@smilintux/skcapstone 0.1.0

package/src/skcapstone/pillars/identity.py

@@ -0,0 +1,91 @@
+"""
+Identity pillar — CapAuth integration.
+
+PGP-based sovereign identity. The agent IS its key.
+No corporate SSO. No OAuth dance. Cryptographic proof of self.
+"""
+
+from __future__ import annotations
+
+import json
+import subprocess
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Optional
+
+from ..models import IdentityState, PillarStatus
+
+
+def generate_identity(
+    home: Path,
+    name: str,
+    email: Optional[str] = None,
+) -> IdentityState:
+    """Generate a new sovereign identity for the agent.
+
+    Tries CapAuth first (full PGP key generation).
+    Falls back to recording identity metadata without key material.
+
+    Args:
+        home: Agent home directory (~/.skcapstone).
+        name: Agent display name.
+        email: Optional email for the identity.
+
+    Returns:
+        IdentityState with the new identity.
+    """
+    identity_dir = home / "identity"
+    identity_dir.mkdir(parents=True, exist_ok=True)
+
+    state = IdentityState(
+        name=name,
+        email=email or f"{name.lower().replace(' ', '-')}@skcapstone.local",
+        created_at=datetime.now(timezone.utc),
+        status=PillarStatus.DEGRADED,
+    )
+
+    try:
+        from capauth.keys import generate_keypair  # type: ignore[import-untyped]
+
+        pub_key, fingerprint = generate_keypair(
+            name=name,
+            email=state.email,
+            output_dir=str(identity_dir),
+        )
+        state.fingerprint = fingerprint
+        state.key_path = identity_dir / "agent.pub"
+        state.status = PillarStatus.ACTIVE
+    except (ImportError, Exception):
+        # Reason: CapAuth not installed or key generation failed —
+        # record identity metadata anyway so agent has a name
+        state.fingerprint = _generate_placeholder_fingerprint(name)
+        state.status = PillarStatus.DEGRADED
+
+    identity_manifest = {
+        "name": state.name,
+        "email": state.email,
+        "fingerprint": state.fingerprint,
+        "created_at": state.created_at.isoformat() if state.created_at else None,
+        "capauth_managed": state.status == PillarStatus.ACTIVE,
+    }
+    (identity_dir / "identity.json").write_text(json.dumps(identity_manifest, indent=2))
+
+    return state
+
+
+def _generate_placeholder_fingerprint(name: str) -> str:
+    """Generate a deterministic placeholder fingerprint from the agent name.
+
+    Not cryptographic — just a consistent identifier until CapAuth
+    is installed and proper PGP keys are generated.
+
+    Args:
+        name: Agent display name.
+
+    Returns:
+        A hex string resembling a fingerprint.
+    """
+    import hashlib
+
+    digest = hashlib.sha256(f"skcapstone:{name}".encode()).hexdigest()
+    return digest[:40].upper()

package/src/skcapstone/pillars/memory.py

@@ -0,0 +1,61 @@
+"""
+Memory pillar — sovereign memory initialization.
+
+Persistent context across platforms and sessions.
+The agent remembers. Always. Everywhere.
+
+The built-in memory engine (memory_engine.py) provides full
+store/search/recall/list/gc capabilities. The optional external
+`skmemory` package adds legacy compatibility but is NOT required.
+"""
+
+from __future__ import annotations
+
+from pathlib import Path
+from typing import Optional
+
+from ..models import MemoryLayer, MemoryState, PillarStatus
+
+
+def initialize_memory(home: Path, memory_home: Optional[Path] = None) -> MemoryState:
+    """Initialize memory for the agent.
+
+    Creates the memory directory structure with layer subdirs.
+    The built-in memory engine handles all operations; no
+    external package required.
+
+    Args:
+        home: Agent home directory (~/.skcapstone).
+        memory_home: Unused, kept for backward compatibility.
+
+    Returns:
+        MemoryState after initialization.
+    """
+    memory_dir = home / "memory"
+    memory_dir.mkdir(parents=True, exist_ok=True)
+
+    for layer in MemoryLayer:
+        (memory_dir / layer.value).mkdir(parents=True, exist_ok=True)
+
+    state = MemoryState(store_path=memory_dir, status=PillarStatus.ACTIVE)
+    return state
+
+
+def get_memory_stats(home: Path) -> dict:
+    """Get current memory statistics from the built-in engine.
+
+    Args:
+        home: Agent home directory (~/.skcapstone).
+
+    Returns:
+        Dict with memory layer counts.
+    """
+    from ..memory_engine import get_stats
+
+    stats = get_stats(home)
+    return {
+        "short_term": stats.short_term,
+        "mid_term": stats.mid_term,
+        "long_term": stats.long_term,
+        "total": stats.total_memories,
+    }

package/src/skcapstone/pillars/security.py

@@ -0,0 +1,83 @@
+"""
+Security pillar — SKSecurity integration.
+
+Audit everything. Detect threats. Protect the sovereign.
+"""
+
+from __future__ import annotations
+
+import json
+from datetime import datetime, timezone
+from pathlib import Path
+
+from ..models import PillarStatus, SecurityState
+
+
+def initialize_security(home: Path) -> SecurityState:
+    """Initialize security layer for the agent.
+
+    Creates audit log structure and baseline security config.
+
+    Args:
+        home: Agent home directory (~/.skcapstone).
+
+    Returns:
+        SecurityState after initialization.
+    """
+    security_dir = home / "security"
+    security_dir.mkdir(parents=True, exist_ok=True)
+
+    state = SecurityState()
+
+    try:
+        import sksecurity  # type: ignore[import-untyped]
+
+        state.status = PillarStatus.DEGRADED
+    except ImportError:
+        security_config = {
+            "note": "Install sksecurity (pip install sksecurity) for full security",
+            "audit_enabled": True,
+        }
+        (security_dir / "security.json").write_text(json.dumps(security_config, indent=2))
+        state.status = PillarStatus.DEGRADED
+        _init_audit_log(security_dir)
+        return state
+
+    _init_audit_log(security_dir)
+
+    baseline = {
+        "threats_detected": 0,
+        "last_scan": None,
+        "audit_enabled": True,
+        "initialized_at": datetime.now(timezone.utc).isoformat(),
+    }
+    (security_dir / "security.json").write_text(json.dumps(baseline, indent=2))
+
+    return state
+
+
+def _init_audit_log(security_dir: Path) -> None:
+    """Create the audit log file with a header entry."""
+    audit_log = security_dir / "audit.log"
+    if not audit_log.exists():
+        timestamp = datetime.now(timezone.utc).isoformat()
+        audit_log.write_text(f"[{timestamp}] INIT — SKCapstone security audit log created\n")
+
+
+def audit_event(home: Path, event_type: str, detail: str) -> None:
+    """Append an event to the audit log.
+
+    Args:
+        home: Agent home directory.
+        event_type: Event category (INIT, AUTH, MEMORY, TRUST, etc.).
+        detail: Human-readable event description.
+    """
+    security_dir = home / "security"
+    security_dir.mkdir(parents=True, exist_ok=True)
+    audit_log = security_dir / "audit.log"
+
+    timestamp = datetime.now(timezone.utc).isoformat()
+    entry = f"[{timestamp}] {event_type} — {detail}\n"
+
+    with audit_log.open("a") as f:
+        f.write(entry)