chainlesschain 0.51.0 → 0.81.0

package/src/lib/reputation-optimizer.js

@@ -506,4 +506,303 @@ export function _resetState() {
   _runs.clear();
   _analytics.clear();
   _seq = 0;
+  _maxConcurrentOptimizations = DEFAULT_MAX_CONCURRENT_OPTIMIZATIONS;
+}
+
+/* ═══════════════════════════════════════════════════════════════
+ * V2 (Phase 60) — Frozen enums + async optimization lifecycle +
+ * concurrency limiter + patch-merged setRunStatus + stats-v2.
+ * Strictly additive on top of the legacy surface above.
+ * ═══════════════════════════════════════════════════════════════ */
+
+export const RUN_STATUS_V2 = Object.freeze({
+  RUNNING: "running",
+  COMPLETE: "complete",
+  APPLIED: "applied",
+  FAILED: "failed",
+  CANCELLED: "cancelled",
+});
+
+export const OBJECTIVE_V2 = Object.freeze({
+  ACCURACY: "accuracy",
+  FAIRNESS: "fairness",
+  RESILIENCE: "resilience",
+  CONVERGENCE_SPEED: "convergence_speed",
+});
+
+export const DECAY_MODEL_V2 = Object.freeze({
+  EXPONENTIAL: "exponential",
+  LINEAR: "linear",
+  STEP: "step",
+  NONE: "none",
+});
+
+export const ANOMALY_METHOD_V2 = Object.freeze({
+  IQR: "iqr",
+  Z_SCORE: "z_score",
+});
+
+const DEFAULT_MAX_CONCURRENT_OPTIMIZATIONS = 2;
+let _maxConcurrentOptimizations = DEFAULT_MAX_CONCURRENT_OPTIMIZATIONS;
+export const REPUTATION_DEFAULT_MAX_CONCURRENT =
+  DEFAULT_MAX_CONCURRENT_OPTIMIZATIONS;
+
+export function setMaxConcurrentOptimizations(n) {
+  if (typeof n !== "number" || !Number.isFinite(n) || n < 1) {
+    throw new Error("maxConcurrentOptimizations must be a positive integer");
+  }
+  _maxConcurrentOptimizations = Math.floor(n);
+  return _maxConcurrentOptimizations;
+}
+
+export function getMaxConcurrentOptimizations() {
+  return _maxConcurrentOptimizations;
+}
+
+// Run state machine:
+//   running  → { complete, failed, cancelled }
+//   complete → { applied }
+//   applied/failed/cancelled are terminal.
+const _runTerminal = new Set([
+  RUN_STATUS_V2.APPLIED,
+  RUN_STATUS_V2.FAILED,
+  RUN_STATUS_V2.CANCELLED,
+]);
+const _runAllowed = new Map([
+  [
+    RUN_STATUS_V2.RUNNING,
+    new Set([
+      RUN_STATUS_V2.COMPLETE,
+      RUN_STATUS_V2.FAILED,
+      RUN_STATUS_V2.CANCELLED,
+    ]),
+  ],
+  [RUN_STATUS_V2.COMPLETE, new Set([RUN_STATUS_V2.APPLIED])],
+  [RUN_STATUS_V2.APPLIED, new Set([])],
+  [RUN_STATUS_V2.FAILED, new Set([])],
+  [RUN_STATUS_V2.CANCELLED, new Set([])],
+]);
+
+export function getActiveOptimizationCount() {
+  let count = 0;
+  for (const r of _runs.values()) {
+    if (r.status === RUN_STATUS_V2.RUNNING) count++;
+  }
+  return count;
+}
+
+/**
+ * startOptimizationV2 — creates a RUNNING row without computing iterations.
+ * Caller drives the transition via completeOptimization or
+ * cancelOptimization / failOptimization, or the generic setRunStatus.
+ */
+export function startOptimizationV2(db, opts = {}) {
+  const objective = opts.objective || OBJECTIVE_V2.ACCURACY;
+  if (!Object.values(OBJECTIVE_V2).includes(objective)) {
+    throw new Error(`Unknown objective: ${objective}`);
+  }
+  const rawIter = opts.iterations == null ? 50 : Number(opts.iterations);
+  const iterations = Math.max(
+    1,
+    Math.min(1000, Number.isFinite(rawIter) ? rawIter : 50),
+  );
+
+  const activeCount = getActiveOptimizationCount();
+  if (activeCount >= _maxConcurrentOptimizations) {
+    throw new Error(
+      `Max concurrent optimizations reached: ${activeCount}/${_maxConcurrentOptimizations}`,
+    );
+  }
+
+  const runId = crypto.randomUUID();
+  const now = Date.now();
+  const paramSpace = {
+    lambda: [0.01, 0.5],
+    kappa: [0.5, 3.0],
+    contamination: [0.01, 0.2],
+  };
+
+  const run = {
+    runId,
+    objective,
+    iterations,
+    paramSpace,
+    bestParams: null,
+    bestScore: null,
+    errorMessage: null,
+    status: RUN_STATUS_V2.RUNNING,
+    createdAt: now,
+    completedAt: null,
+    _seq: ++_seq,
+  };
+  _runs.set(runId, run);
+
+  db.prepare(
+    `INSERT INTO reputation_optimization_runs (run_id, objective, iterations, param_space, best_params, best_score, status, created_at, completed_at)
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+  ).run(
+    runId,
+    objective,
+    iterations,
+    JSON.stringify(paramSpace),
+    null,
+    null,
+    run.status,
+    now,
+    null,
+  );
+
+  const { _seq: _omit, ...rest } = run;
+  void _omit;
+  return rest;
+}
+
+/**
+ * completeOptimization — advances RUNNING → COMPLETE, runs the iteration
+ * loop, writes analytics, and returns the same { ...run, analytics }
+ * shape as legacy startOptimization.
+ */
+export function completeOptimization(db, runId) {
+  const run = _runs.get(runId);
+  if (!run) throw new Error(`Optimization run not found: ${runId}`);
+
+  const allowed = _runAllowed.get(run.status);
+  if (!allowed || !allowed.has(RUN_STATUS_V2.COMPLETE)) {
+    throw new Error(`Invalid run status transition: ${run.status} → complete`);
+  }
+
+  let bestParams = null;
+  let bestScore = -Infinity;
+  const history = [];
+
+  for (let i = 0; i < run.iterations; i++) {
+    const params = _sampleParams(run._seq * 101 + i * 17 + 1);
+    const score = _evaluateParams(params, run.objective, i);
+    history.push({ iteration: i, params, score });
+    if (score > bestScore) {
+      bestScore = score;
+      bestParams = params;
+    }
+  }
+
+  const now = Date.now();
+  run.status = RUN_STATUS_V2.COMPLETE;
+  run.bestParams = bestParams;
+  run.bestScore = Number(bestScore.toFixed(6));
+  run.completedAt = now;
+  run.history = history;
+
+  db.prepare(
+    `UPDATE reputation_optimization_runs SET status = ?, best_params = ?, best_score = ?, completed_at = ? WHERE run_id = ?`,
+  ).run(run.status, JSON.stringify(bestParams), run.bestScore, now, runId);
+
+  const distribution = _buildDistribution(listScores({ decay: "none" }));
+  const anomalies = detectAnomalies({ method: "z_score" });
+  const recommendations = _buildRecommendations(run.objective, bestParams);
+  const analyticsId = crypto.randomUUID();
+  const analytics = {
+    analyticsId,
+    runId,
+    reputationDistribution: distribution,
+    anomalies,
+    recommendations,
+    createdAt: now,
+  };
+  _analytics.set(runId, analytics);
+  db.prepare(
+    `INSERT INTO reputation_analytics (analytics_id, run_id, reputation_distribution, anomalies, recommendations, created_at)
+     VALUES (?, ?, ?, ?, ?, ?)`,
+  ).run(
+    analyticsId,
+    runId,
+    JSON.stringify(distribution),
+    JSON.stringify(anomalies),
+    JSON.stringify(recommendations),
+    now,
+  );
+
+  const { _seq: _omit, ...rest } = run;
+  void _omit;
+  return { ...rest, analytics };
+}
+
+export function cancelOptimization(db, runId) {
+  return setRunStatus(db, runId, RUN_STATUS_V2.CANCELLED);
+}
+
+export function failOptimization(db, runId, errorMessage) {
+  return setRunStatus(db, runId, RUN_STATUS_V2.FAILED, { errorMessage });
+}
+
+export function applyOptimization(db, runId) {
+  return setRunStatus(db, runId, RUN_STATUS_V2.APPLIED);
+}
+
+export function setRunStatus(db, runId, newStatus, patch = {}) {
+  const run = _runs.get(runId);
+  if (!run) throw new Error(`Optimization run not found: ${runId}`);
+
+  if (!Object.values(RUN_STATUS_V2).includes(newStatus)) {
+    throw new Error(`Unknown run status: ${newStatus}`);
+  }
+
+  const allowed = _runAllowed.get(run.status);
+  if (!allowed || !allowed.has(newStatus)) {
+    throw new Error(
+      `Invalid run status transition: ${run.status} → ${newStatus}`,
+    );
+  }
+
+  run.status = newStatus;
+  if (typeof patch.errorMessage === "string") {
+    run.errorMessage = patch.errorMessage;
+  }
+  if (_runTerminal.has(newStatus) && run.completedAt == null) {
+    run.completedAt = Date.now();
+  }
+
+  db.prepare(
+    `UPDATE reputation_optimization_runs SET status = ?, completed_at = ? WHERE run_id = ?`,
+  ).run(newStatus, run.completedAt, runId);
+
+  const { _seq: _omit, ...rest } = run;
+  void _omit;
+  return rest;
+}
+
+export function getReputationStatsV2() {
+  const runs = [..._runs.values()];
+  const observations = [];
+  for (const arr of _observations.values()) observations.push(...arr);
+
+  const byStatus = {};
+  for (const s of Object.values(RUN_STATUS_V2)) byStatus[s] = 0;
+  for (const r of runs) byStatus[r.status] = (byStatus[r.status] || 0) + 1;
+
+  const byObjective = {};
+  for (const o of Object.values(OBJECTIVE_V2)) byObjective[o] = 0;
+  for (const r of runs)
+    byObjective[r.objective] = (byObjective[r.objective] || 0) + 1;
+
+  let totalObservations = observations.length;
+  let totalDids = _observations.size;
+  let bestScore = null;
+  for (const r of runs) {
+    if (r.bestScore != null && (bestScore == null || r.bestScore > bestScore)) {
+      bestScore = r.bestScore;
+    }
+  }
+
+  return {
+    totalRuns: runs.length,
+    activeRuns: getActiveOptimizationCount(),
+    maxConcurrentOptimizations: _maxConcurrentOptimizations,
+    byStatus,
+    byObjective,
+    observations: {
+      totalDids,
+      totalObservations,
+    },
+    bestScoreEver: bestScore,
+  };
 }

package/src/lib/sandbox-v2.js

@@ -695,4 +695,310 @@ export function pruneExpired(db, now = Date.now()) {
 export function _resetState() {
   activeSandboxes.clear();
   auditLog.length = 0;
+  _v2Isolations.length = 0;
+}
+
+// ═════════════════════════════════════════════════════════════════
+// Phase 87 — Agent Security Sandbox 2.0 additions (strictly-additive)
+// Frozen canonical enums + lifecycle state machine (pause/resume/
+// terminate) + per-type quota + explicit enforce/check helpers +
+// risk-level classification + auto-isolate + filtered audit/stats.
+// ═════════════════════════════════════════════════════════════════
+
+export const SANDBOX_STATUS = Object.freeze({
+  CREATING: "creating",
+  READY: "ready",
+  RUNNING: "running",
+  PAUSED: "paused",
+  TERMINATED: "terminated",
+  ERROR: "error",
+});
+
+export const PERMISSION_TYPE = Object.freeze({
+  FILESYSTEM: "filesystem",
+  NETWORK: "network",
+  SYSCALL: "syscall",
+  IPC: "ipc",
+  PROCESS: "process",
+});
+
+export const RISK_LEVEL = Object.freeze({
+  SAFE: "safe",
+  LOW: "low",
+  MEDIUM: "medium",
+  HIGH: "high",
+  CRITICAL: "critical",
+});
+
+export const QUOTA_TYPE = Object.freeze({
+  CPU_PERCENT: "cpu_percent",
+  MEMORY_MB: "memory_mb",
+  DISK_MB: "disk_mb",
+  NETWORK_KBPS: "network_kbps",
+  PROCESS_COUNT: "process_count",
+});
+
+const _PERM_TYPE_VALUES = new Set(Object.values(PERMISSION_TYPE));
+const _QUOTA_TYPE_VALUES = new Set(Object.values(QUOTA_TYPE));
+
+// V2 audit / isolation state
+const _v2Isolations = [];
+
+// QUOTA_TYPE → internal quota-field mapping (maps canonical Phase 87 names
+// onto the pre-existing sandbox.quota fields).
+const _QUOTA_FIELD_MAP = {
+  [QUOTA_TYPE.CPU_PERCENT]: "cpu",
+  [QUOTA_TYPE.MEMORY_MB]: "memory",
+  [QUOTA_TYPE.DISK_MB]: "storage",
+  [QUOTA_TYPE.NETWORK_KBPS]: "network",
+  [QUOTA_TYPE.PROCESS_COUNT]: "processCount",
+};
+
+function _requireSandbox(sandboxId) {
+  const s = activeSandboxes.get(sandboxId);
+  if (!s) throw new Error(`Sandbox not found: ${sandboxId}`);
+  return s;
+}
+
+/**
+ * Pause a sandbox: active → paused (no execution allowed while paused).
+ */
+export function pauseSandboxV2(db, sandboxId) {
+  ensureSandboxTables(db);
+  const sandbox = _requireSandbox(sandboxId);
+  if (sandbox.status === SANDBOX_STATUS.PAUSED)
+    throw new Error("Sandbox already paused");
+  if (sandbox.status === SANDBOX_STATUS.TERMINATED)
+    throw new Error("Cannot pause terminated sandbox");
+  const prev = sandbox.status;
+  sandbox.status = SANDBOX_STATUS.PAUSED;
+  db.prepare(
+    `UPDATE sandbox_instances SET status = ?, updated_at = datetime('now') WHERE id = ?`,
+  ).run(SANDBOX_STATUS.PAUSED, sandboxId);
+  logAudit(db, sandboxId, "pause", { previousStatus: prev });
+  return { id: sandboxId, status: SANDBOX_STATUS.PAUSED, previousStatus: prev };
+}
+
+/**
+ * Resume a paused sandbox back to active.
+ */
+export function resumeSandboxV2(db, sandboxId) {
+  ensureSandboxTables(db);
+  const sandbox = _requireSandbox(sandboxId);
+  if (sandbox.status !== SANDBOX_STATUS.PAUSED)
+    throw new Error(`Cannot resume: sandbox is ${sandbox.status}, not paused`);
+  sandbox.status = "active";
+  db.prepare(
+    `UPDATE sandbox_instances SET status = 'active', updated_at = datetime('now') WHERE id = ?`,
+  ).run(sandboxId);
+  logAudit(db, sandboxId, "resume", {});
+  return { id: sandboxId, status: "active" };
+}
+
+/**
+ * Terminate a sandbox (canonical name for destroy; records TERMINATED status).
+ */
+export function terminateSandboxV2(db, sandboxId, reason = null) {
+  ensureSandboxTables(db);
+  const sandbox = _requireSandbox(sandboxId);
+  const prev = sandbox.status;
+  sandbox.status = SANDBOX_STATUS.TERMINATED;
+  activeSandboxes.delete(sandboxId);
+  db.prepare(
+    `UPDATE sandbox_instances SET status = ?, updated_at = datetime('now') WHERE id = ?`,
+  ).run(SANDBOX_STATUS.TERMINATED, sandboxId);
+  logAudit(db, sandboxId, "terminate", { previousStatus: prev, reason });
+  return {
+    id: sandboxId,
+    status: SANDBOX_STATUS.TERMINATED,
+    previousStatus: prev,
+    reason,
+  };
+}
+
+/**
+ * Set a single quota value keyed by QUOTA_TYPE. Validates type; merges into
+ * existing quota object instead of replacing.
+ */
+export function setQuotaTyped(db, sandboxId, quotaType, limit) {
+  ensureSandboxTables(db);
+  if (!_QUOTA_TYPE_VALUES.has(quotaType))
+    throw new Error(`Invalid quotaType: ${quotaType}`);
+  if (!Number.isFinite(limit) || limit < 0)
+    throw new Error(`Invalid limit: ${limit}`);
+  const sandbox = _requireSandbox(sandboxId);
+  const field = _QUOTA_FIELD_MAP[quotaType];
+  const nextQuota = { ...sandbox.quota, [field]: limit };
+  sandbox.quota = nextQuota;
+  db.prepare(
+    `UPDATE sandbox_instances SET quota = ?, updated_at = datetime('now') WHERE id = ?`,
+  ).run(JSON.stringify(nextQuota), sandboxId);
+  logAudit(db, sandboxId, "set-quota-typed", { quotaType, limit, field });
+  return { id: sandboxId, quotaType, limit, quota: nextQuota };
+}
+
+/**
+ * Explicit permission enforcement (boolean result + optional throw on denied).
+ * Supports filesystem / network / syscall permission types.
+ */
+export function enforcePermission(
+  sandbox,
+  { type, target, mode, throwOnDeny = false } = {},
+) {
+  if (!_PERM_TYPE_VALUES.has(type))
+    throw new Error(`Invalid permission type: ${type}`);
+  if (!sandbox || !sandbox.permissions)
+    throw new Error("Sandbox or permissions missing");
+  let allowed = false;
+  if (type === PERMISSION_TYPE.FILESYSTEM) {
+    allowed = checkFilePermission(sandbox.permissions, target, mode || "read");
+  } else if (type === PERMISSION_TYPE.NETWORK) {
+    allowed = checkNetworkPermission(sandbox.permissions, target);
+  } else if (type === PERMISSION_TYPE.SYSCALL) {
+    allowed = checkSystemCallPermission(sandbox.permissions, target);
+  } else {
+    // IPC / PROCESS — not implemented in base library; treat as denied-by-default
+    allowed = false;
+  }
+  if (!allowed && throwOnDeny)
+    throw new Error(`Permission denied: ${type} ${mode || ""} ${target}`);
+  return { allowed, type, target, mode: mode || null };
+}
+
+/**
+ * Per-type quota check. Returns {ok, current, limit, remaining}.
+ */
+export function checkQuotaV2(sandbox, quotaType, amount = 0) {
+  if (!_QUOTA_TYPE_VALUES.has(quotaType))
+    throw new Error(`Invalid quotaType: ${quotaType}`);
+  if (!sandbox || !sandbox.quota) throw new Error("Sandbox or quota missing");
+  const field = _QUOTA_FIELD_MAP[quotaType];
+  const limit = sandbox.quota[field];
+  const current = (sandbox.resourceUsage?.[field] || 0) + amount;
+  const remaining = limit != null ? Math.max(0, limit - current) : Infinity;
+  return {
+    quotaType,
+    field,
+    limit: limit ?? null,
+    current,
+    remaining,
+    ok: limit == null || current <= limit,
+  };
+}
+
+/**
+ * Map a risk score (0..100) to a RISK_LEVEL enum value.
+ * safe < 20 ≤ low < 40 ≤ medium < 60 ≤ high < 80 ≤ critical
+ */
+export function getRiskLevel(score) {
+  const n = Number(score) || 0;
+  if (n < 20) return RISK_LEVEL.SAFE;
+  if (n < 40) return RISK_LEVEL.LOW;
+  if (n < 60) return RISK_LEVEL.MEDIUM;
+  if (n < 80) return RISK_LEVEL.HIGH;
+  return RISK_LEVEL.CRITICAL;
+}
+
+/**
+ * Calculate risk score via monitorBehavior and classify with RISK_LEVEL.
+ */
+export function calculateRiskScore(db, sandboxId) {
+  const report = monitorBehavior(db, sandboxId);
+  const level = getRiskLevel(report.riskScore);
+  return {
+    sandboxId,
+    riskScore: report.riskScore,
+    riskLevel: level,
+    patterns: report.patterns,
+    totalEvents: report.totalEvents,
+  };
+}
+
+/**
+ * Auto-isolate a sandbox: records an isolation entry + terminates.
+ * Typical trigger: risk level == CRITICAL or explicit admin call.
+ */
+export function autoIsolate(db, sandboxId, reason = "high-risk") {
+  ensureSandboxTables(db);
+  const sandbox = _requireSandbox(sandboxId);
+  const entry = {
+    id: crypto.randomUUID(),
+    sandboxId,
+    reason,
+    isolatedAt: new Date().toISOString(),
+    agentId: sandbox.agentId,
+  };
+  _v2Isolations.push(entry);
+  logAudit(db, sandboxId, "auto-isolate", { reason });
+  try {
+    terminateSandboxV2(db, sandboxId, reason);
+  } catch (_e) {
+    // swallow — sandbox may already be terminated
+  }
+  return entry;
+}
+
+export function listIsolations(options = {}) {
+  let result = [..._v2Isolations];
+  if (options.sandboxId)
+    result = result.filter((i) => i.sandboxId === options.sandboxId);
+  if (options.reason)
+    result = result.filter((i) => i.reason === options.reason);
+  return result;
+}
+
+/**
+ * Filtered audit log — time range + event types + limit.
+ */
+export function filterAuditLog(db, sandboxId, options = {}) {
+  let entries = [...auditLog];
+  if (sandboxId) entries = entries.filter((e) => e.sandboxId === sandboxId);
+  if (options.eventTypes && options.eventTypes.length > 0) {
+    const set = new Set(options.eventTypes);
+    entries = entries.filter((e) => set.has(e.action));
+  }
+  if (options.timeRange) {
+    const from = options.timeRange.from
+      ? new Date(options.timeRange.from).getTime()
+      : null;
+    const to = options.timeRange.to
+      ? new Date(options.timeRange.to).getTime()
+      : null;
+    entries = entries.filter((e) => {
+      const t = new Date(e.timestamp).getTime();
+      if (from != null && t < from) return false;
+      if (to != null && t > to) return false;
+      return true;
+    });
+  }
+  if (options.limit) entries = entries.slice(-options.limit);
+  return entries;
+}
+
+/**
+ * Extended V2 stats: per-status sandbox counts + audit summary + isolations.
+ */
+export function getSandboxStatsV2() {
+  const byStatus = {};
+  for (const s of activeSandboxes.values()) {
+    const st = s.status || "unknown";
+    byStatus[st] = (byStatus[st] || 0) + 1;
+  }
+  const auditByAction = {};
+  for (const e of auditLog) {
+    auditByAction[e.action] = (auditByAction[e.action] || 0) + 1;
+  }
+  return {
+    totalSandboxes: activeSandboxes.size,
+    byStatus,
+    auditEventCount: auditLog.length,
+    auditByAction,
+    isolations: {
+      total: _v2Isolations.length,
+      byReason: _v2Isolations.reduce((acc, i) => {
+        acc[i.reason] = (acc[i.reason] || 0) + 1;
+        return acc;
+      }, {}),
+    },
+  };
 }