nyxora 1.5.2 → 1.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +11 -28
  2. package/package.json +1 -1
  3. package/packages/core/package.json +1 -1
  4. package/packages/dashboard/package.json +1 -1
  5. package/packages/policy/package.json +1 -1
  6. package/packages/signer/package.json +1 -1
package/README.md CHANGED
@@ -1,13 +1,13 @@
1
1
  # Nyxora Agent 🤖
2
2
  **Production-Grade Secure AI Execution Framework for Web3 Agents.**
3
3
 
4
- [![Version](https://img.shields.io/badge/version-1.5.2-blue.svg)](https://github.com/perasyudha/Nyxora)
4
+ [![Version](https://img.shields.io/badge/version-1.5.3-blue.svg)](https://github.com/perasyudha/Nyxora)
5
5
  [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
6
6
  [![Security: Production-Grade](https://img.shields.io/badge/Security-Production--Grade-blue.svg)](#️-advanced-security-threat-model)
7
7
  [![Execution: Cryptographic Approval](https://img.shields.io/badge/Execution-Cryptographic--Approval-orange.svg)](#️-advanced-security-threat-model)
8
8
  [![Privacy: Local-Only Keys](https://img.shields.io/badge/Privacy-Local--Only--Keys-success.svg)](#️-advanced-security-threat-model)
9
9
 
10
- Nyxora (v1.5.2) is a **secure, non-custodial runtime infrastructure for autonomous onchain agents** built with a robust Monorepo architecture (Node.js & React). Designed for autonomous workflows with a premium Glassmorphism UI dashboard and strict client-side key isolation.
10
+ Nyxora (v1.5.3) is a **secure, non-custodial runtime infrastructure for autonomous onchain agents** built with a robust Monorepo architecture (Node.js & React). Designed for autonomous workflows with a premium Glassmorphism UI dashboard and strict client-side key isolation.
11
11
 
12
12
  It operates under an institutional-grade **Cryptographically Bound Human-in-the-Loop** execution model, ensuring that Remote AIs (LLMs) never have unilateral access to your funds.
13
13
 
@@ -15,7 +15,7 @@ It operates under an institutional-grade **Cryptographically Bound Human-in-the-
15
15
 
16
16
  ## 🔥 Key Features
17
17
 
18
- ### Advanced Security Architecture (v1.5.2)
18
+ ### Advanced Security Architecture (v1.5.3)
19
19
  * **3-Tier IPC Architecture**: Nyxora is split into isolated processes: **Core** (LLM Runtime), **Policy Engine** (Guardrails on port 3001), and **Signer Vault** (Isolated Key Manager on Unix Sockets).
20
20
  * **Cryptographically Bound Approval**: Policy changes and transactions requested by the AI are drafted as hashes (`sha256`). Approval via the UI requires a challenge nonce, preventing Man-in-the-Middle (MITM) attacks.
21
21
  * **Immutable Policy Guardrails**: Transaction limits (e.g. `max_usd_per_tx`) are strictly enforced by the Policy Engine. The LLM has zero write-access to bypass these rules.
@@ -37,42 +37,25 @@ It operates under an institutional-grade **Cryptographically Bound Human-in-the-
37
37
 
38
38
  The following diagram illustrates Nyxora's **3-Tier Monorepo Architecture**, showing the isolated communication channels (REST API and Unix Socket).
39
39
 
40
- ```mermaid
41
- flowchart TD
42
- User([👨‍💻 Human Operator]) --> |Prompt / Dashboard| Core
43
-
44
- subgraph Nyxora Architecture
45
- Core[🤖 Core Agent\nLLM Runtime & Plugins\nPort: 3000]
46
- Policy[🛡️ Policy Engine\nGuardrails & Enforcements\nPort: 3001]
47
- Signer[🔒 Signer Vault\nPrivate Keys\nUnix Socket]
48
- end
49
-
50
- Core -->|1. Propose Tx / Policy| Policy
51
- Policy -.->|2. Request Challenge Nonce| User
52
- User -.->|3. Cryptographic Approval| Policy
53
- Policy -->|4. If Valid, Pass to Signer| Signer
54
- Signer -->|5. Sign & Broadcast| Blockchain[(Blockchain)]
55
- ```
40
+ ![Architecture Workflow](assets/architecture.svg)
41
+
42
+ *Nyxora memisahkan tugasnya menjadi 3 lapisan independen untuk keamanan mutlak:*
43
+ 1. **🧠 Core (Otak AI)**: Asisten cerdas yang memikirkan strategi dan merencanakan transaksi, tapi **tidak pernah** memegang uang Anda.
44
+ 2. **🛡️ Policy Engine (Satpam)**: Penjaga yang memverifikasi rencana si Otak. Jika AI mencoba mengirim dana melebihi batas, satpam ini otomatis akan memblokirnya.
45
+ 3. **🔒 Signer Vault (Brankas)**: Brankas rahasia tempat *Private Key* Anda dikunci. Hanya akan mencetak transaksi jika sudah lolos dari pemeriksaan berlapis.
56
46
 
57
47
  ---
58
48
 
59
49
  ## 🛡️ Advanced Security & Threat Model
60
50
 
61
- This agent is designed with a **Zero-Knowledge to LLM** architectural pattern.
62
-
63
- * **Zero-Knowledge LLM**: Remote AI Agents and Large Language Models (LLMs) **never** handle your private keys. The LLM only generates structured JSON tool calls.
64
- * **Cryptographic Memory Isolation**: Transaction signing occurs strictly client-side within the `Signer Vault` (a separate process). It is communicated via a secure Unix Socket (`/tmp/nyxora-signer.sock`).
65
- * **Immutable Policy Store & HMAC**: Security rules (`policy.yaml`) are treated as immutable configurations during runtime. Changes require explicit cryptographic human approval.
66
- * **Plugin Sandboxing**: Built with future plugin ecosystems in mind. Third-party plugins are explicitly denied unrestricted `fs` (FileSystem) and `shell` access to prevent supply chain attacks.
67
-
68
- *(Note: HMAC Signing & Challenge Nonce strict validations are part of the upcoming v1.6.0 Implementation Roadmap, currently documented as our official Security Blueprint in v1.5.2)*
51
+ Untuk menyelami desain keamanan arsitektur *Zero-Knowledge* kami secara mendalam, silakan kunjungi [Nyxora Security Blueprint](https://perasyudha.github.io/Nyxora/).
69
52
 
70
53
  ---
71
54
 
72
55
  ## 🚀 Quick Start & Installation
73
56
 
74
57
  ### Local Development & Execution
75
- With the new v1.5.2 Monorepo architecture, launching Nyxora is completely automated via the internal `launcher.ts` orchestrator.
58
+ With the new v1.5.3 Monorepo architecture, launching Nyxora is completely automated via the internal `launcher.ts` orchestrator.
76
59
 
77
60
  ```bash
78
61
  git clone https://github.com/perasyudha/Nyxora.git
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "nyxora",
3
- "version": "1.5.2",
3
+ "version": "1.5.3",
4
4
  "workspaces": [
5
5
  "packages/*"
6
6
  ],
package/packages/core/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nyxora/core",
3
- "version": "1.5.2",
3
+ "version": "1.5.3",
4
4
  "private": true,
5
5
  "main": "src/gateway/server.ts",
6
6
  "dependencies": {
package/packages/dashboard/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "dashboard",
3
3
  "private": true,
4
- "version": "1.5.2",
4
+ "version": "1.5.3",
5
5
  "type": "module",
6
6
  "scripts": {
7
7
  "dev": "vite",
package/packages/policy/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nyxora/policy",
3
- "version": "1.5.2",
3
+ "version": "1.5.3",
4
4
  "private": true,
5
5
  "main": "src/server.ts",
6
6
  "dependencies": {
package/packages/signer/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nyxora/signer",
3
- "version": "1.5.2",
3
+ "version": "1.5.3",
4
4
  "private": true,
5
5
  "main": "src/server.ts",
6
6
  "dependencies": {