@tenova/swt3-ai 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +93 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -216,6 +216,35 @@ witness.witnessQuantization("gptq", { bits: 4, groupSize: 128 });
|
|
|
216
216
|
|
|
217
217
|
Maps to: EU AI Act Art. 15(4) (resilience against modification), Art. 12(2)(b) (version logging).
|
|
218
218
|
|
|
219
|
+
## Environmental Attestation (Residential and Edge AI)
|
|
220
|
+
|
|
221
|
+
Witness the physical compute environment for distributed, edge-deployed, or residential AI nodes. Proves the hardware operated within safe thermal and power bounds during inference:
|
|
222
|
+
|
|
223
|
+
```typescript
|
|
224
|
+
// Zero-config: auto-detects Linux thermal sensors
|
|
225
|
+
witness.witnessEnvironment();
|
|
226
|
+
|
|
227
|
+
// Manual readings from smart panel APIs or IPMI
|
|
228
|
+
witness.witnessEnvironment({
|
|
229
|
+
temperatureCelsius: 42,
|
|
230
|
+
thresholdCelsius: 75,
|
|
231
|
+
nodeType: "residential",
|
|
232
|
+
});
|
|
233
|
+
|
|
234
|
+
// Power integrity: draw vs capacity
|
|
235
|
+
witness.witnessEnergyDraw({
|
|
236
|
+
powerWatts: 1200,
|
|
237
|
+
capacityWatts: 2400,
|
|
238
|
+
nodeType: "edge",
|
|
239
|
+
});
|
|
240
|
+
```
|
|
241
|
+
|
|
242
|
+
If no sensors are available (dev machine, cloud VM), returns a valid anchor with zero readings. No crash, no error.
|
|
243
|
+
|
|
244
|
+
Use case: enterprises renting compute on distributed residential nodes need cryptographic proof that the node was operating within safe bounds, was not throttled, and was not physically tampered with during their inference window.
|
|
245
|
+
|
|
246
|
+
Maps to: NIST 800-53 PE-14 (environmental controls), EU AI Act Annex I (product safety for home-integrated AI).
|
|
247
|
+
|
|
219
248
|
## Skill Manifest Attestation
|
|
220
249
|
|
|
221
250
|
Witness which skills, tools, and plugins are loaded in your agent:
|
|
@@ -291,6 +320,55 @@ The `agentId` survives all clearing levels. The `signingKey` produces an HMAC-SH
|
|
|
291
320
|
|
|
292
321
|
Receipts include `signature_verified: true` when the server confirms the signature.
|
|
293
322
|
|
|
323
|
+
## Trust Mesh (Mutual Agent Verification)
|
|
324
|
+
|
|
325
|
+
Before two agents exchange data or invoke each other's tools, each verifies the other's compliance posture. No anchor, no handshake.
|
|
326
|
+
|
|
327
|
+
```typescript
|
|
328
|
+
// Agent A: present a signed credential
|
|
329
|
+
const credentialA = witnessA.presentCredential();
|
|
330
|
+
// Send credentialA to Agent B over your transport layer
|
|
331
|
+
|
|
332
|
+
// Agent B: verify Agent A's credential
|
|
333
|
+
witnessB.trustRegistry.trustTenant("TENANT_A");
|
|
334
|
+
witnessB.trustRegistry.registerSigningKey("agent-alpha", "shared-secret-a");
|
|
335
|
+
const result = witnessB.verifyTrust(credentialA);
|
|
336
|
+
|
|
337
|
+
if (result.granted) {
|
|
338
|
+
// Trust level: 1=basic, 2=verified, 3=attested, 4=sovereign
|
|
339
|
+
console.log(`Trusted at level ${result.trustLevel}`);
|
|
340
|
+
} else {
|
|
341
|
+
console.log(`Denied: ${result.denialReason}`);
|
|
342
|
+
}
|
|
343
|
+
```
|
|
344
|
+
|
|
345
|
+
**Trust levels:**
|
|
346
|
+
|
|
347
|
+
| Level | Name | Requires |
|
|
348
|
+
|-------|------|----------|
|
|
349
|
+
| 1 | Basic | Valid credential, unsigned or unverifiable |
|
|
350
|
+
| 2 | Verified | Valid credential + verified HMAC signature |
|
|
351
|
+
| 3 | Attested | Verified + hardware attestation + guardrails |
|
|
352
|
+
| 4 | Sovereign | Attested + clearing level >= 2 |
|
|
353
|
+
|
|
354
|
+
Unsigned credentials are automatically capped at TRUST_BASIC. You cannot claim a higher trust level without a verified signature.
|
|
355
|
+
|
|
356
|
+
**Key exchange:** Exchange signing keys out-of-band (environment variables, secrets manager, KMS). Never send keys over the wire alongside credentials. Each agent registers the counterpart's key:
|
|
357
|
+
|
|
358
|
+
```typescript
|
|
359
|
+
// Agent A registers B's key, B registers A's key
|
|
360
|
+
witnessA.trustRegistry.registerSigningKey("agent-beta", process.env.AGENT_B_KEY!);
|
|
361
|
+
witnessB.trustRegistry.registerSigningKey("agent-alpha", process.env.AGENT_A_KEY!);
|
|
362
|
+
```
|
|
363
|
+
|
|
364
|
+
**Zero-friction path:** Trust mesh works without signing keys. Agents without keys get TRUST_BASIC (level 1), which is sufficient for non-sensitive coordination. Add keys when you need verified or attested trust.
|
|
365
|
+
|
|
366
|
+
**Credential auto-population:** `presentCredential()` automatically includes which procedures the agent has witnessed and whether hardware attestation (AI-HW.1) has been performed. No manual tracking needed.
|
|
367
|
+
|
|
368
|
+
Every verification (pass or fail) mints AI-TRUST.1 + AI-TRUST.2 anchors. Denials produce evidence too.
|
|
369
|
+
|
|
370
|
+
Maps to: EU AI Act Art. 14 (human oversight and mutual accountability between AI systems).
|
|
371
|
+
|
|
294
372
|
## Gatekeeper Mode (Pre-Call Enforcement)
|
|
295
373
|
|
|
296
374
|
New in v0.3.4. Require guardrails to be active *before* the model is called, not just observed after:
|
|
@@ -640,6 +718,18 @@ Your prompts and responses **never leave your infrastructure**. The SDK computes
|
|
|
640
718
|
|
|
641
719
|
---
|
|
642
720
|
|
|
721
|
+
## Upgrading to v0.5.1
|
|
722
|
+
|
|
723
|
+
**Trust Mesh (new):** `presentCredential()` and `verifyTrust()` are new methods. No breaking changes for existing code.
|
|
724
|
+
|
|
725
|
+
**Credential signing (behavioral change):** If your Witness has a `signingKey`, credentials are now HMAC-signed automatically. Counterpart agents must register your key via `trustRegistry.registerSigningKey()` to verify the signature. Without key registration, signed credentials are denied with `signature_unverifiable`. If you were using trust mesh in v0.5.0 without signing keys, credentials are now capped at TRUST_BASIC (level 1). To restore full trust levels, both sides must exchange and register signing keys.
|
|
726
|
+
|
|
727
|
+
**Environmental attestation (new):** `witnessEnvironment()` and `witnessEnergyDraw()` are new methods for AI-ENV.1/AI-ENV.2. No breaking changes.
|
|
728
|
+
|
|
729
|
+
**MCP server:** 16 procedure keyword suggestions (was 8). No breaking changes.
|
|
730
|
+
|
|
731
|
+
---
|
|
732
|
+
|
|
643
733
|
## Documentation
|
|
644
734
|
|
|
645
735
|
- [SDK Reference](https://sovereign.tenova.io/docs/) -- full API, all providers, clearing levels, configuration
|
|
@@ -649,6 +739,9 @@ Your prompts and responses **never leave your infrastructure**. The SDK computes
|
|
|
649
739
|
- [UCT Registry](https://sovereign.tenova.io/registry) -- 162 procedures, full factor definitions
|
|
650
740
|
- [Anchor Verifier](https://sovereign.tenova.io/verify) -- verify any anchor, zero server calls
|
|
651
741
|
- [EU AI Act Regulatory Architecture](https://sovereign.tenova.io/guides/futurium-submission.html) -- VI+CJT+ALF+LAVR framework mapping for conformity assessment bodies
|
|
742
|
+
- [Five Eyes Agentic AI Overlay](https://sovereign.tenova.io/guides/five-eyes-overlay.html) -- CISA/NSA guidance mapped to SWT3 procedures
|
|
743
|
+
- [CMMC Compliance Overlay](https://sovereign.tenova.io/guides/cmmc-overlay.html) -- clearing levels mapped to CMMC and NIST 800-171
|
|
744
|
+
- [SR 11-7 Model Risk Overlay](https://sovereign.tenova.io/guides/sr-11-7-overlay.html) -- clearing levels mapped to SR 11-7 requirements
|
|
652
745
|
|
|
653
746
|
---
|
|
654
747
|
|