@lythos/cold-pool 0.14.2 → 0.14.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lythos/cold-pool",
-  "version": "0.14.2",
+  "version": "0.14.3",
   "description": "Cold pool service layer — dedicated resource holder for skill repositories with intent/plan/execute primitives. Single owner of git side-effects; consumed by deck/curator/arena.",
   "keywords": [
     "ai-agent",
@@ -42,7 +42,7 @@
   },
   "homepage": "https://github.com/lythos-labs/lythoskill/tree/main/packages/lythoskill-cold-pool#readme",
   "dependencies": {
-    "@lythos/infra": "^0.14.2",
+    "@lythos/infra": "^0.14.3",
     "simple-git": "^3.36.0"
   },
   "engines": {

package/src/cli.ts

@@ -185,9 +185,19 @@ async function main(): Promise<void> {
         }
       }
 
+      // Metadata integrity check
+      const integrity = pool.metadata.validateIntegrity()
+
       pool.metadata.close()
 
       // Report
+      if (!integrity.ok) {
+        if (integrity.stored === null) {
+          console.log(`ℹ️  Metadata fingerprint not yet stored — first reconcile will create it.`)
+        } else {
+          console.log(`⚠️  Metadata integrity: ${integrity.message}`)
+        }
+      }
       console.log(`\n📊 Validate Report`)
       console.log(`   Cold pool: ${coldPoolPath}`)
       console.log(`   Skills declared: ${lock.skills.length}`)

package/src/metadata-db.test.ts

@@ -155,4 +155,60 @@ describe('MetadataDB', () => {
       db2.close()
     })
   })
+
+  describe('integrity fingerprint', () => {
+    it('creates fingerprint after reconcileDeckReferences', () => {
+      db.reconcileDeckReferences('/tmp/test-deck', [
+        { locator: 'github.com/a/b/skill-x', alias: 'x' },
+      ])
+      const result = db.validateIntegrity()
+      expect(result.ok).toBe(true)
+      expect(result.stored).not.toBeNull()
+      expect(result.computed).toBe(result.stored!)
+    })
+
+    it('detects data tampering (corrupted active locators)', () => {
+      db.reconcileDeckReferences('/tmp/test-deck', [
+        { locator: 'github.com/a/b/skill-x', alias: 'x' },
+      ])
+      expect(db.validateIntegrity().ok).toBe(true)
+
+      // Tamper: remove a locator directly via SQL
+      db['db'].exec(`DELETE FROM deck_refs`)
+      const result = db.validateIntegrity()
+      expect(result.ok).toBe(false)
+      expect(result.message).toContain('mismatch')
+    })
+
+    it('detects swapped DB (different schema version)', () => {
+      db.reconcileDeckReferences('/tmp/test-deck', [
+        { locator: 'github.com/a/b/skill-x', alias: 'x' },
+      ])
+      expect(db.validateIntegrity().ok).toBe(true)
+
+      // Tamper: bump schema version in fingerprint record without migration
+      db['db'].exec(`UPDATE _meta_fingerprint SET schema_version = 99`)
+      const result = db.validateIntegrity()
+      expect(result.ok).toBe(false)
+      expect(result.message).toContain('Schema version')
+    })
+
+    it('returns ok when fingerprint is consistent', () => {
+      db.reconcileDeckReferences('/tmp/deck-1', [
+        { locator: 'github.com/x/y/skill-a', alias: 'a' },
+        { locator: 'github.com/x/y/skill-b', alias: 'b' },
+      ])
+      const r1 = db.validateIntegrity()
+      expect(r1.ok).toBe(true)
+
+      // Second reconcile with same data — fingerprint recomputed, still ok
+      db.reconcileDeckReferences('/tmp/deck-1', [
+        { locator: 'github.com/x/y/skill-a', alias: 'a' },
+        { locator: 'github.com/x/y/skill-b', alias: 'b' },
+      ])
+      const r2 = db.validateIntegrity()
+      expect(r2.ok).toBe(true)
+      expect(r2.stored).toBe(r1.computed) // stored should now be latest
+    })
+  })
 })

package/src/metadata-db.ts

@@ -21,6 +21,7 @@
  */
 
 import { SqliteDb } from '@lythos/infra'
+import { createHash } from 'node:crypto'
 
 export type DeckRefState = 'added' | 'linked' | 'removed'
 
@@ -52,7 +53,7 @@ export interface DeckReference {
   removedAt: string | null
 }
 
-const CURRENT_SCHEMA = 6
+const CURRENT_SCHEMA = 7
 
 export class MetadataDB extends SqliteDb {
   constructor(dbPath: string) {
@@ -103,6 +104,16 @@ export class MetadataDB extends SqliteDb {
     this.exec(`CREATE INDEX IF NOT EXISTS idx_deck_refs_state ON deck_refs(state)`)
     this.exec(`CREATE INDEX IF NOT EXISTS idx_skills_repo ON skills(host, owner, repo)`)
 
+    this.exec(`
+      CREATE TABLE IF NOT EXISTS _meta_fingerprint (
+        id INTEGER PRIMARY KEY CHECK (id = 1),
+        fingerprint TEXT NOT NULL,
+        computed_at TEXT NOT NULL,
+        schema_version INTEGER NOT NULL,
+        active_locator_count INTEGER NOT NULL
+      )
+    `)
+
     // Schema migrations
     this.migrateSchema(CURRENT_SCHEMA, [
       { version: 1, sql: `CREATE TABLE IF NOT EXISTS _schema_version (version INTEGER NOT NULL)` },
@@ -126,6 +137,18 @@ export class MetadataDB extends SqliteDb {
         version: 6,
         sql: `ALTER TABLE deck_refs ADD COLUMN mode TEXT DEFAULT 'symlink'`,
       },
+      {
+        version: 7,
+        sql: `
+          CREATE TABLE IF NOT EXISTS _meta_fingerprint (
+            id INTEGER PRIMARY KEY CHECK (id = 1),
+            fingerprint TEXT NOT NULL,
+            computed_at TEXT NOT NULL,
+            schema_version INTEGER NOT NULL,
+            active_locator_count INTEGER NOT NULL
+          )
+        `,
+      },
     ])
   }
 
@@ -360,5 +383,71 @@ export class MetadataDB extends SqliteDb {
       }
       insert.finalize()
     })()
+
+    this.computeAndStoreFingerprint()
+  }
+
+  // ── Integrity fingerprint ─────────────────────────────────────
+
+  private computeAndStoreFingerprint(): void {
+    const activeLocators = this.getAllActiveLocators().sort().join('\n')
+    const repoCount = (this.db.query('SELECT COUNT(*) as cnt FROM repos').get() as { cnt: number } | null)?.cnt ?? 0
+    const skillCount = (this.db.query('SELECT COUNT(*) as cnt FROM skills').get() as { cnt: number } | null)?.cnt ?? 0
+    const refCount = (this.db.query('SELECT COUNT(*) as cnt FROM deck_refs').get() as { cnt: number } | null)?.cnt ?? 0
+    const alc = activeLocators ? activeLocators.split('\n').length : 0
+    const payload = `${activeLocators}\n${CURRENT_SCHEMA}\n${repoCount}\n${skillCount}\n${refCount}`
+    const fingerprint = createHash('sha256').update(payload).digest('hex')
+
+    this.exec(
+      `INSERT OR REPLACE INTO _meta_fingerprint (id, fingerprint, computed_at, schema_version, active_locator_count)
+       VALUES (1, $fp, $now, $sv, $alc)`,
+      { $fp: fingerprint, $now: this.now(), $sv: CURRENT_SCHEMA, $alc: alc },
+    )
+  }
+
+  /**
+   * Recompute the fingerprint and compare with stored value.
+   * Returns { ok: true } if match, { ok: false, message } with repair hint if mismatch.
+   */
+  validateIntegrity(): { ok: boolean; stored: string | null; computed: string; message: string } {
+    const row = this.db
+      .query(`SELECT fingerprint, computed_at, schema_version FROM _meta_fingerprint WHERE id = 1`)
+      .get() as { fingerprint: string; computed_at: string; schema_version: number } | null
+
+    const activeLocators = this.getAllActiveLocators().sort().join('\n')
+    const repoCount = (this.db.query('SELECT COUNT(*) as cnt FROM repos').get() as { cnt: number } | null)?.cnt ?? 0
+    const skillCount = (this.db.query('SELECT COUNT(*) as cnt FROM skills').get() as { cnt: number } | null)?.cnt ?? 0
+    const refCount = (this.db.query('SELECT COUNT(*) as cnt FROM deck_refs').get() as { cnt: number } | null)?.cnt ?? 0
+    const payload = `${activeLocators}\n${CURRENT_SCHEMA}\n${repoCount}\n${skillCount}\n${refCount}`
+    const computed = createHash('sha256').update(payload).digest('hex')
+
+    if (!row) {
+      return {
+        ok: false,
+        stored: null,
+        computed,
+        message: 'No fingerprint stored. DB may be uninitialized — run deck link to rebuild.',
+      }
+    }
+
+    if (row.schema_version !== CURRENT_SCHEMA) {
+      return {
+        ok: false,
+        stored: row.fingerprint,
+        computed,
+        message: `Schema version mismatch: stored ${row.schema_version}, current ${CURRENT_SCHEMA}. Run deck link to rebuild metadata.`,
+      }
+    }
+
+    if (row.fingerprint !== computed) {
+      return {
+        ok: false,
+        stored: row.fingerprint,
+        computed,
+        message: 'Fingerprint mismatch — metadata DB may have been swapped, corrupted, or desynchronized from cold pool. Run deck link to rebuild.',
+      }
+    }
+
+    return { ok: true, stored: row.fingerprint, computed, message: 'Integrity OK' }
   }
 }