mindforge-cc 10.7.0 → 11.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.agent/hooks/mindforge-statusline.js +2 -2
- package/.mindforge/MINDFORGE-V2-SCHEMA.json +43 -10
- package/.mindforge/config.json +18 -4
- package/CHANGELOG.md +165 -0
- package/MINDFORGE.md +3 -3
- package/README.md +49 -4
- package/RELEASENOTES.md +81 -1
- package/SECURITY.md +20 -8
- package/bin/autonomous/audit-writer.js +105 -70
- package/bin/autonomous/auto-runner.js +377 -34
- package/bin/autonomous/context-refactorer.js +26 -11
- package/bin/autonomous/dependency-dag.js +59 -0
- package/bin/autonomous/state-manager.js +62 -6
- package/bin/autonomous/stuck-monitor.js +46 -7
- package/bin/autonomous/wave-executor.js +86 -26
- package/bin/council-cli.js +161 -0
- package/bin/dashboard/api-router.js +43 -0
- package/bin/dashboard/approval-handler.js +3 -1
- package/bin/dashboard/metrics-aggregator.js +28 -1
- package/bin/dashboard/server.js +68 -5
- package/bin/dashboard/sse-bridge.js +10 -13
- package/bin/engine/council-runtime.js +124 -0
- package/bin/engine/feedback-loop.js +8 -0
- package/bin/engine/intelligence-interlock.js +32 -15
- package/bin/engine/logic-drift-detector.js +2 -1
- package/bin/engine/nexus-tracer.js +3 -2
- package/bin/engine/otel-exporter.js +123 -0
- package/bin/engine/remediation-engine.js +155 -32
- package/bin/engine/self-corrective-synthesizer.js +84 -10
- package/bin/engine/sre-manager.js +12 -4
- package/bin/engine/temporal-cli.js +4 -2
- package/bin/engine/temporal-hub.js +131 -34
- package/bin/engine/verification-runner.js +131 -0
- package/bin/engine/verify-cli.js +34 -0
- package/bin/eval/eval-harness.js +82 -0
- package/bin/eval/golden-set-retrieval.json +46 -0
- package/bin/governance/approve.js +41 -5
- package/bin/governance/audit-hash.js +12 -0
- package/bin/governance/audit-verifier.js +60 -0
- package/bin/governance/impact-analyzer.js +28 -0
- package/bin/governance/policy-engine.js +10 -3
- package/bin/governance/quantum-crypto.js +95 -28
- package/bin/governance/rbac-manager.js +74 -2
- package/bin/governance/ztai-manager.js +79 -9
- package/bin/hindsight-injector.js +8 -9
- package/bin/hooks/instinct-capture-hook.js +186 -0
- package/bin/memory/auto-shadow.js +32 -3
- package/bin/memory/eis-client.js +71 -34
- package/bin/memory/embedding-engine.js +61 -0
- package/bin/memory/identity-synthesizer.js +2 -2
- package/bin/memory/knowledge-graph.js +58 -5
- package/bin/memory/knowledge-indexer.js +53 -6
- package/bin/memory/knowledge-store.js +52 -6
- package/bin/memory/retrieval-fusion.js +58 -0
- package/bin/memory/semantic-hub.js +2 -2
- package/bin/memory/vector-hub.js +111 -6
- package/bin/migrations/10.7.0-to-11.0.0.js +110 -0
- package/bin/migrations/schema-versions.js +13 -0
- package/bin/mindforge-cli.js +4 -5
- package/bin/models/anthropic-provider.js +58 -4
- package/bin/models/cloud-broker.js +68 -20
- package/bin/models/cost-tracker.js +3 -1
- package/bin/models/difficulty-scorer.js +54 -0
- package/bin/models/gemini-provider.js +57 -2
- package/bin/models/model-client.js +20 -0
- package/bin/models/model-router.js +59 -26
- package/bin/models/openai-provider.js +50 -3
- package/bin/models/pricing-registry.js +128 -0
- package/bin/review/ads-engine.js +1 -1
- package/bin/security/trust-boundaries.js +102 -0
- package/bin/security/trust-gate-hook.js +39 -0
- package/bin/skill-registry.js +3 -2
- package/bin/skills-builder/marketplace-cli.js +5 -3
- package/bin/skills-builder/skill-registrar.js +4 -6
- package/bin/sre/sentinel.js +7 -5
- package/bin/utils/append-queue.js +55 -0
- package/bin/utils/file-io.js +90 -38
- package/bin/utils/index.js +58 -0
- package/bin/utils/version-check.js +59 -0
- package/bin/verify-audit.js +12 -0
- package/bin/wizard/theme.js +1 -2
- package/docs/getting-started.md +1 -1
- package/docs/user-guide.md +2 -2
- package/package.json +2 -2
- package/bin/dashboard/team-tracker.js +0 -0
|
@@ -1,31 +1,34 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* MindForge
|
|
2
|
+
* MindForge v11.1.0 — Neural Drift Remediation (NDR)
|
|
3
3
|
* Component: Remediation Engine (Pillar X)
|
|
4
|
-
*
|
|
5
|
-
* Triggers corrective actions when logic drift or reasoning
|
|
6
|
-
* stagnation is detected.
|
|
4
|
+
*
|
|
5
|
+
* Triggers corrective actions when logic drift or reasoning
|
|
6
|
+
* stagnation is detected. v11: Full strategy implementations
|
|
7
|
+
* for CONTEXT_COMPRESSION, GOLDEN_TRACE_INJECTION, and REASONING_RESTART.
|
|
7
8
|
*/
|
|
8
9
|
'use strict';
|
|
9
10
|
|
|
11
|
+
const fs = require('fs');
|
|
12
|
+
const path = require('path');
|
|
10
13
|
const remediationQueue = require('../revops/remediation-queue');
|
|
11
14
|
const logicValidator = require('./logic-validator');
|
|
12
|
-
|
|
15
|
+
|
|
16
|
+
const MAX_PENDING_REMEDIATIONS = 50;
|
|
13
17
|
|
|
14
18
|
class RemediationEngine {
|
|
15
19
|
constructor() {
|
|
16
|
-
this.activeRemediations = new
|
|
20
|
+
this.activeRemediations = new Map();
|
|
17
21
|
}
|
|
18
22
|
|
|
19
23
|
/**
|
|
20
24
|
* Triggers a specific remediation workflow.
|
|
21
|
-
* @param {string} spanId
|
|
25
|
+
* @param {string} spanId
|
|
22
26
|
* @param {Object} report - From LogicDriftDetector
|
|
23
27
|
*/
|
|
24
28
|
async trigger(spanId, report) {
|
|
25
29
|
const { drift_score, markers } = report;
|
|
26
30
|
let strategy = 'NOT_REQUIRED';
|
|
27
31
|
|
|
28
|
-
// Tiered Remediation Logic
|
|
29
32
|
if (drift_score > 0.9) strategy = 'REASONING_RESTART';
|
|
30
33
|
else if (drift_score > 0.8 || report.invalid_logic) strategy = 'GOLDEN_TRACE_INJECTION';
|
|
31
34
|
else if (drift_score > 0.75) strategy = 'CONTEXT_COMPRESSION';
|
|
@@ -41,40 +44,160 @@ class RemediationEngine {
|
|
|
41
44
|
};
|
|
42
45
|
|
|
43
46
|
console.log(`[Remediation] Triggered ${strategy} for ${spanId} (Score: ${drift_score})`);
|
|
44
|
-
|
|
45
|
-
// v7: Finalize with Stateful Queueing
|
|
47
|
+
|
|
46
48
|
await remediationQueue.enqueue(action);
|
|
47
49
|
|
|
48
|
-
|
|
49
|
-
|
|
50
|
+
const result = await this._executeStrategy(strategy, spanId);
|
|
51
|
+
|
|
52
|
+
this.activeRemediations.set(action.remediation_id, {
|
|
53
|
+
spanId,
|
|
54
|
+
strategy: action.strategy,
|
|
55
|
+
timestamp: Date.now(),
|
|
56
|
+
preScore: drift_score
|
|
57
|
+
});
|
|
58
|
+
|
|
59
|
+
// Evict oldest entries if map exceeds bound
|
|
60
|
+
if (this.activeRemediations.size > MAX_PENDING_REMEDIATIONS) {
|
|
61
|
+
const firstKey = this.activeRemediations.keys().next().value;
|
|
62
|
+
this.activeRemediations.delete(firstKey);
|
|
63
|
+
}
|
|
50
64
|
|
|
51
|
-
return action;
|
|
65
|
+
return { ...action, execution: result };
|
|
52
66
|
}
|
|
53
67
|
|
|
54
|
-
/**
|
|
55
|
-
* functional implementation of remediation strategies.
|
|
56
|
-
*/
|
|
57
68
|
async _executeStrategy(strategy, spanId) {
|
|
58
|
-
switch(strategy) {
|
|
59
|
-
case '
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
69
|
+
switch (strategy) {
|
|
70
|
+
case 'CONTEXT_COMPRESSION': return this._executeContextCompression(spanId);
|
|
71
|
+
case 'GOLDEN_TRACE_INJECTION': return this._executeGoldenTraceInjection(spanId);
|
|
72
|
+
case 'REASONING_RESTART': return this._executeReasoningRestart(spanId);
|
|
73
|
+
default: return { strategy, result: 'unknown_strategy' };
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
|
|
77
|
+
async _executeContextCompression(spanId) {
|
|
78
|
+
try {
|
|
79
|
+
const { ContextEntropyGuard } = require('./context-entropy-guard');
|
|
80
|
+
const guard = typeof ContextEntropyGuard === 'function'
|
|
81
|
+
? new ContextEntropyGuard()
|
|
82
|
+
: ContextEntropyGuard;
|
|
83
|
+
|
|
84
|
+
const traces = this._getRecentTraces(spanId, 20);
|
|
85
|
+
const compressed = guard.compress(traces);
|
|
86
|
+
|
|
87
|
+
return {
|
|
88
|
+
strategy: 'CONTEXT_COMPRESSION',
|
|
89
|
+
result: 'applied',
|
|
90
|
+
tracesCompressed: traces.length,
|
|
91
|
+
outputSize: compressed.length
|
|
92
|
+
};
|
|
93
|
+
} catch (err) {
|
|
94
|
+
return {
|
|
95
|
+
strategy: 'CONTEXT_COMPRESSION',
|
|
96
|
+
result: 'error',
|
|
97
|
+
message: err.message
|
|
98
|
+
};
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
|
|
102
|
+
async _executeGoldenTraceInjection(spanId) {
|
|
103
|
+
try {
|
|
104
|
+
let SemanticHub;
|
|
105
|
+
try {
|
|
106
|
+
SemanticHub = require('../memory/semantic-hub');
|
|
107
|
+
} catch {
|
|
108
|
+
return { strategy: 'GOLDEN_TRACE_INJECTION', result: 'unavailable' };
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
await SemanticHub.ensureInit();
|
|
112
|
+
const goldenTraces = await SemanticHub.getGoldenTraces({ limit: 3 });
|
|
113
|
+
|
|
114
|
+
if (!goldenTraces || goldenTraces.length === 0) {
|
|
115
|
+
return { strategy: 'GOLDEN_TRACE_INJECTION', result: 'no_traces_found' };
|
|
116
|
+
}
|
|
117
|
+
|
|
118
|
+
return {
|
|
119
|
+
strategy: 'GOLDEN_TRACE_INJECTION',
|
|
120
|
+
result: 'injected',
|
|
121
|
+
tracesInjected: goldenTraces.length,
|
|
122
|
+
traceIds: goldenTraces.map(t => t.id || t.trace_id).filter(Boolean)
|
|
123
|
+
};
|
|
124
|
+
} catch (err) {
|
|
125
|
+
return {
|
|
126
|
+
strategy: 'GOLDEN_TRACE_INJECTION',
|
|
127
|
+
result: 'error',
|
|
128
|
+
message: err.message
|
|
129
|
+
};
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
|
|
133
|
+
async _executeReasoningRestart(spanId) {
|
|
134
|
+
try {
|
|
135
|
+
return {
|
|
136
|
+
strategy: 'REASONING_RESTART',
|
|
137
|
+
result: 'signalled',
|
|
138
|
+
instruction: 'Clear current reasoning context and re-read project constitution',
|
|
139
|
+
spanId
|
|
140
|
+
};
|
|
141
|
+
} catch (err) {
|
|
142
|
+
return {
|
|
143
|
+
strategy: 'REASONING_RESTART',
|
|
144
|
+
result: 'error',
|
|
145
|
+
message: err.message
|
|
146
|
+
};
|
|
73
147
|
}
|
|
74
148
|
}
|
|
75
149
|
|
|
150
|
+
_getRecentTraces(spanId, limit) {
|
|
151
|
+
try {
|
|
152
|
+
const NexusTracer = require('./nexus-tracer');
|
|
153
|
+
const spans = NexusTracer.activeSpans || new Map();
|
|
154
|
+
return Array.from(spans.values()).slice(-limit);
|
|
155
|
+
} catch {
|
|
156
|
+
return [];
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
|
|
160
|
+
evaluateOutcome(spanId, currentDriftScore) {
|
|
161
|
+
const results = [];
|
|
162
|
+
for (const [remId, rem] of this.activeRemediations) {
|
|
163
|
+
if (rem.spanId === spanId) {
|
|
164
|
+
const improved = currentDriftScore < rem.preScore;
|
|
165
|
+
const effectiveness = improved ? (rem.preScore - currentDriftScore) / rem.preScore : 0;
|
|
166
|
+
results.push({
|
|
167
|
+
remediation_id: remId,
|
|
168
|
+
strategy: rem.strategy,
|
|
169
|
+
effective: improved,
|
|
170
|
+
effectiveness_score: Math.round(effectiveness * 100) / 100,
|
|
171
|
+
pre_score: rem.preScore,
|
|
172
|
+
post_score: currentDriftScore
|
|
173
|
+
});
|
|
174
|
+
this.activeRemediations.delete(remId);
|
|
175
|
+
}
|
|
176
|
+
}
|
|
177
|
+
if (results.length > 0) {
|
|
178
|
+
this._persistEffectivenessStats(results);
|
|
179
|
+
}
|
|
180
|
+
return results;
|
|
181
|
+
}
|
|
182
|
+
|
|
183
|
+
_persistEffectivenessStats(results) {
|
|
184
|
+
try {
|
|
185
|
+
const statsPath = path.join(process.cwd(), 'bin', 'models', 'performance-stats.json');
|
|
186
|
+
let stats = {};
|
|
187
|
+
if (fs.existsSync(statsPath)) {
|
|
188
|
+
stats = JSON.parse(fs.readFileSync(statsPath, 'utf8'));
|
|
189
|
+
}
|
|
190
|
+
if (!stats.remediation_effectiveness) stats.remediation_effectiveness = [];
|
|
191
|
+
stats.remediation_effectiveness.push(...results);
|
|
192
|
+
if (stats.remediation_effectiveness.length > 100) {
|
|
193
|
+
stats.remediation_effectiveness = stats.remediation_effectiveness.slice(-100);
|
|
194
|
+
}
|
|
195
|
+
fs.writeFileSync(statsPath, JSON.stringify(stats, null, 2));
|
|
196
|
+
} catch { /* non-critical */ }
|
|
197
|
+
}
|
|
198
|
+
|
|
76
199
|
getActiveRemediations() {
|
|
77
|
-
return Array.from(this.activeRemediations);
|
|
200
|
+
return Array.from(this.activeRemediations.entries()).map(([id, data]) => ({ id, ...data }));
|
|
78
201
|
}
|
|
79
202
|
}
|
|
80
203
|
|
|
@@ -1,18 +1,26 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* MindForge
|
|
2
|
+
* MindForge v11.1.0 — Self-Corrective Synthesis (SCS)
|
|
3
3
|
* Component: Self-Corrective Synthesizer (Pillar XII)
|
|
4
|
-
*
|
|
5
|
-
* Analyzes mission drift and logic stagnation to synthesize
|
|
4
|
+
*
|
|
5
|
+
* Analyzes mission drift and logic stagnation to synthesize
|
|
6
6
|
* corrective steering signals (Homing Instructions).
|
|
7
|
+
*
|
|
8
|
+
* v11: Expanded analysis window (50 events), exponential decay weighting,
|
|
9
|
+
* and correction effectiveness tracking.
|
|
7
10
|
*/
|
|
8
11
|
'use strict';
|
|
9
12
|
|
|
10
13
|
const rsa = require('./reason-source-aligner.js');
|
|
11
14
|
|
|
15
|
+
const HISTORY_LIMIT = 50;
|
|
16
|
+
const DECAY_FACTOR = 0.95;
|
|
17
|
+
const MAX_CORRECTION_HISTORY = 20;
|
|
18
|
+
|
|
12
19
|
class SelfCorrectiveSynthesizer {
|
|
13
20
|
constructor() {
|
|
14
|
-
this.historyLimit =
|
|
21
|
+
this.historyLimit = HISTORY_LIMIT;
|
|
15
22
|
this.synthesisCount = 0;
|
|
23
|
+
this.correctionHistory = [];
|
|
16
24
|
}
|
|
17
25
|
|
|
18
26
|
/**
|
|
@@ -22,9 +30,18 @@ class SelfCorrectiveSynthesizer {
|
|
|
22
30
|
*/
|
|
23
31
|
async synthesizeCorrection(auditTrail, context) {
|
|
24
32
|
console.log('[SCS] Critical drift detected. Initiating internal alignment pass...');
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
33
|
+
|
|
34
|
+
this._evaluatePreviousCorrection(auditTrail);
|
|
35
|
+
|
|
36
|
+
const recentEvents = auditTrail.slice(-this.historyLimit);
|
|
37
|
+
|
|
38
|
+
// Weight events by recency: newest = 1.0, decays by 0.95^position
|
|
39
|
+
const weightedEvents = recentEvents.map((event, i) => ({
|
|
40
|
+
...event,
|
|
41
|
+
weight: Math.pow(DECAY_FACTOR, recentEvents.length - 1 - i)
|
|
42
|
+
}));
|
|
43
|
+
|
|
44
|
+
const failureEvents = weightedEvents.filter(e =>
|
|
28
45
|
e.type === 'mission_fidelity' && e.alignment.confidence < 0.50
|
|
29
46
|
);
|
|
30
47
|
|
|
@@ -32,27 +49,84 @@ class SelfCorrectiveSynthesizer {
|
|
|
32
49
|
return this._generateGenericRefocus(context);
|
|
33
50
|
}
|
|
34
51
|
|
|
35
|
-
//
|
|
36
|
-
const
|
|
52
|
+
// Weighted sort: higher weight (more recent) failures surface first
|
|
53
|
+
const sortedFailures = [...failureEvents].sort((a, b) => b.weight - a.weight);
|
|
54
|
+
|
|
55
|
+
const targetId = sortedFailures[0].alignment.best_match_id;
|
|
37
56
|
const requirement = rsa.getRequirementDetails(targetId);
|
|
38
57
|
|
|
39
58
|
if (!requirement) {
|
|
40
59
|
return this._generateGenericRefocus(context);
|
|
41
60
|
}
|
|
42
61
|
|
|
43
|
-
// 3. Synthesize the "Homing Signal"
|
|
44
62
|
this.synthesisCount++;
|
|
63
|
+
|
|
64
|
+
const currentConfidence = sortedFailures[0].alignment.confidence;
|
|
65
|
+
const correctionId = `scs_${Date.now()}_${this.synthesisCount}`;
|
|
66
|
+
|
|
45
67
|
const correction = {
|
|
46
68
|
type: 'scs_refocus',
|
|
69
|
+
correctionId,
|
|
47
70
|
req_id: targetId,
|
|
48
71
|
instruction: `[SCS-REFOCUS] Targeting [${targetId}]: ${requirement.summary}. Action: Resuming strict alignment with core requirement: ${requirement.description.split('\n')[0]}`,
|
|
49
72
|
confidence: 0.98
|
|
50
73
|
};
|
|
51
74
|
|
|
75
|
+
this._recordCorrection(correctionId, currentConfidence);
|
|
76
|
+
|
|
52
77
|
console.log(`[SCS] Synthesis complete. Correction targeted at ${targetId}.`);
|
|
53
78
|
return correction;
|
|
54
79
|
}
|
|
55
80
|
|
|
81
|
+
_evaluatePreviousCorrection(auditTrail) {
|
|
82
|
+
if (this.correctionHistory.length === 0) return;
|
|
83
|
+
|
|
84
|
+
const lastCorrection = this.correctionHistory[this.correctionHistory.length - 1];
|
|
85
|
+
if (lastCorrection.effective !== undefined) return;
|
|
86
|
+
|
|
87
|
+
const recentEvents = auditTrail.slice(-this.historyLimit);
|
|
88
|
+
const fidelityEvents = recentEvents.filter(e =>
|
|
89
|
+
e.type === 'mission_fidelity' && e.alignment
|
|
90
|
+
);
|
|
91
|
+
|
|
92
|
+
if (fidelityEvents.length === 0) return;
|
|
93
|
+
|
|
94
|
+
const latestConfidence = fidelityEvents[fidelityEvents.length - 1].alignment.confidence;
|
|
95
|
+
const improved = latestConfidence > lastCorrection.preConfidence;
|
|
96
|
+
|
|
97
|
+
// Immutable update: replace last entry with effectiveness result
|
|
98
|
+
const updatedEntry = {
|
|
99
|
+
...lastCorrection,
|
|
100
|
+
postConfidence: latestConfidence,
|
|
101
|
+
effective: improved
|
|
102
|
+
};
|
|
103
|
+
|
|
104
|
+
this.correctionHistory = [
|
|
105
|
+
...this.correctionHistory.slice(0, -1),
|
|
106
|
+
updatedEntry
|
|
107
|
+
];
|
|
108
|
+
}
|
|
109
|
+
|
|
110
|
+
_recordCorrection(correctionId, preConfidence) {
|
|
111
|
+
const entry = {
|
|
112
|
+
correctionId,
|
|
113
|
+
timestamp: new Date().toISOString(),
|
|
114
|
+
preConfidence
|
|
115
|
+
};
|
|
116
|
+
|
|
117
|
+
if (this.correctionHistory.length >= MAX_CORRECTION_HISTORY) {
|
|
118
|
+
this.correctionHistory = [...this.correctionHistory.slice(1), entry];
|
|
119
|
+
} else {
|
|
120
|
+
this.correctionHistory = [...this.correctionHistory, entry];
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
|
|
124
|
+
getEffectivenessRate() {
|
|
125
|
+
if (this.correctionHistory.length === 0) return null;
|
|
126
|
+
const effective = this.correctionHistory.filter(c => c.effective).length;
|
|
127
|
+
return effective / this.correctionHistory.length;
|
|
128
|
+
}
|
|
129
|
+
|
|
56
130
|
_generateGenericRefocus(context) {
|
|
57
131
|
return {
|
|
58
132
|
type: 'scs_refocus',
|
|
@@ -6,10 +6,17 @@
|
|
|
6
6
|
|
|
7
7
|
const crypto = require('crypto');
|
|
8
8
|
|
|
9
|
-
|
|
10
|
-
const ENCLAVE_PRIVATE_KEY = 'tier3-enclave-secret-key-sim'; // In production, this would be a TEE-bound private key
|
|
9
|
+
const EPHEMERAL_ENCLAVE_KEY = crypto.randomBytes(32).toString('hex');
|
|
11
10
|
const SYSTEM_DID = 'did:mindforge:enclave:0xenterprise';
|
|
12
11
|
|
|
12
|
+
let _enclaveWarningShown = false;
|
|
13
|
+
function warnNonTEE() {
|
|
14
|
+
if (!_enclaveWarningShown) {
|
|
15
|
+
console.warn('[SRE] Running in simulated enclave mode — not backed by hardware TEE');
|
|
16
|
+
_enclaveWarningShown = true;
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
|
|
13
20
|
class SREManager {
|
|
14
21
|
constructor() {
|
|
15
22
|
this.activeEnclaves = new Map();
|
|
@@ -25,6 +32,7 @@ class SREManager {
|
|
|
25
32
|
throw new Error(`[SRE-DENY] Tier ${context.tier} principal is not authorized for Sovereign Reason Enclaves.`);
|
|
26
33
|
}
|
|
27
34
|
|
|
35
|
+
warnNonTEE();
|
|
28
36
|
const enclaveId = crypto.randomBytes(12).toString('hex');
|
|
29
37
|
this.activeEnclaves.set(enclaveId, {
|
|
30
38
|
startedAt: new Date().toISOString(),
|
|
@@ -67,7 +75,7 @@ class SREManager {
|
|
|
67
75
|
};
|
|
68
76
|
|
|
69
77
|
// Sign the proof with the Enclave Private Key
|
|
70
|
-
const signature = crypto.createHmac('sha256',
|
|
78
|
+
const signature = crypto.createHmac('sha256', EPHEMERAL_ENCLAVE_KEY)
|
|
71
79
|
.update(JSON.stringify(proofPayload))
|
|
72
80
|
.digest('hex');
|
|
73
81
|
|
|
@@ -93,7 +101,7 @@ class SREManager {
|
|
|
93
101
|
verifyZKProof(certificate) {
|
|
94
102
|
if (certificate.status !== 'SRE-ISOLATED') return false;
|
|
95
103
|
|
|
96
|
-
const expectedSignature = crypto.createHmac('sha256',
|
|
104
|
+
const expectedSignature = crypto.createHmac('sha256', EPHEMERAL_ENCLAVE_KEY)
|
|
97
105
|
.update(JSON.stringify(certificate.proof))
|
|
98
106
|
.digest('hex');
|
|
99
107
|
|
|
@@ -12,7 +12,7 @@ const SUBCOMMAND = ARGS[0];
|
|
|
12
12
|
|
|
13
13
|
async function main() {
|
|
14
14
|
switch (SUBCOMMAND) {
|
|
15
|
-
case 'status':
|
|
15
|
+
case 'status': {
|
|
16
16
|
const history = TemporalHub.getHistory();
|
|
17
17
|
console.log('\n⏳ MindForge Temporal Status');
|
|
18
18
|
console.log(` Snapshots: ${history.length}`);
|
|
@@ -20,6 +20,7 @@ async function main() {
|
|
|
20
20
|
console.log(` Latest: ${history[0].id} (${history[0].timestamp})`);
|
|
21
21
|
}
|
|
22
22
|
break;
|
|
23
|
+
}
|
|
23
24
|
|
|
24
25
|
case 'cleanup':
|
|
25
26
|
console.log('🧹 Cleaning up old temporal snapshots...');
|
|
@@ -27,7 +28,7 @@ async function main() {
|
|
|
27
28
|
console.log('✅ Cleanup complete.');
|
|
28
29
|
break;
|
|
29
30
|
|
|
30
|
-
case 'inject':
|
|
31
|
+
case 'inject': {
|
|
31
32
|
const auditId = ARGS[1];
|
|
32
33
|
const fix = ARGS.slice(2).join(' ');
|
|
33
34
|
if (!auditId || !fix) {
|
|
@@ -42,6 +43,7 @@ async function main() {
|
|
|
42
43
|
process.exit(1);
|
|
43
44
|
}
|
|
44
45
|
break;
|
|
46
|
+
}
|
|
45
47
|
|
|
46
48
|
default:
|
|
47
49
|
console.log('Usage: /mindforge:temporal <status|cleanup|inject>');
|