mindforge-cc 3.0.0 → 4.3.0

package/docs/security/ZTAI-OVERVIEW.md

@@ -0,0 +1,37 @@
+# Zero-Trust Agentic Identity (ZTAI) Overview
+
+MindForge v4.2 introduces **ZTAI Beast Mode**, an enterprise-grade identity layer that ensures every agent action is cryptographically signed and non-repudiable.
+
+## 1. Asymmetric Identity Model
+Every MindForge persona in the 32+ agent library is assigned a unique asymmetric key pair (Ed25519) upon project initialization or agent spawning.
+
+- **Private Key**: Stored securely in the local `.mindforge/identity` vault (never exposed).
+- **Public Key / DID**: Represented as a **Decentralized Identifier (DID)** in the format `did:mf:<key-fingerprint>`.
+
+## 2. Trust Tiers & Signing Requirements
+MindForge enforces tiered signing based on the risk level of the persona's actions.
+
+| Tier | Persona Examples | Signing Tech | Integrity Proof |
+| :--- | :--- | :--- | :--- |
+| **T0** | `mf-researcher`, `mf-query` | None | Audit log entry only. |
+| **T1** | `mf-executor`, `mf-coder` | Ed25519 (Software) | Signed JSON payload. |
+| **T2** | `security-auditor`, `ui-specialist` | Ed25519 (Software) | Signed Block + Peer Review. |
+| **T3** | `mf-planner`, `system-architect` | **Secure Enclave (HSM)** | Enclave-attested signature. |
+
+*Note: T3 agents utilize a simulated hardware-secured enclave (HSM) to ensure principal-level accountability.*
+
+## 3. Non-Repudiable Audit Manifests
+The `ZTAIArchiver` generates high-fidelity integrity proofs for the session history.
+
+- **Merkle-Root Chain**: Every 50 audit entries trigger the generation of a Merkle-root.
+- **Manifest Finalization**: The cumulative root of all audit entries is signed by the **Principal Agent (T3)**.
+- **Tamper Detection**: Any modification to the `AUDIT.jsonl` file will invalidate the Merkle-proof, triggering an immediate security alert.
+
+## 4. Key Provider Abstraction
+The `ZTAIManager` uses a pluggable `KeyProvider` architecture:
+- `FileSystemProvider`: Standard key storage for T1/T2 agents.
+- `SecureEnclaveProvider`: Simulates hardware-backed signing for T3 agents.
+- `KMSProvider` (Future): Integration with AWS/GCP/Azure Key Management Services.
+
+## 5. Governance Integration
+ZTAI identities are verified during the `/mindforge:verify-phase` and `/mindforge:ship` processes. High-tier changes will be BLOCKED if the cryptographic signatures are missing or invalid.

package/docs/usp-features.md

@@ -1,6 +1,6 @@
-# MindForge v3.0.0 — Unique Selling Points, Features, and Best Practices (v3.0.0)
+# MindForge v4.2.5 — Unique Selling Points, Features, and Best Practices (v4.2.5)
 
-This document summarizes what makes MindForge v2.0.0 distinct, what features
+This document summarizes what makes MindForge v4.1.0 distinct, what features
 are included in the official release, and how to use them effectively.
 
 ---
@@ -58,6 +58,18 @@ are included in the official release, and how to use them effectively.
 16. **Temporal Vision (v3)**
     - Full-fidelity history navigation, hindsight injection, and automated state repair across the execution wave.
 
+17. **Dynamic Swarm Orchestration (v4)**
+    - Parallel "Agentic Mesh" with shared state (`SWARM-STATE.json`) and leader-led synthesis of specialist outcomes.
+
+18. **Zero-Trust Agentic Identity "Beast Mode" (v4.2)**
+    - Non-repudiable audit trails signed by unique Decentralized Identifiers (DIDs) for every swarm action. Tier 3 agents use simulated **Secure Enclave (HSM)** signing.
+
+19. **MindForge Nexus: Agentic Reasoning Tracing (v4.1)**
+    - High-fidelity **ART** spans embedded in the execution engine, providing deep visibility into agentic "thought chains" and parallel mesh reasoning.
+
+20. **Global Intelligence Mesh (v4.2)**
+    - Cross-repository knowledge sharing via the **Semantic Hub**. Proactive **Ghost Pattern Detection** identifies and prevents repeating past organizational failures.
+
 ---
 
 ## Feature Set (v2.0.0)
@@ -247,6 +259,67 @@ preserving scope (local vs global).
 
 ---
 
+### 21. Dynamic Swarm Mesh (v4)
+**What it does:** Orchestrates parallel specialist clusters (e.g., Security, UI, Data) with automated state coordination.
+
+**How to use:**
+```bash
+/mindforge:swarm spawn --template [NAME]
+/mindforge:swarm status --mesh
+```
+
+---
+
+### 22. ZTAI Governance & Beast Mode (v4.2)
+**What it does:** Enforces cryptographic signing and trust-tier validation for all autonomous agent actions. Tier 3 agents utilize simulated Secure Enclaves for principal-level non-repudiation.
+
+**How to use:**
+```bash
+/mindforge:identity verify [AGENT_ID]
+/mindforge:identity sign --did
+/mindforge:identity audit --manifest # Generates Merkle-root integrity proof
+```
+
+---
+
+### 23. Global Intelligence Mesh (v4.2)
+**What it does:** Synchronizes local repo memory with a global organizational store. Includes Ghost Pattern Detection to flag architectural anti-patterns from past failures.
+
+**How to use:**
+```bash
+/mindforge:memory sync --global
+/mindforge:memory status --mesh
+/mindforge:plan-phase --detect-ghosts # Automated during planning
+```
+---
+
+### 24. Autonomous FinOps Hub (v4.3)
+**What it does:** Enterprise-grade economics engine that treats compute as a first-class resource. The `ModelBroker` utilizes a **Confidence-to-Cost (C2C)** engine to dynamically route tasks based on complexity and trust tier.
+
+**How to use:**
+```bash
+/mindforge:finops status # View consumption and budget profile
+/mindforge:costs --roi # Detailed Agentic ROI analysis
+/mindforge:finops budget 500 # Set project-level budget ($500)
+```
+
+---
+
+### 25. Proactive Equilibrium (Self-Healing) (v4.3)
+**What it does:** Achieves autonomous reliability via a `WaveFeedbackLoop`. If execution divergence exceeds 20%, the system performs **Temporal Hindsight** analysis and automatically rewrites the plan to recover.
+
+**How to use:**
+- Automated: Triggers during `/mindforge:execute-phase` when divergence is detected.
+- Manual: `/mindforge:temporal analyze` to run RCA on the last wave.
+**What it does:** High-fidelity Agentic Reasoning Tracing (ART) for the agentic mesh. Logs spans, parent-trace IDs, and granular reasoning traces.
+
+**How to use:**
+- Automated: Every wave/task execution triggers Nexus Tracer spans.
+- Manual: Query `.planning/AUDIT.jsonl` for `trace_id` and `span_id` chains.
+- Dashboard: Real-time visualization of mesh traces and reasoning heatmaps.
+
+---
+
 ### 15. SDK (TypeScript)
 **What it does:** Programmatic access to health, audit log, event stream, and commands.
 
@@ -304,6 +377,4 @@ const report = await client.health();
 ---
 
 ## Summary
-MindForge v2.0.0 combines governance, observability, and autonomous execution rigor into a
-single workflow engine that works across 6 major AI runtimes. Its core
-value is consistent, repeatable quality in long‑running AI development sessions.
+MindForge v4.3.0 combines governance, observability, and autonomous execution rigor with **enterprise-grade economics (FinOps)** and **self-healing reliability**. Its core value is providing a non-repudiable, cost-optimized, and resilient AI development engine for the most demanding software projects.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mindforge-cc",
-  "version": "3.0.0",
+  "version": "4.3.0",
   "description": "MindForge - Enterprise Agentic Framework for Claude Code and Antigravity",
   "bin": {
     "mindforge-cc": "bin/install.js"