ltcai 4.2.0 → 4.3.0

package/README.md

@@ -203,32 +203,31 @@ npm run dev
 
 ## Latest Release
 
-### v4.2.0 — Brain Core & Storage Rebuild
-
-- **Independent Brain Core package** — `lattice_brain` exposes the Knowledge
-  Graph, durable conversations, memory/context, signed exchange, archives, and
-  storage tools for FastAPI, CLI, tests, and future tools.
-- **Pluggable storage layer** — `StorageEngine`, `SQLiteEngine`, and
-  `PostgresEngine` give the backend an explicit storage boundary. SQLite stays
-  the default.
-- **Honest vector search** — sqlite-vec is detected when available; otherwise
-  the real local hash-embedding cosine path remains active and reported.
-- **Postgres scale mode** — pgvector setup and SQLite-to-Postgres migration are
-  opt-in. Live Docker validation covers migration integrity, idempotence, and
-  pgvector distance search. Explicit Postgres selection fails loudly when
-  DSN/dependencies are missing; it never hides failure with a SQLite fallback.
-- **Consent-gated Docker setup** — Docker Compose setup is generated locally
-  and only starts Docker after explicit user consent.
-- **Encrypted `.latticebrain` archives** — local encrypted backup/restore over
-  the brain DB and blobs, with bad passphrases failing closed.
-
-See [RELEASE_NOTES_v4.2.0.md](RELEASE_NOTES_v4.2.0.md),
+### v4.3.0 RC — Portability & Product Hardening
+
+- **Portable `.latticebrain` archives** — encrypted archives now include the
+  brain DB, blobs, workspace state, settings, signed bundles, storage metadata,
+  provenance, and public device identity metadata.
+- **Safe backup/restore flows** — archive inspect, verify, import, restore, and
+  restore dry-run are real API-backed operations; destructive restore requires
+  explicit admin confirmation.
+- **Migration safety** — live SQLite-to-Postgres migration creates and verifies
+  a pre-migration backup before copying data.
+- **Desktop hardening** — Tauri sidecar startup, status, restart, shutdown, and
+  loopback-only/default-off guards are hardened.
+- **Privacy audit surface** — token presence alone no longer enables Telegram or
+  external connectors; admin status reports storage, backup health, device
+  identity, permissions, and opt-in integration state.
+- **Release hardening** — exact-version validation covers wheel, sdist, npm tgz,
+  VSIX, and Tauri DMG artifacts.
+
+See [RELEASE_NOTES_v4.3.0.md](RELEASE_NOTES_v4.3.0.md),
 [docs/kg-schema.md](docs/kg-schema.md),
 [FEATURE_STATUS.md](FEATURE_STATUS.md).
 
 ## How it works — every source converges into the graph
 
-As of v4.2.0, data sources flow through the brain ingestion pipeline into
+As of v4.3.0, data sources flow through the brain ingestion pipeline into
 the Knowledge Graph — no source bypasses it, none becomes an isolated silo:
 
 ```text
@@ -263,6 +262,10 @@ For the deeper design, see [ARCHITECTURE.md](ARCHITECTURE.md) and
 
 - [ARCHITECTURE.md](ARCHITECTURE.md) — workspace, graph, pipeline, and model overview
 - [docs/architecture.md](docs/architecture.md) — full architecture reference
+- [docs/V4_3_PORTABILITY_ARCHITECTURE.md](docs/V4_3_PORTABILITY_ARCHITECTURE.md) — v4.3.0 portable brain archive architecture
+- [docs/V4_3_PRODUCT_HARDENING_REPORT.md](docs/V4_3_PRODUCT_HARDENING_REPORT.md) — v4.3.0 desktop/product hardening report
+- [docs/V4_3_PRIVACY_AUDIT.md](docs/V4_3_PRIVACY_AUDIT.md) — v4.3.0 privacy and local-first audit
+- [docs/V4_3_VALIDATION_REPORT.md](docs/V4_3_VALIDATION_REPORT.md) — v4.3.0 validation report
 - [docs/V4_2_BRAIN_CORE_ARCHITECTURE.md](docs/V4_2_BRAIN_CORE_ARCHITECTURE.md) — v4.2.0 Brain Core package and storage architecture
 - [docs/V4_2_STORAGE_MIGRATION_REPORT.md](docs/V4_2_STORAGE_MIGRATION_REPORT.md) — v4.2.0 storage migration and archive report
 - [docs/V4_2_VALIDATION_REPORT.md](docs/V4_2_VALIDATION_REPORT.md) — v4.2.0 validation report
@@ -287,6 +290,7 @@ For the deeper design, see [ARCHITECTURE.md](ARCHITECTURE.md) and
 ### Releases
 
 - [RELEASE_NOTES.md](RELEASE_NOTES.md) — current release notes
+- [RELEASE_NOTES_v4.3.0.md](RELEASE_NOTES_v4.3.0.md)
 - [RELEASE_NOTES_v4.2.0.md](RELEASE_NOTES_v4.2.0.md)
 - [RELEASE_NOTES_v4.1.0.md](RELEASE_NOTES_v4.1.0.md)
 - [RELEASE_NOTES_v4.0.1.md](RELEASE_NOTES_v4.0.1.md)
@@ -301,6 +305,7 @@ For the deeper design, see [ARCHITECTURE.md](ARCHITECTURE.md) and
 
 | Version | Theme |
 | --- | --- |
+| **4.3.0** | Portability & Product Hardening RC — portable `.latticebrain` archives, confirmed restore/import, pre-migration backup verification, Tauri sidecar hardening, local-only/default-off integration guards, exact-version DMG validation |
 | **4.2.0** | Brain Core & Storage Rebuild — independent `lattice_brain` package, pluggable storage layer, sqlite-vec/pgvector capability reporting, explicit Postgres migration, consent-gated Docker setup, encrypted `.latticebrain` archives |
 | **4.1.0** | Frontend & Desktop Rebuild RC — React/Vite/OpenAPI desktop SPA, Tauri 2.0 primary shell, graph-first navigation, and legacy static frontend removal |
 | **4.0.1** | Digital Brain Platform maintenance — closes post-tag v4 gaps with durable async runs, stable identity/workspace state, full `/app` parity, and legacy UI retirement |

package/docs/CHANGELOG.md

@@ -1,5 +1,47 @@
 # Changelog
 
+## [4.3.0] - 2026-06-12
+
+> Portability & Product Hardening release candidate. v4.3.0 preserves the
+> v4.2 Brain Core/storage architecture and adds user-safe portable archives,
+> backup/restore hardening, desktop lifecycle status, and local-only privacy
+> guards.
+
+### Added
+
+- `.latticebrain` archive format v2 with encrypted graph DB, blobs, portable
+  JSON state, signed bundles, storage metadata, provenance, public device
+  identity metadata, manifest hashes, inspect, verify, import, restore, and
+  restore dry-run.
+- FastAPI routes for archive inspect/verify/import, backup health, and admin
+  product-hardening status.
+- Product-hardening status for local-only startup, storage mode, backup health,
+  device identity, import/export permissions, external integration opt-in state,
+  and fail-closed archive behavior.
+- Tauri sidecar `backend_status`, `restart_backend`, and `shutdown_backend`
+  commands.
+- Release cleaner and exact-version DMG validation.
+
+### Changed
+
+- Telegram is disabled by default; token presence alone no longer enables any
+  external integration.
+- SQLite-to-Postgres live migration creates and verifies a pre-migration backup
+  before copying data.
+- System settings exposes `.latticebrain` export/inspect/verify/dry-run
+  restore/confirmed restore through real APIs.
+- OpenAPI client regenerated with 318 paths.
+- Synchronized package/runtime versions to `4.3.0`, including Tauri config and
+  `lattice_brain.__version__`.
+
+### Expected Artifacts
+
+- `dist/ltcai-4.3.0-py3-none-any.whl`
+- `dist/ltcai-4.3.0.tar.gz`
+- `dist/ltcai-4.3.0.vsix`
+- `ltcai-4.3.0.tgz`
+- `src-tauri/target/release/bundle/dmg/Lattice AI_4.3.0_aarch64.dmg`
+
 ## [4.2.0] - 2026-06-12
 
 > Brain Core & Storage Rebuild release. The backend Digital Brain boundary is

package/docs/V4_3_PORTABILITY_ARCHITECTURE.md

@@ -0,0 +1,69 @@
+# Lattice AI v4.3.0 Portability Architecture
+
+## Scope
+
+v4.3.0 hardens the v4.2 Brain Core/storage architecture without redesigning it.
+The primary portable brain format is the encrypted `.latticebrain` archive.
+FastAPI remains the only boundary consumed by the frontend and desktop shell.
+
+## `.latticebrain` Archive Format
+
+The archive is a JSON envelope with:
+
+- `format = latticebrain.encrypted`
+- `format_version = 2`
+- PBKDF2-HMAC-SHA256 key derivation metadata
+- AES-256-GCM cipher metadata
+- encrypted ZIP payload
+- payload SHA-256
+- non-secret manifest summary for inspection
+
+The encrypted payload contains:
+
+- `knowledge_graph.sqlite`
+- `blobs/` from the Knowledge Graph blob store
+- portable JSON state under `data/`
+- signed graph export bundles under `workspace_exports/`
+- `manifest.json` with entry hashes, section flags, storage metadata,
+  public device identity metadata, provenance, and version.
+
+Private key material such as `device_identity.key` is deliberately excluded.
+
+## Operations
+
+- Export: `POST /api/knowledge-graph/archive`
+- Inspect: `POST /api/knowledge-graph/archive/inspect`
+- Verify: `POST /api/knowledge-graph/archive/verify`
+- Import: `POST /api/knowledge-graph/archive/import`
+- Restore: `POST /api/knowledge-graph/archive/restore`
+- Backup health: `GET /api/knowledge-graph/backup-health`
+
+Restore/import fail closed unless the request is a dry run or includes
+`confirm: true`.
+
+## Compatibility
+
+- v1 `.latticebrain` payloads that contain only DB/blob data remain restorable.
+- SQLite remains the default source and target.
+- Postgres scale-mode brains export through safe logical/archive semantics; the
+  migration tooling still requires explicit DSN and does not silently fall back.
+- Existing Knowledge Graph JSON exports and ZIP backups remain supported.
+
+## Integrity Policy
+
+Archives fail closed on:
+
+- bad passphrase
+- corrupt envelope
+- corrupt ZIP payload
+- payload SHA mismatch
+- missing brain database
+- manifest hash mismatch
+- unsupported future archive version
+- unsafe ZIP member paths
+
+## User Safety
+
+Destructive restore operations require admin permission and explicit
+confirmation. Dry-run restore returns the target paths and payload sections
+without mutating user data.

package/docs/V4_3_PRIVACY_AUDIT.md

@@ -0,0 +1,60 @@
+# Lattice AI v4.3.0 Privacy And Local-First Audit
+
+## Default Startup
+
+Default local startup is loopback-only and local-first:
+
+- host: `127.0.0.1`
+- Telegram disabled
+- model autoload disabled in local mode
+- network CORS disabled
+- storage engine: SQLite
+- embedding provider: local hash fallback
+- Docker not auto-started
+- Postgres not required
+- updater checks disabled unless explicitly enabled
+
+## Token Presence Policy
+
+Credentials alone do not enable outbound communication. The product-hardening
+status distinguishes `credential_present` from `enabled`.
+
+Audited integrations:
+
+- Telegram: requires `LATTICEAI_ENABLE_TELEGRAM=true`
+- Brain Network: peer push is explicit user/admin action; no automatic sync
+- Update checks: require `LATTICEAI_ENABLE_UPDATES=true`
+- Model downloads: require explicit load/autoload/user action
+- Docker setup: requires runtime consent
+- Postgres: requires explicit storage engine and DSN
+- External connectors: credentials are inert until connector enablement and
+  invocation
+
+## Tests
+
+Unit coverage proves:
+
+- default config is local-only
+- Telegram is disabled by default
+- Telegram token presence alone does not enable Telegram
+- cloud/API-token presence alone does not enable external connectors
+- product hardening status reports opt-in egress honestly
+
+## Desktop Guardrails
+
+Tauri sidecar startup sets local-only environment overrides for the packaged
+backend. Desktop status commands expose missing backend/runtime failures as
+honest unavailable states.
+
+## CLI Guardrails
+
+The CLI startup notification path now requires `LATTICEAI_ENABLE_TELEGRAM=true`;
+Telegram bot token and chat ID presence alone no longer starts a notification
+thread.
+
+## Remaining Owner-Only Privacy Decisions
+
+- Package registry publication remains owner-only.
+- Production model downloads remain explicit user action or policy opt-in.
+- History rewrite for old binary assets remains owner-only because it requires a
+  force push.

package/docs/V4_3_PRODUCT_HARDENING_REPORT.md

@@ -0,0 +1,53 @@
+# Lattice AI v4.3.0 Product Hardening Report
+
+## Summary
+
+v4.3.0 turns the v4.2 Brain Core/storage release into a safer desktop product
+without changing the Brain Core, storage, frontend, agent, or workflow
+architecture.
+
+## Desktop Shell
+
+- Tauri sidecar startup now records command, PID, origin, running state, and
+  last error.
+- Tauri exposes `backend_status`, `restart_backend`, and `shutdown_backend`
+  commands.
+- Sidecar startup forces loopback host, disables Telegram, disables autoloaded
+  models, disables network CORS, and disables tunnels.
+- Missing Python or backend command failures are stored as actionable desktop
+  status instead of being hidden.
+
+## Backup And Restore
+
+- `.latticebrain` archive export/inspect/verify/import/restore is API-backed.
+- Backup health is exposed through FastAPI and the System settings view.
+- Restore dry-run verifies the archive and returns planned targets without
+  mutation.
+- Restore/import requires explicit confirmation for destructive execution.
+- SQLite-to-Postgres live migration now creates and verifies a pre-migration
+  SQLite backup before copying data.
+
+## Admin Status
+
+`GET /admin/product-hardening` reports:
+
+- local-only startup posture
+- storage mode
+- backup health
+- public device identity metadata
+- external integration opt-in state
+- admin import/export/restore permissions
+- fail-closed behavior for archive and restore errors
+
+## Release Packaging
+
+- Release artifact validation now checks the exact Tauri DMG path.
+- Release artifact build script cleans only target-version outputs before
+  rebuilding.
+- Historical artifacts remain visible so `dist/*` upload mistakes are still
+  detectable.
+
+## Registry Policy
+
+v4.3.0 RC work builds and validates artifacts only. It does not publish to PyPI,
+npm Registry, VS Code Marketplace, Open VSX, or any other external registry.

package/docs/V4_3_VALIDATION_REPORT.md

@@ -0,0 +1,58 @@
+# Lattice AI v4.3.0 Validation Report
+
+> Status: passed for v4.3.0 RC artifacts on 2026-06-12. No package registry,
+> marketplace, GitHub Release, or tag publish was performed.
+
+## Target Artifacts
+
+- `dist/ltcai-4.3.0-py3-none-any.whl`
+- `dist/ltcai-4.3.0.tar.gz`
+- `ltcai-4.3.0.tgz`
+- `dist/ltcai-4.3.0.vsix`
+- `src-tauri/target/release/bundle/dmg/Lattice AI_4.3.0_aarch64.dmg`
+
+## Validation Matrix
+
+| Gate | Command | Result |
+| --- | --- | --- |
+| Python compile check | `npm run check:python` | PASS — compiled 238 modules |
+| Ruff | `node scripts/run_python.mjs -m ruff check .` | PASS |
+| Unit tests | `npm run test:unit` | PASS — 598 passed, 2 warnings |
+| Integration tests | `LTCAI_TEST_BASE_URL=http://127.0.0.1:8899 npm run test:integration` | PASS — 9 passed, 1 skipped; backend was started on loopback with tunnel, Telegram, autoload, and network CORS disabled |
+| Frontend lint | `npm run lint:frontend` | PASS — frontend TS, no-CDN scan, OpenAPI path guard; 318 paths |
+| TypeScript typecheck | `npm run typecheck` | PASS — frontend and VS Code extension build |
+| Playwright visual/offline | `npm run test:visual` | PASS — 12 passed |
+| Tauri check | `npm run desktop:tauri:check` | PASS |
+| Tauri build | `npm run release:artifacts` | PASS — built app and DMG through `desktop:tauri:build` |
+| Archive export/import/restore | `tests/unit/test_v42_brain_storage.py`, `tests/unit/test_kg_portability.py` | PASS |
+| Backup/restore corruption | `tests/unit/test_kg_portability.py` | PASS |
+| Signature/version mismatch | `tests/unit/test_v42_brain_storage.py`, `tests/unit/test_t8_brain_network.py` | PASS |
+| Default startup no-network | `tests/unit/test_config.py`, `tests/unit/test_v43_product_hardening.py`, `tests/unit/test_v43_cli_privacy.py`, integration startup banner | PASS |
+| Release artifact validation | `npm run release:validate` | PASS — exact 4.3.0 files found; warning retained for historical artifacts in `dist/` |
+| Wheel smoke | `node scripts/run_python.mjs scripts/wheel_smoke.py --wheel dist/ltcai-4.3.0-py3-none-any.whl` | PASS |
+| npm pack dry-run | `npm pack --dry-run` | PASS |
+
+## Artifact Hashes
+
+| Artifact | SHA-256 |
+| --- | --- |
+| `dist/ltcai-4.3.0-py3-none-any.whl` | `c6fb5457bff312ebf694ccf83e53f82124de2b6d83f7f988a4f672b39475cf27` |
+| `dist/ltcai-4.3.0.tar.gz` | `c7830b7db62ea0e6e7de2107f3c0903d17546cf9bfa199596fdb930d372a0aaf` |
+| `dist/ltcai-4.3.0.vsix` | `939a2839f2b5551136df14321fbfe3da0460e35f76be3a1fea5306628c640df0` |
+| `ltcai-4.3.0.tgz` | `e4c94d6331482dd913525c24198d95fef693667a85df88b73548ec281ac1cb16` |
+| `src-tauri/target/release/bundle/dmg/Lattice AI_4.3.0_aarch64.dmg` | `bda5020dd556cd918cc3ef448468f175934e95ab4a7665a37db195faac7fc5fb` |
+
+## Notes
+
+- The v4.2 live Docker/pgvector integration test was skipped because no v4.3
+  Docker consent was requested for this release-candidate validation pass.
+- A direct `npm run test:integration` without a live server fails by design; the
+  passing run above used the documented `LTCAI_TEST_BASE_URL` against an
+  isolated loopback server.
+- Tauri/Cargo emitted a dependency future-incompatibility warning for `block
+  v0.1.6`; it did not fail `cargo check` or the release build.
+
+## Registry Policy
+
+No PyPI, npm Registry, VS Code Marketplace, Open VSX, or other external
+registry publish is part of this RC.

package/docs/V4_DIGITAL_BRAIN_RECOVERY.md

@@ -5,27 +5,28 @@
 > completed analysis. **Update this file before ending any phase and before any
 > likely session/context/usage limit.**
 >
-> Last updated: 2026-06-12 — v4.2.0 Brain Core/storage release; Remaining Gaps remain empty
+> Last updated: 2026-06-12 — v4.3.0 Portability/Product Hardening RC; Remaining Gaps remain empty
 
 ---
 
-## 0. RELEASE STATUS (v4.2.0)
-
-**v4.2.0 extracts Brain Core into `lattice_brain` and adds the pluggable
-storage layer on top of `main` after v4.1.0; implementation gaps remain empty.**
-Latest implementation milestone: FastAPI now constructs the Knowledge Graph and
-durable conversation runtime through `lattice_brain.BrainCore`. The new
-`lattice_brain.storage` package provides `StorageEngine`, `SQLiteEngine`,
-`PostgresEngine`, explicit-consent Docker Postgres setup, SQLite-to-Postgres
-migration tooling, sqlite-vec capability reporting with honest cosine fallback,
-and encrypted `.latticebrain` archive create/restore. Owner-granted Docker
-validation covered live `pgvector/pgvector:pg16` migration integrity,
-rowid-less FTS5 shadow tables, idempotent reruns, pgvector distance search,
-and fail-closed Postgres behavior.
-The v4.2.0 release process builds validated artifacts, tags `v4.2.0`, and
-creates a GitHub Release only. It does not publish to PyPI, npm Registry,
-VS Code Marketplace, Open VSX, or deploy to production targets.
-v4.2.0 validation report: `docs/V4_2_VALIDATION_REPORT.md`.
+## 0. RELEASE STATUS (v4.3.0 RC)
+
+**v4.3.0 hardens the v4.2 Brain Core/storage architecture into a portable,
+user-safe desktop release candidate; implementation gaps remain empty.**
+Latest implementation milestone: `.latticebrain` archive format v2 is the
+primary portable brain format and carries encrypted graph DB, blobs, portable
+JSON state, signed bundles, storage metadata, provenance, public device identity
+metadata, manifest hashes, inspect, verify, import, restore, and dry-run restore.
+Restore/import requires explicit confirmation unless dry-run. Live
+SQLite-to-Postgres migration now creates and verifies a pre-migration backup
+before copying data. Tauri exposes backend status/restart/shutdown and starts
+the sidecar with loopback/default-off guards. Admin product hardening status
+reports local-only startup posture, storage, backup health, device identity,
+permissions, and opt-in external integration state.
+The v4.3.0 RC process builds validated artifacts only. It does not tag, create a
+GitHub Release, publish to PyPI, npm Registry, VS Code Marketplace, Open VSX, or
+deploy to production targets.
+v4.3.0 validation report: `docs/V4_3_VALIDATION_REPORT.md`.
 Remaining implementation gaps: **none**.
 Owner-only blockers: pptx history rewrite (requires force-push/owner decision)
 and consent-gated production embedder provisioning (silent default download is
@@ -33,13 +34,12 @@ not permitted).
 
 ## Remaining Gaps
 
-None. v4.2.0 closes the backend Brain Core/storage rebuild on top of the
-already-empty v4.1.0 gap list: `lattice_brain` is the independent package
-boundary, SQLite remains the default engine, Postgres/pgvector is opt-in and
-honestly unavailable when dependencies or DSN are missing, Docker setup is
-consent-gated, migration planning is non-destructive, and encrypted
-`.latticebrain` archives round-trip the SQLite brain DB plus blobs. Owner-only
-blockers above are intentionally not implementation gaps.
+None. v4.3.0 preserves the already-empty v4.2.0 gap list and closes the
+portability/product-hardening work: `.latticebrain` archives are verified,
+inspectable, dry-runnable, and confirmation-gated; default startup is local-only
+and token-inert; backup health and product hardening are admin-visible; release
+artifact validation includes the exact Tauri DMG. Owner-only blockers above are
+intentionally not implementation gaps.
 
 ## 1. Program Charter (from the user's v4.0.0 directive)