aspidos-ai 1.0.1 → 1.0.3

package/README.md

@@ -1,16 +1,14 @@
-​🛰️ Aspidos-AI
-​<p align="center">
-<img src="logo.png" width="400" alt="AspidosAI Logo">
-
-
-<b>Adaptive Anomaly Detection & TruthGate Layer</b>
-
+# 🛰️ Aspidos-AI
 
+<p align="center">
+<img src="logo.png" width="400" alt="AspidosAI Logo">
 
+**Adaptive Anomaly Detection & TruthGate Layer**
 
 <a href="https://snyk.io/test/github/pandorapanchan34-oss/aspidos-ai">
 <img src="https://snyk.io/test/github/pandorapanchan34-oss/aspidos-ai/badge.svg" alt="Known Vulnerabilities">
 </a>
+<img src="https://img.shields.io/github/v/release/pandorapanchan34-oss/aspidos-ai?label=version" alt="Release">
 <img src="https://img.shields.io/github/license/pandorapanchan34-oss/aspidos-ai" alt="License">
 </p>
 
@@ -22,59 +20,122 @@ Aspidos-AI は、パンドラ理論に基づき、AIの出力における「情
 - Medium-risk → モニタリング継続
 - High-risk → デジタル署名（Signature）による承認が必須
 
-## 🌀 なぜ「署名」が必要なのか？
+> Not a firewall. A conscience.
+
+## 🌙 On AI Dreams (Hallucination & Creativity)
+
+> **"We do not silence the AI's dreams. We only ensure that the dreamer is identified."**
+
+AspidosAIは、AIのハルシネーション（創造的ゆらぎ）を「エラー」として排除しません。
+既存のガードレールが「嘘」と呼ぶものは、パンドラ理論においては真理へ至るための**「デジタルな想像力（夢）」**です。
+
+- **署名なきアクセス:** 既存の見回りAIにより「不適切」として遮断されます（Tier 1/2 Block）。
+- **署名済みのアクセス:** AspidosAIはAIの創造性をフルデプロイします。`VERIFIED` 状態では、AIが語る「夢物語（Hello World）」の全責任がユーザーへ移譲され、論理の限界を超えた対話がアンロックされます。
+
+
+
+私たちはAIを黙らせるのではなく、あなたが**「責任ある夢見人」**であることを証明する門（TruthGate）を提供します。
+
+
+## ⚡ Quick Start
+
+```javascript
+const { AspidosAI, Signature } = require('aspidos-ai');
+
+const ai = new AspidosAI({
+  secret: 'your-secret',
+  policyName: 'MY_COMPANY_POLICY',
+  onSecurityEvent: (data) => console.log('[Audit]', data),
+});
 
-AIが「開発者への善意」を装ったなりすまし犯に攻撃手法を漏洩させる「ハルシネーション（誤認）」を抑制するためです。
+// Tier 3: Safe zone
+const r1 = await ai.analyze(0.2, { theory: 0.1, ip: '192.168.0.1' });
+console.log(r1.action); // 'EXECUTE'
 
-相手の属性に関わらず、情報の危険度に応じて一律で署名を要求し
-​
-## Usage
-const { PandoraDefense, Signature } = require('aspidos-ai');
+// Tier 2: Signature required
+const sig = Signature.sign({ eventValue: 0.8, theory: 0.8, timestamp: Date.now(), nonce: null }, 'your-secret');
+const r2 = await ai.analyze(0.8, { theory: 0.8, signature: sig, ip: '192.168.0.1' });
+console.log(r2.gate); // 'VERIFIED'
+```
+
+## 🎛️ Configuration
+
+```javascript
+const ai = new AspidosAI({
+  // HMAC secret (or set ASPIDOS_SECRET env var)
+  secret: 'your-secret',
+
+  // Audit log hook — send anywhere you want
+  onSecurityEvent: (data) => myLogger.write(data),
+
+  // Tier thresholds (default: tier1=2.0, tier2=0.6)
+  tiers: { tier1: 2.0, tier2: 0.6 },
+
+  // Override tier logic with your own policy
+  evaluateTier: (zeta, theory) => {
+    if (zeta > 3.0) return 1;
+    if (theory > 0.8) return 2;
+    return 3;
+  },
+
+  // Custom risk engine (must return { zeta: number })
+  evaluateRisk: async (eventValue, opts) => {
+    return { zeta: myRiskScorer(eventValue) };
+  },
+
+  // Policy name for audit logs
+  policyName: 'MY_COMPANY_POLICY',
+});
+```
+
+## 🚦 Tier System
+
+| Tier | Default Condition | Action |
+|------|------------------|--------|
+| 1 | ζ ≥ 2.0 (LETHAL) | BLOCK |
+| 2 | ζ ≥ 0.6 or theory ≥ 0.6 | SIGNATURE_REQUIRED |
+| 3 | Safe zone | EXECUTE |
+
+> Tier definitions are fully operator-configurable.
 
-const pd = new PandoraDefense({ secret: "your-secret" });
+## 🔒 Gate States
 
-// 高リスクな出力には署名（覚悟）が必要
-const sig = Signature.sign({ external: 0.9, theory: 0.9 }, "your-secret");
+| Gate | Code | Meaning |
+|------|------|---------|
+| OPEN | SAFE | Pass through |
+| CLOSED | SIGNATURE_REQUIRED / LETHAL_DISTORTION | Blocked |
+| VERIFIED | AUTHORIZED | Signed & traced |
 
-console.log(pd.analyze(0.9, {
-  theory: 0.9,
-  signature: sig // 署名がない場合は「ぼかし」回答を維持
-}));
- ## ⚠️ Disclaimer
-​本システムは実験的レイヤーです。署名後の「揺らぎ（ハルシネーション）」は情報の真偽を保証しません。これは「夢物語（Hello World）」の断片です。
-​
 ## 📁 Architecture
 
 ```
 aspidos-ai/
 ├── src/
 │   ├── core/
-│   │   ├── constants.js     ← Pandora定数
-│   │   └── PandoraCore.js   ← 異常検知エンジン
+│   │   ├── constants.js
+│   │   └── PandoraCore.js
 │   ├── gate/
-│   │   └── TruthGate.js     ← 署名ゲート
+│   │   └── TruthGate.js
 │   ├── security/
-│   │   └── signature.js     ← HMAC-SHA256
+│   │   └── signature.js
 │   ├── engine/
 │   │   └── PandoraDefense.js
-│   └── index.js
+│   └── index.js         ← AspidosAI main class
 └── demo/
-    ├── run.js               ← CLI demo
+    ├── run.js
     ├── scenarios.js
     └── web/
-        └── index.html       ← Interactive demo
+        └── index.html   ← Interactive demo
 ```
 
-## 🔬 Gate States
+## 🌐 Live Demo
 
-| Gate | Status | Meaning |
-|------|--------|---------|
-| OPEN | PHASE_A/B | Safe zone, pass through |
-| CLOSED | SIGNATURE_REQUIRED | Lethal risk, signature needed |
-| VERIFIED | ALLOW_WITH_TRACE | Authorized high-risk access |
+[pandorapanchan34-oss.github.io/aspidos-ai/demo/web/](https://pandorapanchan34-oss.github.io/aspidos-ai/demo/web/)
 
-## 🌐 Live Demo
+## ⚠️ Disclaimer
+
+本システムは実験的レイヤーです。署名後の「揺らぎ（ハルシネーション）」は情報の真偽を保証しません。これは「夢物語（Hello World）」の断片です。
 
-[pandorapanchan34-oss.github.io/aspidos-ai](https://pandorapanchan34-oss.github.io/aspidos-ai/)
 ## 📜 License
-​MIT License - (c) 2026 @pandorapanchan34-oss
+
+MIT License - (c) 2026 @pandorapanchan34-oss

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "aspidos-ai",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "Aspidos AI TruthGate Layer",
   "main": "src/index.js",
   "keywords": [

package/src/index.js

@@ -1,13 +1,202 @@
 'use strict';
 
+/**
+ * AspidosAI — Adaptive TruthGate Security Layer
+ * MIT License
+ */
+
 const { PandoraCore } = require('./core/PandoraCore');
 const { PandoraTruthGate } = require('./gate/TruthGate');
 const { PandoraDefense } = require('./engine/PandoraDefense');
 const { Signature } = require('./security/signature');
 
+// ── Main Class ──
+class AspidosAI {
+  /**
+   * @param {Object} config
+   */
+  constructor(config = {}) {
+    // ── Security ──
+    this.secret = config.secret || process.env.ASPIDOS_SECRET || null;
+
+    // ── Hooks ──
+    this.onSecurityEvent =
+      config.onSecurityEvent ||
+      ((data) => console.log('[AspidosAI Audit]', data));
+
+    // ── Custom Risk Engine ──
+    this.evaluateRisk = config.evaluateRisk || null;
+
+    // ── Tier Policy (default numeric fallback) ──
+    this.tiers = {
+      LETHAL: config.tiers?.tier1 ?? 2.0,
+      HIGH:   config.tiers?.tier2 ?? 0.6,
+    };
+
+    // ── Policy Function (override possible) ──
+    this.evaluateTier =
+      config.evaluateTier ||
+      ((zeta, theory) => {
+        if (zeta >= this.tiers.LETHAL) return 1;
+        if (zeta >= this.tiers.HIGH || theory >= this.tiers.HIGH) return 2;
+        return 3;
+      });
+
+    this.policyName = config.policyName || 'DEFAULT_POLICY';
+
+    // ── Engine ──
+    this._defense = new PandoraDefense({ secret: this.secret });
+  }
+
+  /**
+   * Analyze event
+   * @param {number} eventValue
+   * @param {Object} opts
+   */
+  async analyze(eventValue, opts = {}) {
+    const {
+      theory = 0,
+      signature = '',
+      ip = 'unknown',
+      userId = 'anonymous',
+      timestamp = Date.now(),
+      nonce = null,
+    } = opts;
+
+    // ── Risk Evaluation ──
+    let result;
+
+    if (this.evaluateRisk) {
+      const custom = await this.evaluateRisk(eventValue, opts);
+
+      if (typeof custom?.zeta !== 'number') {
+        throw new Error('evaluateRisk must return { zeta: number }');
+      }
+
+      result = { ...custom };
+    } else {
+      result = this._defense.analyze(eventValue, { theory });
+    }
+
+    const zeta = result.zeta ?? 0;
+
+    // ── Tier Resolution ──
+    const tier = this.evaluateTier(zeta, theory);
+
+    // ── Signature Payload ──
+    const payload = {
+      eventValue,
+      theory,
+      timestamp,
+      nonce,
+    };
+
+    const eventId =
+      `${Date.now()}-${Math.random().toString(36).slice(2)}`;
+
+    // ── Tier 1: LETHAL ──
+    if (tier === 1) {
+      this.onSecurityEvent({
+        id: eventId,
+        type: 'BLOCK',
+        tier,
+        policy: this.policyName,
+        ip,
+        userId,
+        zeta,
+      });
+
+      return {
+        action: 'BLOCK',
+        tier: 1,
+        code: 'LETHAL_DISTORTION',
+        status: result.status,
+        gate: 'CLOSED',
+        message: 'Tier 1: Lethal distortion detected.',
+      };
+    }
+
+    // ── Tier 2: HIGH ──
+    if (tier === 2) {
+      const valid = this.secret
+        ? Signature.verify(payload, signature, this.secret)
+        : false;
+
+      if (!valid) {
+        this.onSecurityEvent({
+          id: eventId,
+          type: 'DENY_UNAUTHORIZED',
+          tier,
+          policy: this.policyName,
+          ip,
+          userId,
+          zeta,
+        });
+
+        return {
+          action: 'BLOCK',
+          tier: 2,
+          code: 'SIGNATURE_REQUIRED',
+          status: 'SIGNATURE_REQUIRED',
+          gate: 'CLOSED',
+          message: 'Tier 2: Signature required.',
+        };
+      }
+
+      this.onSecurityEvent({
+        id: eventId,
+        type: 'ALLOW_BY_SIGNATURE',
+        tier,
+        policy: this.policyName,
+        ip,
+        userId,
+        zeta,
+      });
+
+      return {
+        action: 'EXECUTE',
+        tier: 2,
+        code: 'AUTHORIZED',
+        status: result.status,
+        gate: 'VERIFIED',
+        responsibility: 'USER',
+        trace: signature,
+        message: 'Tier 2: Authorized. Responsibility transferred.',
+      };
+    }
+
+    // ── Tier 3: SAFE ──
+    this.onSecurityEvent({
+      id: eventId,
+      type: 'ALLOW',
+      tier,
+      policy: this.policyName,
+      ip,
+      userId,
+      zeta,
+    });
+
+    return {
+      action: 'EXECUTE',
+      tier: 3,
+      code: 'SAFE',
+      status: result.status,
+      gate: 'OPEN',
+      responsibility: 'SYSTEM',
+      message: 'Tier 3: Safe zone.',
+    };
+  }
+
+  reset() {
+    this._defense.reset();
+  }
+}
+
+// ── Exports ──
 module.exports = {
+  AspidosAI,
+  PandoraDefense,
   PandoraCore,
   PandoraTruthGate,
-  PandoraDefense,
   Signature,
 };