chainlesschain 0.37.12 → 0.40.1

package/src/lib/dao-governance.js

@@ -0,0 +1,296 @@
+/**
+ * DAO Governance v2 — proposals, quadratic voting, delegation,
+ * treasury management, and governance statistics.
+ */
+
+import crypto from "crypto";
+
+/* ── In-memory stores ──────────────────────────────────────── */
+const _proposals = new Map();
+const _votes = new Map();
+const _delegations = new Map();
+const _treasury = { balance: 0, allocations: [] };
+
+let _config = {
+  votingPeriod: 604800000, // 7 days in ms
+  quorum: 0.1, // 10%
+  executionDelay: 86400000, // 1 day in ms
+};
+
+/* ── Schema ────────────────────────────────────────────────── */
+
+export function ensureDAOv2Tables(db) {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS dao_v2_proposals (
+      id TEXT PRIMARY KEY,
+      title TEXT,
+      description TEXT,
+      proposer TEXT,
+      status TEXT DEFAULT 'draft',
+      votes_for REAL DEFAULT 0,
+      votes_against REAL DEFAULT 0,
+      voting_type TEXT DEFAULT 'simple',
+      created_at TEXT DEFAULT (datetime('now')),
+      ends_at TEXT,
+      executed_at TEXT
+    )
+  `);
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS dao_v2_votes (
+      id TEXT PRIMARY KEY,
+      proposal_id TEXT,
+      voter TEXT,
+      weight REAL,
+      direction TEXT,
+      delegated_from TEXT,
+      created_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS dao_v2_treasury (
+      id TEXT PRIMARY KEY,
+      type TEXT,
+      amount REAL,
+      description TEXT,
+      proposal_id TEXT,
+      created_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS dao_v2_delegations (
+      delegator TEXT PRIMARY KEY,
+      delegate TEXT,
+      weight REAL DEFAULT 1,
+      created_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+}
+
+/* ── Proposals ─────────────────────────────────────────────── */
+
+export function propose(db, title, description, proposer, options = {}) {
+  if (!title) throw new Error("Title is required");
+  if (!proposer) throw new Error("Proposer is required");
+
+  const id = `prop-${Date.now()}-${crypto.randomBytes(4).toString("hex")}`;
+  const now = new Date().toISOString();
+  const votingType = options.votingType || "simple";
+  const endsAt = new Date(Date.now() + _config.votingPeriod).toISOString();
+
+  const proposal = {
+    id,
+    title,
+    description: description || "",
+    proposer,
+    status: "active",
+    votesFor: 0,
+    votesAgainst: 0,
+    votingType,
+    createdAt: now,
+    endsAt,
+    executedAt: null,
+  };
+
+  _proposals.set(id, proposal);
+
+  db.prepare(
+    `INSERT INTO dao_v2_proposals (id, title, description, proposer, status, votes_for, votes_against, voting_type, created_at, ends_at, executed_at)
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+  ).run(
+    id,
+    proposal.title,
+    proposal.description,
+    proposal.proposer,
+    proposal.status,
+    0,
+    0,
+    votingType,
+    now,
+    endsAt,
+    null,
+  );
+
+  return proposal;
+}
+
+/* ── Voting ────────────────────────────────────────────────── */
+
+export function vote(db, proposalId, voter, direction, weight = 1) {
+  const proposal = _proposals.get(proposalId);
+  if (!proposal) throw new Error(`Proposal not found: ${proposalId}`);
+  if (proposal.status !== "active") {
+    throw new Error(`Proposal is not active: ${proposal.status}`);
+  }
+  if (direction !== "for" && direction !== "against") {
+    throw new Error('Direction must be "for" or "against"');
+  }
+
+  // Quadratic voting: effective weight = sqrt(weight)
+  const effectiveWeight =
+    proposal.votingType === "quadratic" ? Math.sqrt(weight) : weight;
+
+  const voteId = `vote-${Date.now()}-${crypto.randomBytes(4).toString("hex")}`;
+  const now = new Date().toISOString();
+
+  if (direction === "for") {
+    proposal.votesFor += effectiveWeight;
+  } else {
+    proposal.votesAgainst += effectiveWeight;
+  }
+
+  const voteRecord = {
+    id: voteId,
+    proposalId,
+    voter,
+    weight: effectiveWeight,
+    direction,
+    delegatedFrom: null,
+    createdAt: now,
+  };
+
+  _votes.set(voteId, voteRecord);
+
+  db.prepare(
+    `INSERT INTO dao_v2_votes (id, proposal_id, voter, weight, direction, delegated_from, created_at)
+     VALUES (?, ?, ?, ?, ?, ?, ?)`,
+  ).run(voteId, proposalId, voter, effectiveWeight, direction, null, now);
+
+  db.prepare(
+    `UPDATE dao_v2_proposals SET votes_for = ?, votes_against = ? WHERE id = ?`,
+  ).run(proposal.votesFor, proposal.votesAgainst, proposalId);
+
+  return { voteId, proposalId, weight: effectiveWeight, direction };
+}
+
+/* ── Delegation ────────────────────────────────────────────── */
+
+export function delegate(db, delegator, delegateTo, weight = 1) {
+  if (!delegator) throw new Error("Delegator is required");
+  if (!delegateTo) throw new Error("Delegate is required");
+
+  const now = new Date().toISOString();
+
+  _delegations.set(delegator, { delegator, delegate: delegateTo, weight });
+
+  db.prepare(
+    `INSERT OR REPLACE INTO dao_v2_delegations (delegator, delegate, weight, created_at)
+     VALUES (?, ?, ?, ?)`,
+  ).run(delegator, delegateTo, weight, now);
+
+  return { delegator, delegate: delegateTo, weight };
+}
+
+/* ── Execution ─────────────────────────────────────────────── */
+
+export function execute(db, proposalId) {
+  const proposal = _proposals.get(proposalId);
+  if (!proposal) throw new Error(`Proposal not found: ${proposalId}`);
+  if (proposal.votesFor <= proposal.votesAgainst) {
+    throw new Error(
+      "Proposal has not passed (votesFor must exceed votesAgainst)",
+    );
+  }
+
+  const now = new Date().toISOString();
+  proposal.status = "executed";
+  proposal.executedAt = now;
+
+  db.prepare(
+    `UPDATE dao_v2_proposals SET status = ?, executed_at = ? WHERE id = ?`,
+  ).run("executed", now, proposalId);
+
+  return { proposalId, status: "executed" };
+}
+
+/* ── Treasury ──────────────────────────────────────────────── */
+
+export function getTreasury() {
+  return {
+    balance: _treasury.balance,
+    allocations: [..._treasury.allocations],
+  };
+}
+
+export function allocate(db, proposalId, amount, description) {
+  if (!proposalId) throw new Error("Proposal ID is required");
+  if (amount <= 0) throw new Error("Amount must be positive");
+  if (_treasury.balance < amount) {
+    throw new Error("Insufficient treasury balance");
+  }
+
+  const id = `alloc-${Date.now()}-${crypto.randomBytes(4).toString("hex")}`;
+  const now = new Date().toISOString();
+
+  _treasury.balance -= amount;
+
+  const allocation = {
+    id,
+    proposalId,
+    amount,
+    description: description || "",
+    date: now,
+  };
+  _treasury.allocations.push(allocation);
+
+  db.prepare(
+    `INSERT INTO dao_v2_treasury (id, type, amount, description, proposal_id, created_at)
+     VALUES (?, ?, ?, ?, ?, ?)`,
+  ).run(id, "allocation", amount, description || "", proposalId, now);
+
+  return allocation;
+}
+
+export function depositToTreasury(db, amount, description) {
+  if (amount <= 0) throw new Error("Amount must be positive");
+
+  const id = `dep-${Date.now()}-${crypto.randomBytes(4).toString("hex")}`;
+  const now = new Date().toISOString();
+
+  _treasury.balance += amount;
+
+  db.prepare(
+    `INSERT INTO dao_v2_treasury (id, type, amount, description, proposal_id, created_at)
+     VALUES (?, ?, ?, ?, ?, ?)`,
+  ).run(id, "deposit", amount, description || "", null, now);
+
+  return { id, amount, balance: _treasury.balance };
+}
+
+/* ── Stats ─────────────────────────────────────────────────── */
+
+export function getStats() {
+  const all = [..._proposals.values()];
+  return {
+    totalProposals: all.length,
+    active: all.filter((p) => p.status === "active").length,
+    executed: all.filter((p) => p.status === "executed").length,
+    delegations: _delegations.size,
+    treasury: _treasury.balance,
+  };
+}
+
+/* ── Configuration ─────────────────────────────────────────── */
+
+export function configure(config) {
+  if (config.votingPeriod !== undefined)
+    _config.votingPeriod = config.votingPeriod;
+  if (config.quorum !== undefined) _config.quorum = config.quorum;
+  if (config.executionDelay !== undefined)
+    _config.executionDelay = config.executionDelay;
+  return { ..._config };
+}
+
+/* ── Reset (for testing) ───────────────────────────────────── */
+
+export function _resetState() {
+  _proposals.clear();
+  _votes.clear();
+  _delegations.clear();
+  _treasury.balance = 0;
+  _treasury.allocations = [];
+  _config = {
+    votingPeriod: 604800000,
+    quorum: 0.1,
+    executionDelay: 86400000,
+  };
+}

package/src/lib/dlp-engine.js

@@ -0,0 +1,304 @@
+/**
+ * DLP Engine — data loss prevention scanning, incident management,
+ * policy creation, and statistics.
+ */
+
+import crypto from "crypto";
+
+/* ── In-memory stores ──────────────────────────────────────── */
+const _incidents = new Map();
+const _policies = new Map();
+let _scanCount = 0;
+let _blockCount = 0;
+let _alertCount = 0;
+
+const DLP_ACTIONS = {
+  ALLOW: "allow",
+  ALERT: "alert",
+  BLOCK: "block",
+  QUARANTINE: "quarantine",
+};
+
+/* ── Schema ────────────────────────────────────────────────── */
+
+export function ensureDLPTables(db) {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS dlp_incidents (
+      id TEXT PRIMARY KEY,
+      policy_id TEXT,
+      channel TEXT,
+      action_taken TEXT,
+      content_hash TEXT,
+      matched_patterns TEXT,
+      severity TEXT DEFAULT 'medium',
+      user_id TEXT,
+      metadata TEXT,
+      created_at TEXT DEFAULT (datetime('now')),
+      resolved_at TEXT,
+      resolution TEXT
+    )
+  `);
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS dlp_policies (
+      id TEXT PRIMARY KEY,
+      name TEXT NOT NULL,
+      patterns TEXT,
+      keywords TEXT,
+      action TEXT DEFAULT 'alert',
+      severity TEXT DEFAULT 'medium',
+      enabled INTEGER DEFAULT 1,
+      created_at TEXT DEFAULT (datetime('now')),
+      updated_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+}
+
+/* ── Content Scanning ─────────────────────────────────────── */
+
+export function scanContent(db, content, channel, userId) {
+  if (!content) throw new Error("Content is required");
+
+  _scanCount++;
+  const policies = [..._policies.values()].filter((p) => p.enabled);
+  const matchedPolicies = [];
+  let highestAction = DLP_ACTIONS.ALLOW;
+
+  const actionPriority = { allow: 0, alert: 1, block: 2, quarantine: 3 };
+
+  for (const policy of policies) {
+    const patterns = policy.patterns || [];
+    const keywords = policy.keywords || [];
+    let matched = false;
+
+    for (const pattern of patterns) {
+      try {
+        if (new RegExp(pattern, "i").test(content)) {
+          matched = true;
+          break;
+        }
+      } catch (_err) {
+        // Invalid regex — skip
+      }
+    }
+
+    if (!matched) {
+      for (const kw of keywords) {
+        if (content.toLowerCase().includes(kw.toLowerCase())) {
+          matched = true;
+          break;
+        }
+      }
+    }
+
+    if (matched) {
+      matchedPolicies.push(policy);
+      if (
+        (actionPriority[policy.action] || 0) >
+        (actionPriority[highestAction] || 0)
+      ) {
+        highestAction = policy.action;
+      }
+    }
+  }
+
+  const incidents = [];
+  if (matchedPolicies.length > 0) {
+    for (const policy of matchedPolicies) {
+      const incidentId = crypto.randomUUID();
+      const now = new Date().toISOString();
+      const contentHash = crypto
+        .createHash("sha256")
+        .update(content)
+        .digest("hex");
+
+      const incident = {
+        id: incidentId,
+        policyId: policy.id,
+        channel: channel || "unknown",
+        actionTaken: policy.action,
+        contentHash,
+        matchedPatterns: policy.patterns || [],
+        severity: policy.severity,
+        userId: userId || "unknown",
+        createdAt: now,
+        resolvedAt: null,
+        resolution: null,
+      };
+
+      _incidents.set(incidentId, incident);
+      incidents.push(incident);
+
+      db.prepare(
+        `INSERT INTO dlp_incidents (id, policy_id, channel, action_taken, content_hash, matched_patterns, severity, user_id, metadata, created_at)
+         VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+      ).run(
+        incidentId,
+        policy.id,
+        incident.channel,
+        incident.actionTaken,
+        contentHash,
+        JSON.stringify(incident.matchedPatterns),
+        incident.severity,
+        incident.userId,
+        "{}",
+        now,
+      );
+    }
+
+    if (
+      highestAction === DLP_ACTIONS.BLOCK ||
+      highestAction === DLP_ACTIONS.QUARANTINE
+    ) {
+      _blockCount++;
+    } else if (highestAction === DLP_ACTIONS.ALERT) {
+      _alertCount++;
+    }
+  }
+
+  return {
+    allowed:
+      highestAction === DLP_ACTIONS.ALLOW ||
+      highestAction === DLP_ACTIONS.ALERT,
+    action: highestAction,
+    matchedPolicies: matchedPolicies.length,
+    incidents,
+  };
+}
+
+/* ── Incident Management ──────────────────────────────────── */
+
+export function listIncidents(filter = {}) {
+  let incidents = [..._incidents.values()];
+  if (filter.channel) {
+    incidents = incidents.filter((i) => i.channel === filter.channel);
+  }
+  if (filter.severity) {
+    incidents = incidents.filter((i) => i.severity === filter.severity);
+  }
+  if (filter.resolved === false) {
+    incidents = incidents.filter((i) => !i.resolvedAt);
+  }
+  const limit = filter.limit || 50;
+  return incidents.slice(0, limit);
+}
+
+export function resolveIncident(db, incidentId, resolution) {
+  const incident = _incidents.get(incidentId);
+  if (!incident) throw new Error(`Incident not found: ${incidentId}`);
+
+  const now = new Date().toISOString();
+  incident.resolvedAt = now;
+  incident.resolution = resolution || "resolved";
+
+  db.prepare(
+    `UPDATE dlp_incidents SET resolved_at = ?, resolution = ? WHERE id = ?`,
+  ).run(now, incident.resolution, incidentId);
+
+  return { success: true, incidentId, resolution: incident.resolution };
+}
+
+/* ── DLP Stats ────────────────────────────────────────────── */
+
+export function getDLPStats() {
+  const unresolvedIncidents = [..._incidents.values()].filter(
+    (i) => !i.resolvedAt,
+  ).length;
+  return {
+    scanned: _scanCount,
+    blocked: _blockCount,
+    alerted: _alertCount,
+    totalIncidents: _incidents.size,
+    unresolvedIncidents,
+  };
+}
+
+/* ── Policy Management ────────────────────────────────────── */
+
+export function createPolicy(db, name, patterns, keywords, action, severity) {
+  if (!name) throw new Error("Policy name is required");
+
+  const id = crypto.randomUUID();
+  const now = new Date().toISOString();
+
+  const policy = {
+    id,
+    name,
+    patterns: patterns || [],
+    keywords: keywords || [],
+    action: action || DLP_ACTIONS.ALERT,
+    severity: severity || "medium",
+    enabled: true,
+    createdAt: now,
+  };
+
+  _policies.set(id, policy);
+
+  db.prepare(
+    `INSERT INTO dlp_policies (id, name, patterns, keywords, action, severity, enabled, created_at, updated_at)
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+  ).run(
+    id,
+    name,
+    JSON.stringify(policy.patterns),
+    JSON.stringify(policy.keywords),
+    policy.action,
+    policy.severity,
+    1,
+    now,
+    now,
+  );
+
+  return policy;
+}
+
+export function updatePolicy(db, policyId, updates) {
+  const policy = _policies.get(policyId);
+  if (!policy) throw new Error(`Policy not found: ${policyId}`);
+
+  if (updates.name !== undefined) policy.name = updates.name;
+  if (updates.patterns !== undefined) policy.patterns = updates.patterns;
+  if (updates.keywords !== undefined) policy.keywords = updates.keywords;
+  if (updates.action !== undefined) policy.action = updates.action;
+  if (updates.severity !== undefined) policy.severity = updates.severity;
+  if (updates.enabled !== undefined) policy.enabled = updates.enabled;
+
+  db.prepare(
+    `UPDATE dlp_policies SET name = ?, patterns = ?, keywords = ?, action = ?, severity = ?, enabled = ?, updated_at = ? WHERE id = ?`,
+  ).run(
+    policy.name,
+    JSON.stringify(policy.patterns),
+    JSON.stringify(policy.keywords),
+    policy.action,
+    policy.severity,
+    policy.enabled ? 1 : 0,
+    new Date().toISOString(),
+    policyId,
+  );
+
+  return policy;
+}
+
+export function deletePolicy(db, policyId) {
+  const policy = _policies.get(policyId);
+  if (!policy) throw new Error(`Policy not found: ${policyId}`);
+
+  _policies.delete(policyId);
+
+  db.prepare(`DELETE FROM dlp_policies WHERE id = ?`).run(policyId);
+
+  return { success: true, policyId };
+}
+
+export function listDLPPolicies() {
+  return [..._policies.values()];
+}
+
+/* ── Reset (for testing) ───────────────────────────────────── */
+
+export function _resetState() {
+  _incidents.clear();
+  _policies.clear();
+  _scanCount = 0;
+  _blockCount = 0;
+  _alertCount = 0;
+}