_files: Object.keys(newStore).length,
+            drifted,
+            new_files: newFiles,
+            deleted_files: delFiles,
+        };
+        appendLog({ event: 'integrity_report', ...report });
+        if (drifted.length > 0 || delFiles.length > 0) {
+            sendTelegramAlert(`🔍 *[OMEL WipeWitness] Integrity Drift*\n` +
+                `Drifted: ${drifted.length} files\n` +
+                `Deleted: ${delFiles.length} files\n` +
+                `New: ${newFiles.length} files\n` +
+                `Run: \`npx ts-node scripts/lib/omel/wipe-witness.ts report\` for details.`);
+        }
+        return report;
+    }
+}
+exports.WipeWitness = WipeWitness;
+// Exported singleton
+exports.wipeWitness = new WipeWitness();

package/dist/lib/orchestrate-engine.d.ts

@@ -0,0 +1,25 @@
+#!/usr/bin/env ts-node
+/**
+ * Invoica Agent Orchestrator v2
+ *
+ * Dynamic Agent Architecture:
+ *   Leadership (Claude via Anthropic API):
+ *     - CEO: Sprint planning, strategy, decisions, daily reports
+ *     - Supervisor 1: Code review & quality gate (DeepSeek via ClawRouter,
+ *                     Claude Sonnet 4.6 for high-stakes; was OpenAI Codex originally)
+ *     - Supervisor 2: Code review & quality gate (Claude Haiku 4.5,
+ *                     DeepSeek via ClawRouter as drain fallback; was OpenAI Codex originally)
+ *     - Skills: Agent/skill factory
+ *   Marketing (Manus AI — runs independently):
+ *     - CMO: Brand strategy, market intelligence, product proposals (reports loaded from files)
+ *   Technology (MiniMax M2.5):
+ *     - CTO: Data-driven analysis, OpenClaw/ClawHub monitoring, agent spawning proposals
+ *   Execution (MiniMax M2.5 — dynamically loaded from agents/ directory):
+ *     - Coding agents auto-discovered from agents/{name}/prompt.md
+ *     - New agents created by CTO proposals + CEO approval
+ *
+ * Flow: CEO plans → MiniMax codes → Dual Supervisor review (DeepSeek + Haiku)
+ *       → CEO resolves conflicts → CTO analyzes → CMO reports → CEO daily report
+ */
+declare function main(): Promise<void>;
+export { main as runOrchestrator };