npm - @tenova/swt3-ai - Versions diffs - 0.5.4 → 0.5.5 - Mend

@tenova/swt3-ai 0.5.4 → 0.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md +35 -16
package/package.json +1 -1
package/templates/microsoft-foundry.yaml +61 -0

package/README.md CHANGED Viewed

@@ -13,19 +13,17 @@ Works with OpenAI, Anthropic, AWS Bedrock, Vercel AI SDK, and any OpenAI-compati
 GPAI transparency obligations are enforceable now. EU AI Act high-risk enforcement begins **December 2, 2027**. This SDK gives you the evidence chain.
-## What's New in v0.5.4
-- **ML-DSA-65 (FIPS 204) post-quantum signing** -- Optional alongside HMAC-SHA256. Configure via `signingAlgorithm: "ml-dsa-65"` in constructor or `signing_algorithm: "ml-dsa-65"` in .swt3.yaml. Cross-language parity (same seed produces same keys in Python, TypeScript). `npm install @noble/post-quantum`
-- **Self-hosted deployment** -- [SWT3 Gateway](#self-hosted-deployment) (Go reverse proxy, zero-latency, Helm chart) and full platform container (UBI 9, Iron Bank compatible, air-gap export). Deploy everything inside your VPC.
-- **Chain Enforcer** -- 5-layer policy witnessing: tool blocklist/allowlist, velocity limiting, chain depth, token budgets. Every policy violation minted as an anchor. [Details](#agent-cost-governance)
-- **Agent Cost Governance** -- per-session token budgets with `max_tokens_per_session`. Halt and record on exceeded. `cost-conscious` profile ships built-in. [Details](#agent-cost-governance)
-- **Sentinel Client** -- IPC integration with the independent evidence custody daemon. Protected WAL, cross-process budgets, key isolation. Evidence the agent cannot tamper with.
-- **AI-MARK.1** -- Content provenance witnessing (text, image, audio with C2PA/watermark/metadata tagging)
-- **AI-BASE.1** -- Agent behavioral baseline (deviation scoring against established patterns)
-- **AI-LIC.1** -- License provenance witnessing (model, adapter, and data license composition with SPDX)
-- **14 Built-in Profiles** -- 7 framework profiles + 7 industry verticals (fintech, healthcare, insurance, telecom, defense/govcon, content platform, autonomous systems)
-- **NSA MCP Security Mapping** -- [7 of 9 NSA AISC recommendations](https://sovereign.tenova.io/guides/nsa-mcp-security-mapping.html) addressed at the SDK layer (CSI U/OO/6030316-26, May 2026)
-- **65 procedures**, 41 namespaces, 207 cross-language test vectors
+## What's New in v0.5.5
+- **Trust Mesh Hardened** -- 7 security layers: intra-tenant zero-trust, per-agent rate limiting, per-level freshness windows (SOVEREIGN requires 5-min anchors), verifiable boolean claims, deny list propagation with sentinel hooks. All opt-in, frictionless defaults unchanged.
+- **Key Attestation (AI-TRUST.3)** -- Bind signing keys to witness anchors. `generateKeyAttestation()` / `verifyKeyAttestation()`. Keys valid only while bound anchor is fresh. No certificate authority required.
+- **Challenge-Response Liveness** -- Prove live key possession via nonce-based challenges. `generateChallenge()` / `respondToChallenge()` / `verifyLivenessResponse()`. Defeats credential replay at ATTESTED/SOVEREIGN levels.
+- **4 New Adapters** -- Google ADK, CrewAI, A2A (Google Agent-to-Agent), Microsoft Foundry. 12 total integrations.
+- **Verify CLI** -- `swt3 verify --anchor <token>` recomputes fingerprint offline. Zero network calls.
+- **Bidirectional Framework Crosswalks** -- 222 mappings across 16 frameworks in machine-readable JSON.
+- **RFC 3161 Timestamps** -- Merkle rollups include RFC 3161 timestamp authority proof for legal non-repudiation.
+- **Microsoft Foundry Profile** -- Industry profile for Azure AI Foundry + AGT deployments.
+- **15 profiles**, 65 procedures, 41 namespaces, 12 integrations, 1,379 cross-language tests
 ## MCP Server -- Official Registry
@@ -93,6 +91,24 @@ trust_mesh:
 All verification is local. Zero cloud overhead. No data exchanged until both agents clear the trust gate. Unsigned agents are capped at TRUST_BASIC (level 1). Add signing keys for verified trust. Add hardware attestation for sovereign trust.
+## Offline Verification
+Verify any witness anchor without network calls. The fingerprint formula is deterministic and identical across all 6 SDK languages -- recompute it anywhere in microseconds.
+```typescript
+import { verifyAnchor } from "@tenova/swt3-ai";
+const result = verifyAnchor(anchor, {
+  tenantId: "MY_TENANT",
+  procedureId: "AI-INF.1",
+  factorA: 1, factorB: 1, factorC: 0,
+  timestampMs: 1773316622000,
+});
+// result.status: "CERTIFIED TRUTH" | "TAMPERED"
+```
+Zero vendor dependency. Zero network calls. Works air-gapped. The same formula runs in Python, TypeScript, Rust, C#, and Ruby with identical output for identical inputs.
 ## See It Work (No Account Needed)
 ```bash
@@ -1029,9 +1045,12 @@ Your prompts and responses **never leave your infrastructure**. The SDK computes
 - [Design Rationale](https://sovereign.tenova.io/guides/swt3-design-rationale.html) -- why every protocol decision was made
 - [UCT Registry](https://sovereign.tenova.io/registry) -- full procedure catalog with factor definitions
 - [Anchor Verifier](https://sovereign.tenova.io/verify) -- verify any anchor, zero server calls
-- [Five Eyes Agentic AI Overlay](https://sovereign.tenova.io/guides/five-eyes-overlay.html) -- CISA/NSA guidance mapped to SWT3 procedures
-- [CMMC Compliance Overlay](https://sovereign.tenova.io/guides/cmmc-overlay.html) -- clearing levels mapped to CMMC and NIST 800-171
-- [SR 11-7 Model Risk Overlay](https://sovereign.tenova.io/guides/sr-11-7-overlay.html) -- clearing levels mapped to SR 11-7 requirements
+- [Before & After](https://sovereign.tenova.io/guides/developer-before-after.html) -- manual audit evidence vs. cryptographic witness anchors
+- [Integration Patterns](https://sovereign.tenova.io/guides/developer-integration-patterns.html) -- 8 instrumentation patterns mapped to regulatory requirements
+- [What Your Auditor Sees](https://sovereign.tenova.io/guides/developer-auditor-bridge.html) -- both sides of a witness anchor, developer to auditor
+- [CI/CD Integration](https://sovereign.tenova.io/guides/developer-cicd-guide.html) -- validate compliance configuration in your pipeline
+- [Assessment Mapping](https://sovereign.tenova.io/registry/assessment.html) -- which procedures satisfy which regulatory requirements
+- [All 65 Guides](https://sovereign.tenova.io/guides/) -- regulatory crosswalks, assessor walkthroughs, integration guides
 ---

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@tenova/swt3-ai",
-  "version": "0.5.4",
+  "version": "0.5.5",
   "description": "SWT3 AI Witness SDK: cryptographic attestation for AI inference. 65 procedures, 41 namespaces, 5 languages, 14 profiles. EU AI Act, NIST AI RMF, CMMC, SR 11-7.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/templates/microsoft-foundry.yaml ADDED Viewed

@@ -0,0 +1,61 @@
+# SWT3 Profile: Microsoft Foundry (Agent Governance)
+#
+# Independent cryptographic witness layer for Microsoft Foundry Agent Service.
+# Complements the Microsoft Agent Governance Toolkit (AGT) by providing
+# out-of-band, tamper-evident evidence that auditors can verify without
+# any Microsoft infrastructure.
+#
+# Covers OWASP Agentic Top 10 via independent attestation.
+# Compatible with EU AI Act, NIST AI RMF, CMMC, SOC 2.
+#
+# Usage:
+#   profile: microsoft-foundry
+#   api_key_env: SWT3_API_KEY
+#   tenant_id: YOUR_TENANT
+#   agent_id: your-foundry-agent
+#   signing_key_env: SWT3_SIGNING_KEY
+clearing_level: 2
+policy:
+  require_signing: true
+  require_agent_id: true
+  min_clearing_level: 2
+  required_procedures:
+    - AI-INF.1     # Inference provenance (prompt/response hashing)
+    - AI-GRD.1     # Guardrail presence attestation
+    - AI-TOOL.1    # Tool call witnessing (Foundry Toolbox)
+    - AI-CHAIN.1   # Chain monitoring (multi-agent Foundry sessions)
+    - AI-ID.1      # Agent identity (complements AGT SPIFFE/DID)
+    - AI-ACC.1     # Access control witnessing (Foundry RBAC)
+    - AI-AUDIT.1   # Independent audit trail (Merkle-rooted)
+trust_mesh:
+  mode: strict
+  min_trust_level: 2
+  require_signature: true
+  freshness_window: 1800
+mcp_policy:
+  witnessed_tools: ["*"]
+  exempt_tools: []
+  require_trust_level: 2
+  auto_witness: true
+  block_on_failure: true
+  max_velocity: "20/60s"
+  max_chain_depth: 12
+  max_tokens_per_session: 200000
+  fail_secure: true
+density_policy:
+  min_anchors_per_1000_tokens: 1
+  max_chain_gap_seconds: 300
+  require_signing_key: true
+  min_trust_level: 2
+hardware:
+  require_attestation: false
+merkle:
+  enabled: true
+  accumulator_interval: 60