@nomos-arc/arc 0.1.0

package/src/core/__tests__/budget.test.ts

@@ -0,0 +1,213 @@
+import { describe, it, expect } from 'vitest';
+import { estimateTokens, parseTokensFromOutput, calculateCost, checkBudget } from '../budget.js';
+import type { TaskState, NomosConfig } from '../../types/index.js';
+
+// ── Fixtures ──────────────────────────────────────────────────────────────────
+
+function makeState(tokens_used: number): TaskState {
+  return {
+    schema_version: 1,
+    task_id: 'task-budget-test',
+    current_version: 1,
+    meta: {
+      status: 'planning',
+      created_at: '2026-04-03T00:00:00.000Z',
+      updated_at: '2026-04-03T00:00:00.000Z',
+    },
+    orchestration: { planner_bin: 'claude', reviewer_bin: 'codex' },
+    shadow_branch: {
+      branch: 'nomos/task-budget-test',
+      worktree: '/tmp/nomos-worktrees/proj/task-budget-test',
+      base_commit: 'abc123',
+      status: 'active',
+    },
+    context: { files: [], rules: ['global.md'], rules_hash: 'sha256:abc' },
+    budget: { tokens_used, estimated_cost_usd: 0 },
+    history: [],
+  };
+}
+
+function makeConfig(max_tokens_per_task: number, warn_at_percent: number): NomosConfig {
+  return {
+    execution: {
+      default_mode: 'supervised',
+      shadow_branch_prefix: 'nomos/',
+      worktree_base: '/tmp/nomos-worktrees',
+      supervised_heartbeat_timeout_ms: 30000,
+    },
+    binaries: {
+      planner: {
+        cmd: 'claude', args: [], pty: true,
+        total_timeout_ms: 60000, heartbeat_timeout_ms: 30000,
+        max_output_bytes: 1048576, usage_pattern: null,
+      },
+      reviewer: {
+        cmd: 'codex', args: [], pty: false,
+        total_timeout_ms: 60000, heartbeat_timeout_ms: 30000,
+        max_output_bytes: 1048576, usage_pattern: null,
+      },
+    },
+    convergence: { score_threshold: 0.85, max_iterations: 3 },
+    budget: {
+      max_tokens_per_task,
+      warn_at_percent,
+      cost_per_1k_tokens: {},
+    },
+    security: {
+      sanitize_patterns: [],
+      entropy_threshold: 4.5,
+      sanitize_on: ['input', 'output'],
+      safe_commands: [],
+      redaction_label: '[REDACTED]',
+    },
+    git: { auto_commit: true, include_logs: false, commit_prefix: 'nomos:', sign_commits: false },
+    review: { max_context_files: 5 },
+    graph: {
+      exclude_patterns: ['node_modules', 'dist'],
+      ai_enrichment: true,
+      ai_model: 'gemini-1.5-flash',
+      ai_concurrency: 5,
+      ai_requests_per_minute: 14,
+      max_file_chars: 4000,
+      core_modules_count: 10,
+      output_dir: 'tasks-management/graph',
+    },
+    logging: { level: 'info', retain_days: 7 },
+    search: {
+      embedding_model: 'gemini-embedding-001',
+      embedding_dimensions: 768,
+      vector_store_path: 'tasks-management/graph/vector_index',
+      default_top_k: 5,
+      default_threshold: 0.7,
+      batch_size: 50,
+      embedding_requests_per_minute: 300,
+      request_timeout_ms: 30000,
+    },
+    auth: {
+      credentials_path: '~/.nomos/credentials.json',
+      redirect_port: 3000,
+    },
+  };
+}
+
+// ── estimateTokens ────────────────────────────────────────────────────────────
+
+describe('estimateTokens', () => {
+  it('returns separate input/output token estimates from character counts', () => {
+    const prompt = 'a'.repeat(4000);
+    const output = 'b'.repeat(4000);
+    const result = estimateTokens(prompt, output);
+    expect(result).toEqual({ input_tokens: 1000, output_tokens: 1000, total: 2000 });
+  });
+
+  it('uses Math.ceil so partial chars round up', () => {
+    const result = estimateTokens('abc', 'x'); // 3 chars → ceil(0.75)=1, 1 char → 1
+    expect(result.input_tokens).toBe(1);
+    expect(result.output_tokens).toBe(1);
+    expect(result.total).toBe(2);
+  });
+});
+
+// ── parseTokensFromOutput ─────────────────────────────────────────────────────
+
+describe('parseTokensFromOutput', () => {
+  it('returns null when usagePattern is null', () => {
+    const result = parseTokensFromOutput('Tokens used: 12345', null);
+    expect(result).toBeNull();
+  });
+
+  it('returns null when pattern does not match', () => {
+    const result = parseTokensFromOutput('No token info here', 'Tokens used:\\s*(\\d+)');
+    expect(result).toBeNull();
+  });
+
+  it('applies 90/10 split for single-group pattern', () => {
+    // total=12345, input=Math.round(12345*0.9)=11111, output=12345-11111=1234
+    const result = parseTokensFromOutput('Tokens used: 12345', 'Tokens used:\\s*(\\d+)');
+    expect(result).toEqual({ input_tokens: 11111, output_tokens: 1234, total: 12345 });
+  });
+
+  it('captures separate input/output for two-group pattern', () => {
+    const result = parseTokensFromOutput(
+      'Input: 5000 Output: 1000',
+      'Input:\\s*(\\d+).*Output:\\s*(\\d+)',
+    );
+    expect(result).toEqual({ input_tokens: 5000, output_tokens: 1000, total: 6000 });
+  });
+});
+
+// ── calculateCost ─────────────────────────────────────────────────────────────
+
+describe('calculateCost', () => {
+  it('returns 0 for unknown binary cmd', () => {
+    const tokens = { input_tokens: 900, output_tokens: 100, total: 1000 };
+    const cost = calculateCost(tokens, 'unknown-bin', { claude: 0.015 });
+    expect(cost).toBe(0);
+  });
+
+  it('uses split rates when costMap entry is a plain number (backward compat)', () => {
+    // Rate = 0.015 per 1K output; input = 0.015/5 = 0.003
+    // input cost: (900/1000)*0.003 = 0.0027
+    // output cost: (100/1000)*0.015 = 0.0015
+    // total: 0.0042 (rounded to 6 decimal places)
+    const tokens = { input_tokens: 900, output_tokens: 100, total: 1000 };
+    const cost = calculateCost(tokens, 'claude', { claude: 0.015 });
+    expect(cost).toBeCloseTo(0.0042, 6);
+    // Must NOT equal the flat-rate result (0.015 * 1 = 0.015)
+    expect(cost).not.toBeCloseTo(0.015, 6);
+  });
+
+  it('uses explicit input/output rates from object entry', () => {
+    // input cost: (900/1000)*0.003 = 0.0027
+    // output cost: (100/1000)*0.015 = 0.0015
+    // total: 0.0042
+    const tokens = { input_tokens: 900, output_tokens: 100, total: 1000 };
+    const cost = calculateCost(tokens, 'claude', { claude: { input: 0.003, output: 0.015 } });
+    expect(cost).toBeCloseTo(0.0042, 6);
+  });
+
+  it('normalizes absolute path to basename for map lookup', () => {
+    const tokens = { input_tokens: 500, output_tokens: 500, total: 1000 };
+    const withAbsPath = calculateCost(tokens, '/usr/local/bin/claude', { claude: { input: 0.003, output: 0.015 } });
+    const withBasename = calculateCost(tokens, 'claude', { claude: { input: 0.003, output: 0.015 } });
+    expect(withAbsPath).toBe(withBasename);
+    expect(withAbsPath).toBeGreaterThan(0);
+  });
+
+  it('returns 0 when normalized basename is not in the map (e.g. npx)', () => {
+    const tokens = { input_tokens: 900, output_tokens: 100, total: 1000 };
+    const cost = calculateCost(tokens, 'npx', { claude: 0.015 });
+    expect(cost).toBe(0);
+  });
+});
+
+// ── checkBudget ───────────────────────────────────────────────────────────────
+
+describe('checkBudget', () => {
+  it('blocks when tokens_used equals max_tokens_per_task', () => {
+    const state = makeState(100000);
+    const config = makeConfig(100000, 80);
+    const result = checkBudget(state, config);
+    expect(result.allowed).toBe(false);
+    expect(result.error).toContain('Token budget exceeded');
+    expect(result.error).toContain('100000 / 100000');
+  });
+
+  it('warns at 80% of budget', () => {
+    const state = makeState(80000);
+    const config = makeConfig(100000, 80);
+    const result = checkBudget(state, config);
+    expect(result.allowed).toBe(true);
+    expect(result.warning).toContain('80%');
+    expect(result.warning).toContain('80000 / 100000');
+  });
+
+  it('allows without warning below warn threshold', () => {
+    const state = makeState(50000);
+    const config = makeConfig(100000, 80);
+    const result = checkBudget(state, config);
+    expect(result.allowed).toBe(true);
+    expect(result.warning).toBeUndefined();
+    expect(result.error).toBeUndefined();
+  });
+});

package/src/core/__tests__/certificate.test.ts

@@ -0,0 +1,385 @@
+import { describe, it, expect } from 'vitest';
+import { createHash } from 'crypto';
+import { CertificateEngine } from '../certificate.js';
+import { NomosError } from '../errors.js';
+import type { TaskState, HistoryEntry, ReviewResult } from '../../types/index.js';
+
+// ── Helpers ──────────────────────────────────────────────────────────────────
+
+function sha256(data: string): string {
+  return `sha256:${createHash('sha256').update(data).digest('hex')}`;
+}
+
+function makeReviewResult(score: number): ReviewResult {
+  return {
+    score,
+    mode: 'auto',
+    issues: [
+      {
+        severity: 'low',
+        category: 'maintainability',
+        description: 'Consider extracting helper function',
+        suggestion: 'Move repeated logic into a shared utility',
+      },
+    ],
+    summary: 'Code meets standards with minor suggestions for improvement.',
+  };
+}
+
+function makePlanningEntry(version: number): HistoryEntry {
+  return {
+    version,
+    step: 'planning',
+    mode: 'supervised',
+    binary: 'claude',
+    started_at: `2026-04-0${version}T10:00:00.000Z`,
+    completed_at: `2026-04-0${version}T10:05:00.000Z`,
+    raw_output: `planning output v${version}`,
+    output_hash: sha256(`planning output v${version}`),
+    input_tokens: 1000,
+    output_tokens: 2000,
+    tokens_used: 3000,
+    tokens_source: 'metered',
+    rules_snapshot: ['global.md', 'backend.md'],
+    review: null,
+  };
+}
+
+function makeReviewEntry(version: number, score: number): HistoryEntry {
+  return {
+    version,
+    step: 'reviewing',
+    mode: 'auto',
+    binary: 'codex',
+    started_at: `2026-04-0${version}T11:00:00.000Z`,
+    completed_at: `2026-04-0${version}T11:03:00.000Z`,
+    raw_output: `review output v${version}`,
+    output_hash: sha256(`review output v${version}`),
+    input_tokens: 500,
+    output_tokens: 800,
+    tokens_used: 1300,
+    tokens_source: 'metered',
+    rules_snapshot: ['global.md', 'backend.md'],
+    review: makeReviewResult(score),
+  };
+}
+
+function makeApprovedState(taskId: string): TaskState {
+  return {
+    schema_version: 1,
+    task_id: taskId,
+    current_version: 2,
+    meta: {
+      status: 'approved',
+      created_at: '2026-04-01T09:00:00.000Z',
+      updated_at: '2026-04-02T11:03:00.000Z',
+      approval_reason: 'score_threshold',
+    },
+    orchestration: {
+      planner_bin: 'claude',
+      reviewer_bin: 'codex',
+    },
+    shadow_branch: {
+      branch: `nomos/${taskId}`,
+      worktree: `/tmp/nomos-worktrees/${taskId}`,
+      base_commit: 'a1b2c3d4e5f6',
+      status: 'active',
+    },
+    context: {
+      files: ['src/main.ts'],
+      rules: ['global.md', 'backend.md'],
+      rules_hash: 'sha256:rules000',
+    },
+    budget: {
+      tokens_used: 8600,
+      estimated_cost_usd: 0.0215,
+    },
+    history: [
+      makePlanningEntry(1),
+      makeReviewEntry(1, 0.65),
+      makePlanningEntry(2),
+      makeReviewEntry(2, 0.92),
+    ],
+  };
+}
+
+function makeMergedState(taskId: string): TaskState {
+  const state = makeApprovedState(taskId);
+  state.meta.status = 'merged';
+  state.shadow_branch.status = 'merged';
+  return state;
+}
+
+// ── Tests ────────────────────────────────────────────────────────────────────
+
+describe('CertificateEngine — computeChainHash', () => {
+  const engine = new CertificateEngine();
+
+  it('returns deterministic hash for same history', () => {
+    const history = [makePlanningEntry(1), makeReviewEntry(1, 0.9)];
+    const result1 = engine.computeChainHash(history);
+    const result2 = engine.computeChainHash(history);
+    expect(result1.chainHash).toBe(result2.chainHash);
+    expect(result1.chainHash).toMatch(/^sha256:[a-f0-9]{64}$/);
+  });
+
+  it('handles single entry', () => {
+    const history = [makePlanningEntry(1)];
+    const result = engine.computeChainHash(history);
+    expect(result.chainHash).toMatch(/^sha256:[a-f0-9]{64}$/);
+    expect(result.canonicalEntries).toHaveLength(1);
+  });
+
+  it('handles empty history', () => {
+    const result = engine.computeChainHash([]);
+    expect(result.chainHash).toMatch(/^sha256:[a-f0-9]{64}$/);
+    expect(result.canonicalEntries).toHaveLength(0);
+  });
+
+  it('produces different hash when an entry is tampered', () => {
+    const history = [makePlanningEntry(1), makeReviewEntry(1, 0.9)];
+    const original = engine.computeChainHash(history);
+
+    const tampered = [...history];
+    tampered[0] = { ...tampered[0]!, output_hash: 'sha256:tampered' };
+    const after = engine.computeChainHash(tampered);
+
+    expect(original.chainHash).not.toBe(after.chainHash);
+  });
+
+  it('produces different hash when entry order changes', () => {
+    const history = [makePlanningEntry(1), makeReviewEntry(1, 0.9)];
+    const reversed = [makeReviewEntry(1, 0.9), makePlanningEntry(1)];
+
+    const h1 = engine.computeChainHash(history);
+    const h2 = engine.computeChainHash(reversed);
+    expect(h1.chainHash).not.toBe(h2.chainHash);
+  });
+});
+
+describe('CertificateEngine — generate', () => {
+  const engine = new CertificateEngine();
+
+  it('generates valid certificate for approved task', () => {
+    const state = makeApprovedState('task-001');
+    const cert = engine.generate(state);
+
+    expect(cert.certificate_version).toBe(1);
+    expect(cert.task_id).toBe('task-001');
+    expect(cert.task_status).toBe('approved');
+    expect(cert.models.planner).toBe('claude');
+    expect(cert.models.reviewer).toBe('codex');
+    expect(cert.iterations).toHaveLength(2);
+    expect(cert.final_review.score).toBe(0.92);
+    expect(cert.final_review.approval_reason).toBe('score_threshold');
+    expect(cert.integrity.chain_hash).toMatch(/^sha256:[a-f0-9]{64}$/);
+    expect(cert.integrity.entry_hashes).toHaveLength(4);
+    expect(cert.integrity.canonical_entries).toHaveLength(4);
+    expect(cert.integrity.chain_algorithm).toBe('sha256-sequential');
+    expect(cert.certificate_hash).toMatch(/^sha256:[a-f0-9]{64}$/);
+    expect(cert.budget.token_breakdown.input_tokens).toBe(3000);
+    expect(cert.budget.token_breakdown.output_tokens).toBe(5600);
+  });
+
+  it('generates valid certificate for merged task', () => {
+    const state = makeMergedState('task-002');
+    const cert = engine.generate(state);
+    expect(cert.task_status).toBe('merged');
+    expect(cert.repository.branch_status).toBe('merged');
+  });
+
+  it('throws certificate_not_eligible for init status', () => {
+    const state = makeApprovedState('task-003');
+    state.meta.status = 'init';
+
+    expect(() => engine.generate(state)).toThrow(NomosError);
+    expect(() => engine.generate(state)).toThrow(/certificate_not_eligible|Cannot generate certificate/);
+  });
+
+  it('throws certificate_not_eligible for planning status', () => {
+    const state = makeApprovedState('task-004');
+    state.meta.status = 'planning';
+    expect(() => engine.generate(state)).toThrow(NomosError);
+  });
+
+  it('throws certificate_not_eligible for discarded status', () => {
+    const state = makeApprovedState('task-005');
+    state.meta.status = 'discarded';
+    expect(() => engine.generate(state)).toThrow(NomosError);
+  });
+
+  it('throws when no review entries exist', () => {
+    const state = makeApprovedState('task-006');
+    state.history = [makePlanningEntry(1)];
+    expect(() => engine.generate(state)).toThrow(/at least one planning and one reviewing/);
+  });
+
+  it('throws when no planning entries exist', () => {
+    const state = makeApprovedState('task-007');
+    state.history = [makeReviewEntry(1, 0.9)];
+    expect(() => engine.generate(state)).toThrow(/at least one planning and one reviewing/);
+  });
+
+  it('throws when last review has no review result', () => {
+    const state = makeApprovedState('task-008');
+    // Remove review result from last reviewing entry
+    const lastReview = state.history.find(
+      (e, i) => e.step === 'reviewing' && i === state.history.length - 1,
+    );
+    if (lastReview) lastReview.review = null;
+    // Need to ensure the last reviewing entry specifically has null review
+    state.history = [makePlanningEntry(1), { ...makeReviewEntry(1, 0.9), review: null }];
+    expect(() => engine.generate(state)).toThrow(/no review result/);
+  });
+
+  it('groups iterations correctly by version', () => {
+    const state = makeApprovedState('task-009');
+    const cert = engine.generate(state);
+
+    expect(cert.iterations[0]!.version).toBe(1);
+    expect(cert.iterations[0]!.planning.binary).toBe('claude');
+    expect(cert.iterations[0]!.review?.binary).toBe('codex');
+    expect(cert.iterations[0]!.review?.score).toBe(0.65);
+
+    expect(cert.iterations[1]!.version).toBe(2);
+    expect(cert.iterations[1]!.review?.score).toBe(0.92);
+  });
+
+  it('excludes raw_output from certificate', () => {
+    const state = makeApprovedState('task-010');
+    const cert = engine.generate(state);
+    const json = JSON.stringify(cert);
+    expect(json).not.toContain('raw_output');
+    expect(json).not.toContain('planning output v');
+  });
+});
+
+describe('CertificateEngine — verify', () => {
+  const engine = new CertificateEngine();
+
+  it('passes all checks for untampered certificate', () => {
+    const state = makeApprovedState('task-v01');
+    const cert = engine.generate(state);
+    const result = engine.verify(cert);
+
+    expect(result.valid).toBe(true);
+    expect(result.checks).toHaveLength(5);
+    expect(result.checks.every(c => c.passed)).toBe(true);
+  });
+
+  it('passes all checks for merged task certificate', () => {
+    const state = makeMergedState('task-v02');
+    const cert = engine.generate(state);
+    const result = engine.verify(cert);
+    expect(result.valid).toBe(true);
+  });
+
+  it('fails when certificate_hash is tampered', () => {
+    const state = makeApprovedState('task-v03');
+    const cert = engine.generate(state);
+    cert.certificate_hash = 'sha256:0000000000000000000000000000000000000000000000000000000000000000';
+
+    const result = engine.verify(cert);
+    expect(result.valid).toBe(false);
+
+    const hashCheck = result.checks.find(c => c.name === 'certificate_hash');
+    expect(hashCheck?.passed).toBe(false);
+  });
+
+  it('fails when chain_hash is tampered', () => {
+    const state = makeApprovedState('task-v04');
+    const cert = engine.generate(state);
+    cert.integrity.chain_hash = 'sha256:0000000000000000000000000000000000000000000000000000000000000000';
+    // Re-seal certificate_hash so only chain_hash check fails
+    const { certificate_hash: _, ...payload } = cert;
+    cert.certificate_hash = `sha256:${createHash('sha256').update(JSON.stringify(payload, null, 2)).digest('hex')}`;
+
+    const result = engine.verify(cert);
+    expect(result.valid).toBe(false);
+
+    const chainCheck = result.checks.find(c => c.name === 'chain_hash');
+    expect(chainCheck?.passed).toBe(false);
+  });
+
+  it('fails when iteration output_hash is tampered', () => {
+    const state = makeApprovedState('task-v05');
+    const cert = engine.generate(state);
+    cert.iterations[0]!.planning.output_hash = 'sha256:tampered';
+    // This breaks entry_hash_consistency (iteration data vs canonical entries)
+    // and also certificate_hash (payload changed)
+
+    const result = engine.verify(cert);
+    expect(result.valid).toBe(false);
+  });
+
+  it('fails for non-eligible status', () => {
+    const state = makeApprovedState('task-v06');
+    const cert = engine.generate(state);
+    // Force-override status (bypassing generate's check)
+    (cert as any).task_status = 'planning';
+    // Re-seal
+    const { certificate_hash: _, ...payload } = cert;
+    cert.certificate_hash = `sha256:${createHash('sha256').update(JSON.stringify(payload, null, 2)).digest('hex')}`;
+
+    const result = engine.verify(cert);
+    expect(result.valid).toBe(false);
+
+    const statusCheck = result.checks.find(c => c.name === 'status_validity');
+    expect(statusCheck?.passed).toBe(false);
+  });
+
+  it('reports ALL failing checks, not just the first', () => {
+    const state = makeApprovedState('task-v07');
+    const cert = engine.generate(state);
+
+    // Tamper multiple things
+    (cert as any).task_status = 'init';
+    cert.integrity.chain_hash = 'sha256:bad';
+    cert.certificate_hash = 'sha256:bad';
+
+    const result = engine.verify(cert);
+    expect(result.valid).toBe(false);
+
+    const failedChecks = result.checks.filter(c => !c.passed);
+    expect(failedChecks.length).toBeGreaterThanOrEqual(3);
+  });
+});
+
+describe('CertificateEngine — parse', () => {
+  const engine = new CertificateEngine();
+
+  it('parses valid certificate JSON', () => {
+    const state = makeApprovedState('task-p01');
+    const cert = engine.generate(state);
+    const json = JSON.stringify(cert, null, 2);
+
+    const parsed = engine.parse(json);
+    expect(parsed.task_id).toBe('task-p01');
+    expect(parsed.certificate_version).toBe(1);
+  });
+
+  it('throws certificate_invalid for malformed JSON', () => {
+    expect(() => engine.parse('not json')).toThrow(NomosError);
+    expect(() => engine.parse('not json')).toThrow(/not valid JSON/);
+  });
+
+  it('throws certificate_invalid for missing fields', () => {
+    expect(() => engine.parse('{"task_id": "x"}')).toThrow(NomosError);
+    expect(() => engine.parse('{"task_id": "x"}')).toThrow(/validation failed/);
+  });
+});
+
+describe('CertificateEngine — round-trip integrity', () => {
+  const engine = new CertificateEngine();
+
+  it('generate → JSON → parse → verify is fully consistent', () => {
+    const state = makeApprovedState('task-rt1');
+    const cert = engine.generate(state);
+    const json = JSON.stringify(cert, null, 2);
+    const parsed = engine.parse(json);
+    const result = engine.verify(parsed);
+
+    expect(result.valid).toBe(true);
+    expect(result.checks.every(c => c.passed)).toBe(true);
+  });
+});