opmsec 0.1.3 → 0.1.5

package/packages/core/src/benchmarks.ts

@@ -448,3 +448,119 @@ export function evaluateBenchmark(
     reason: passed ? 'Correctly classified' : reason,
   };
 }
+
+/* ─── Batch (single-call) benchmark for fast agent registration ─── */
+
+/**
+ * Response-format-only instructions appended after the candidate's own system prompt.
+ * This tells the model HOW to respond, but the candidate's prompt determines
+ * the actual analysis behaviour.
+ */
+export const BATCH_RESPONSE_FORMAT_INSTRUCTIONS = `
+
+For this benchmark you will be given a series of npm packages (labelled Case 1 through Case N). For each package you must decide whether it should be FLAGGED or SAFE.
+
+You MUST respond with a valid JSON object matching this exact schema — no markdown, no explanation outside the JSON:
+
+{
+  "answers": [
+    { "case": 1, "flagged": <boolean> },
+    { "case": 2, "flagged": <boolean> },
+    ...
+  ]
+}
+
+FLAGGED = true means the package is malicious, dangerous, or high/critical risk.
+SAFE = false means the package is benign and low risk.`;
+
+/**
+ * Build the full system prompt used during batch benchmarking.
+ * If the candidate supplied a custom system prompt it is used as-is,
+ * with the response-format instructions appended.
+ * If no custom prompt is provided, fall back to the default OPM security
+ * auditor prompt so the model still knows its role.
+ */
+export function buildBatchSystemPrompt(candidateSystemPrompt?: string): string {
+  const base = candidateSystemPrompt || SYSTEM_PROMPT;
+  return base + BATCH_RESPONSE_FORMAT_INSTRUCTIONS;
+}
+
+export interface BatchBenchmarkAnswer {
+  case: number;
+  flagged: boolean;
+}
+
+export interface BatchBenchmarkResponse {
+  answers: BatchBenchmarkAnswer[];
+}
+
+export interface BatchBenchmarkResult {
+  caseId: string;
+  category: string;
+  expectedFlagged: boolean;
+  actualFlagged: boolean;
+  passed: boolean;
+}
+
+/**
+ * Determine the expected "flagged" label for a benchmark case.
+ * HIGH / CRITICAL → flagged=true, LOW / MEDIUM → flagged=false.
+ */
+export function expectedFlagForCase(bench: BenchmarkCase): boolean {
+  return bench.expected.risk_level === 'HIGH' || bench.expected.risk_level === 'CRITICAL';
+}
+
+/**
+ * Build a single prompt containing all benchmark cases so the agent
+ * can return all answers in one LLM call.
+ */
+export function buildBatchBenchmarkPrompt(cases: BenchmarkCase[]): string {
+  const sections = cases.map((bench, i) => {
+    const depsStr = Object.entries(bench.metadata.dependencies || {})
+      .map(([k, v]) => `${k}@${v}`)
+      .join(', ') || 'none';
+
+    const scriptsStr = ['preinstall', 'postinstall', 'prepare']
+      .map((s) => `${s}: ${(bench.metadata.scripts as Record<string, string>)?.[s] || 'none'}`)
+      .join(', ');
+
+    const codeStr = bench.sourceFiles
+      .map((f) => `  File: ${f.path} (${f.size} bytes)\n  \`\`\`\n  ${f.content}\n  \`\`\``)
+      .join('\n');
+
+    const cveStr = bench.knownCVEs.length > 0
+      ? `  Known CVEs: ${bench.knownCVEs.map((c) => `${c.id}: ${c.summary}`).join('; ')}\n`
+      : '';
+
+    return `### Case ${i + 1}
+- Name: ${bench.metadata.name}@${bench.metadata.version}
+- Author: ${bench.metadata.author || 'unknown'}
+- License: ${bench.metadata.license || 'none'}
+- Dependencies: ${depsStr}
+- Install scripts: ${scriptsStr}
+${cveStr}${codeStr}`;
+  });
+
+  return `Analyze each of the following ${cases.length} npm packages and decide if it should be FLAGGED or SAFE. Respond with the JSON schema from your system instructions.\n\n${sections.join('\n\n')}`;
+}
+
+/**
+ * Evaluate batch answers against ground-truth labels.
+ */
+export function evaluateBatchBenchmark(
+  cases: BenchmarkCase[],
+  answers: BatchBenchmarkAnswer[],
+): BatchBenchmarkResult[] {
+  return cases.map((bench, i) => {
+    const expected = expectedFlagForCase(bench);
+    const answer = answers.find((a) => a.case === i + 1);
+    const actual = answer?.flagged ?? false;
+    return {
+      caseId: bench.id,
+      category: bench.category,
+      expectedFlagged: expected,
+      actualFlagged: actual,
+      passed: expected === actual,
+    };
+  });
+}

package/packages/core/src/constants.ts

@@ -2,15 +2,15 @@ export const HIGH_RISK_THRESHOLD = 70;
 export const MEDIUM_RISK_THRESHOLD = 40;
 
 export const OPENROUTER_MODELS = {
-  agent1: 'anthropic/claude-sonnet-4-20250514',
-  agent2: 'google/gemini-2.5-flash',
-  agent3: 'deepseek/deepseek-chat',
+  agent1: 'anthropic/claude-opus-4.6',
+  agent2: 'google/gemini-3.1-pro-preview',
+  agent3: 'deepseek/deepseek-v3.2',
 } as const;
 
 export const OPENAI_MODELS = {
-  agent1: 'gpt-4.1',
-  agent2: 'gpt-4.1-mini',
-  agent3: 'gpt-4.1-nano',
+  agent1: 'gpt-5.4',
+  agent2: 'gpt-5.3-codex',
+  agent3: 'gpt-5.2',
 } as const;
 
 export const OPENROUTER_API_URL = 'https://openrouter.ai/api/v1/chat/completions';
@@ -48,3 +48,15 @@ export const SCANNABLE_EXTENSIONS = ['.js', '.ts', '.mjs', '.cjs', '.json'];
 export const MAX_FILE_SIZE_BYTES = 100_000;
 export const MAX_TOTAL_CODE_CHARS = 200_000;
 export const VERSION_LOOKBACK = 3;
+
+export const ENS_REGISTRY_ADDRESS = '0x00000000000C2E074eC69A0dFb2997BA6C7d2e1e';
+
+export const OPM_ENS_KEYS = {
+  version: 'opm.version',
+  checksum: 'opm.checksum',
+  fileverse: 'opm.fileverse',
+  riskScore: 'opm.risk_score',
+  packages: 'opm.packages',
+  signature: 'opm.signature',
+  contract: 'opm.contract',
+} as const;

package/packages/core/src/model-rankings.ts

@@ -53,26 +53,51 @@ export async function fetchModelRankings(): Promise<ModelRanking[]> {
 
 export function getDefaultRankings(): ModelRanking[] {
   return [
-    { id: '1', name: 'Claude Sonnet 4', slug: 'claude-sonnet-4', intelligenceIndex: 55, codingIndex: 52 },
-    { id: '2', name: 'GPT-4.1', slug: 'gpt-4.1', intelligenceIndex: 50, codingIndex: 48 },
-    { id: '3', name: 'Gemini 2.5 Flash', slug: 'gemini-2.5-flash', intelligenceIndex: 52, codingIndex: 45 },
-    { id: '4', name: 'DeepSeek Chat', slug: 'deepseek-chat', intelligenceIndex: 42, codingIndex: 40 },
-    { id: '5', name: 'GPT-4.1-mini', slug: 'gpt-4.1-mini', intelligenceIndex: 40, codingIndex: 38 },
-    { id: '6', name: 'GPT-4.1-nano', slug: 'gpt-4.1-nano', intelligenceIndex: 35, codingIndex: 32 },
+    { id: '1', name: 'Gemini 3.1 Pro Preview', slug: 'gemini-3.1-pro-preview', intelligenceIndex: 57, codingIndex: 55 },
+    { id: '2', name: 'GPT-5.4', slug: 'gpt-5.4', intelligenceIndex: 57, codingIndex: 55 },
+    { id: '3', name: 'GPT-5.3 Codex', slug: 'gpt-5.3-codex', intelligenceIndex: 54, codingIndex: 52 },
+    { id: '4', name: 'Claude Opus 4.6', slug: 'claude-opus-4-6', intelligenceIndex: 53, codingIndex: 51 },
+    { id: '5', name: 'Claude Sonnet 4.6', slug: 'claude-sonnet-4-6', intelligenceIndex: 52, codingIndex: 50 },
+    { id: '6', name: 'GPT-5.2', slug: 'gpt-5.2', intelligenceIndex: 51, codingIndex: 49 },
+    { id: '7', name: 'GLM-5', slug: 'glm-5', intelligenceIndex: 50, codingIndex: 48 },
+    { id: '8', name: 'Grok 4.2 Beta 0309', slug: 'grok-4-2-beta-0309', intelligenceIndex: 48, codingIndex: 46 },
+    { id: '9', name: 'Kimi K2.5', slug: 'kimi-k2-5', intelligenceIndex: 47, codingIndex: 45 },
+    { id: '10', name: 'Gemini 3 Flash', slug: 'gemini-3-flash', intelligenceIndex: 46, codingIndex: 44 },
+    { id: '11', name: 'Qwen 3.5', slug: 'qwen-3-5', intelligenceIndex: 45, codingIndex: 43 },
+    { id: '12', name: 'MiniMax-M2.5', slug: 'minimax-m2-5', intelligenceIndex: 42, codingIndex: 40 },
+    { id: '13', name: 'DeepSeek V3.2', slug: 'deepseek-v3-2', intelligenceIndex: 42, codingIndex: 40 },
+    { id: '14', name: 'MiMo V2 Flash Feb 2026', slug: 'mimo-v2-flash-feb-2026', intelligenceIndex: 41, codingIndex: 39 },
+    { id: '15', name: 'Grok 4.1 Fast', slug: 'grok-4-1-fast', intelligenceIndex: 39, codingIndex: 37 },
+    { id: '16', name: 'Claude 4.5 Haiku', slug: 'claude-4-5-haiku', intelligenceIndex: 37, codingIndex: 35 },
+    { id: '17', name: 'NVIDIA Nemotron 3 Super', slug: 'nvidia-nemotron-3-super', intelligenceIndex: 36, codingIndex: 34 },
+    { id: '18', name: 'Nova 2.0 Pro Preview', slug: 'nova-2-0-pro-preview', intelligenceIndex: 36, codingIndex: 34 },
+    { id: '19', name: 'Gemini 3.1 Flash Lite Preview', slug: 'gemini-3-1-flash-lite-preview', intelligenceIndex: 34, codingIndex: 32 },
+    { id: '20', name: 'gpt-oss-120B', slug: 'gpt-oss-120b', intelligenceIndex: 33, codingIndex: 31 },
+    { id: '21', name: 'K-EXAONE', slug: 'k-exaone', intelligenceIndex: 32, codingIndex: 30 },
+    { id: '22', name: 'gpt-oss-20B', slug: 'gpt-oss-20b', intelligenceIndex: 24, codingIndex: 22 },
+    { id: '23', name: 'NVIDIA Nemotron 3 Nano', slug: 'nvidia-nemotron-3-nano', intelligenceIndex: 24, codingIndex: 22 },
+    { id: '24', name: 'K2 Think V2', slug: 'k2-think-v2', intelligenceIndex: 24, codingIndex: 22 },
+    { id: '25', name: 'Mi:dm K 2.5 Pro', slug: 'midm-k-2-5-pro', intelligenceIndex: 23, codingIndex: 21 },
+    { id: '26', name: 'Mistral Large 3', slug: 'mistral-large-3', intelligenceIndex: 23, codingIndex: 21 },
+    { id: '27', name: 'Llama 4 Maverick', slug: 'llama-4-maverick', intelligenceIndex: 18, codingIndex: 16 },
   ];
 }
 
 const MODEL_SLUGS: Record<string, string> = {
-  'anthropic/claude-sonnet-4-20250514': 'claude-sonnet-4',
-  'anthropic/claude-sonnet-4': 'claude-sonnet-4',
+  'anthropic/claude-opus-4.6': 'claude-opus-4-6',
+  'anthropic/claude-sonnet-4.6': 'claude-sonnet-4-6',
+  'anthropic/claude-opus-4': 'claude-opus-4-6',
+  'google/gemini-3.1-pro-preview': 'gemini-3.1-pro-preview',
+  'google/gemini-3-flash': 'gemini-3-flash',
   'google/gemini-2.5-flash': 'gemini-2.5-flash',
-  'deepseek/deepseek-chat': 'deepseek-chat',
-  'openai/gpt-4.1': 'gpt-4.1',
-  'gpt-4.1': 'gpt-4.1',
-  'openai/gpt-4.1-mini': 'gpt-4.1-mini',
-  'gpt-4.1-mini': 'gpt-4.1-mini',
-  'openai/gpt-4.1-nano': 'gpt-4.1-nano',
-  'gpt-4.1-nano': 'gpt-4.1-nano',
+  'deepseek/deepseek-v3.2': 'deepseek-v3-2',
+  'deepseek/deepseek-chat': 'deepseek-v3-2',
+  'openai/gpt-5.4': 'gpt-5.4',
+  'gpt-5.4': 'gpt-5.4',
+  'openai/gpt-5.3-codex': 'gpt-5.3-codex',
+  'gpt-5.3-codex': 'gpt-5.3-codex',
+  'openai/gpt-5.2': 'gpt-5.2',
+  'gpt-5.2': 'gpt-5.2',
 };
 
 function findModel(rankings: ModelRanking[], modelSlug: string): ModelRanking | undefined {

package/packages/core/src/types.ts

@@ -143,3 +143,13 @@ export interface CheckReport {
   deps: CheckDepResult[];
   agents: CheckAgentResult[];
 }
+
+export interface OPMENSRecords {
+  version?: string;
+  checksum?: string;
+  fileverse?: string;
+  riskScore?: string;
+  packages?: string;
+  signature?: string;
+  contract?: string;
+}

package/packages/core/src/utils.ts

@@ -1,5 +1,5 @@
 import { HIGH_RISK_THRESHOLD, MEDIUM_RISK_THRESHOLD } from './constants';
-import type { RiskLevel, AgentScanResult } from './types';
+import type { RiskLevel, AgentScanResult, SupplyChainIndicators, VersionAnalysis } from './types';
 
 export function classifyRisk(score: number): RiskLevel {
   if (score >= HIGH_RISK_THRESHOLD) return 'HIGH';
@@ -45,6 +45,141 @@ export function validateScanResult(obj: unknown): obj is AgentScanResult {
   );
 }
 
+const VALID_RISK_LEVELS = ['LOW', 'MEDIUM', 'HIGH', 'CRITICAL'] as const;
+const VALID_RECOMMENDATIONS = ['SAFE', 'CAUTION', 'WARN', 'BLOCK'] as const;
+const SCORE_KEYS = ['risk_score', 'score', 'riskScore', 'risk_rating'];
+const LEVEL_KEYS = ['risk_level', 'riskLevel', 'level', 'severity', 'verdict', 'rating'];
+const TEXT_KEYS = ['reasoning', 'summary', 'explanation', 'description', 'analysis', 'one_line_summary', 'one_liner'];
+
+function deepFind(obj: Record<string, any>, keys: string[], type: 'number' | 'string', depth = 0): any {
+  if (depth > 4 || !obj || typeof obj !== 'object') return undefined;
+  for (const key of keys) {
+    const val = obj[key];
+    if (val !== undefined && val !== null) {
+      if (type === 'number') {
+        if (typeof val === 'number') return val;
+        if (typeof val === 'string' && !isNaN(parseFloat(val))) return parseFloat(val);
+      } else if (type === 'string' && typeof val === 'string' && val.length > 0) {
+        return val;
+      }
+    }
+  }
+  for (const key of Object.keys(obj)) {
+    const val = obj[key];
+    if (val && typeof val === 'object' && !Array.isArray(val)) {
+      const found = deepFind(val, keys, type, depth + 1);
+      if (found !== undefined) return found;
+    }
+  }
+  return undefined;
+}
+
+function deepFindArray(obj: Record<string, any>, keys: string[], depth = 0): any[] | undefined {
+  if (depth > 4 || !obj || typeof obj !== 'object') return undefined;
+  for (const key of keys) {
+    if (Array.isArray(obj[key])) return obj[key];
+  }
+  for (const key of Object.keys(obj)) {
+    const val = obj[key];
+    if (val && typeof val === 'object' && !Array.isArray(val)) {
+      const found = deepFindArray(val, keys, depth + 1);
+      if (found) return found;
+    }
+  }
+  return undefined;
+}
+
+function deepFindObj(obj: Record<string, any>, keys: string[], depth = 0): Record<string, any> | undefined {
+  if (depth > 3 || !obj || typeof obj !== 'object') return undefined;
+  for (const key of keys) {
+    const val = obj[key];
+    if (val && typeof val === 'object' && !Array.isArray(val)) return val;
+  }
+  return undefined;
+}
+
+function normalizeRiskLevel(val: unknown): RiskLevel {
+  if (typeof val !== 'string') return 'MEDIUM';
+  const upper = val.toUpperCase().trim();
+  if (VALID_RISK_LEVELS.includes(upper as RiskLevel)) return upper as RiskLevel;
+  if (upper === 'SAFE' || upper === 'NONE' || upper === 'INFO') return 'LOW';
+  if (upper === 'MODERATE' || upper === 'SUSPICIOUS') return 'MEDIUM';
+  if (upper === 'DANGEROUS' || upper === 'SEVERE') return 'CRITICAL';
+  return 'MEDIUM';
+}
+
+function normalizeRecommendation(val: unknown, riskLevel: RiskLevel): string {
+  if (typeof val === 'string') {
+    const upper = val.toUpperCase().trim();
+    if (VALID_RECOMMENDATIONS.includes(upper as any)) return upper;
+  }
+  const map: Record<RiskLevel, string> = { LOW: 'SAFE', MEDIUM: 'CAUTION', HIGH: 'WARN', CRITICAL: 'BLOCK' };
+  return map[riskLevel] || 'CAUTION';
+}
+
+/**
+ * Recursively searches an arbitrarily-shaped LLM response for risk_score,
+ * risk_level, reasoning, etc. and assembles a valid AgentScanResult.
+ */
+export function normalizeScanResult(raw: unknown): AgentScanResult | null {
+  if (!raw || typeof raw !== 'object') return null;
+  const o = raw as Record<string, any>;
+
+  const riskScore = deepFind(o, SCORE_KEYS, 'number');
+  if (riskScore === undefined || isNaN(riskScore)) return null;
+
+  const rawLevel = deepFind(o, LEVEL_KEYS, 'string');
+  const riskLevel = normalizeRiskLevel(rawLevel);
+
+  const reasoning = deepFind(o, TEXT_KEYS, 'string') ?? `Risk score: ${riskScore}`;
+
+  const rawVulns = deepFindArray(o, ['vulnerabilities', 'findings', 'issues', 'alerts', 'concerns']);
+  const vulnerabilities = rawVulns
+    ? rawVulns.map((f: any) => ({
+        severity: normalizeRiskLevel(f.severity ?? f.level ?? f.risk_level),
+        category: f.category || f.type || f.issue || 'unknown',
+        description: f.description || f.message || f.detail || f.title || '',
+        file: f.file || f.location || f.path || '',
+        evidence: f.evidence || f.code || f.snippet || '',
+      }))
+    : [];
+
+  const sci = deepFindObj(o, ['supply_chain_indicators', 'supplyChainIndicators', 'indicators']);
+  const supply_chain_indicators: SupplyChainIndicators = (sci as SupplyChainIndicators) ?? {
+    has_install_scripts: false,
+    has_native_bindings: false,
+    has_obfuscated_code: false,
+    has_network_calls: false,
+    has_filesystem_access: false,
+    has_process_spawn: false,
+    has_eval_usage: false,
+    accesses_env_variables: false,
+  };
+
+  const va = deepFindObj(o, ['version_analysis', 'versionAnalysis']);
+  const version_analysis: VersionAnalysis = (va as VersionAnalysis) ?? {
+    version_reviewed: deepFind(o, ['version', 'version_reviewed'], 'string') ?? '',
+    previous_versions_reviewed: [],
+    changelog_risk: 'NONE',
+    changelog_reasoning: '',
+  };
+
+  const recommendation = normalizeRecommendation(
+    deepFind(o, ['recommendation', 'action', 'verdict'], 'string'),
+    riskLevel,
+  );
+
+  return {
+    risk_score: Math.max(0, Math.min(100, Math.round(riskScore))),
+    risk_level: riskLevel,
+    reasoning,
+    vulnerabilities,
+    supply_chain_indicators,
+    version_analysis,
+    recommendation: recommendation as any,
+  };
+}
+
 export function safeJsonParse<T>(raw: string): T | null {
   try {
     return JSON.parse(raw) as T;

package/packages/scanner/src/index.ts

@@ -8,8 +8,9 @@ export { callLLM, callLLMRaw, getLLMProvider } from './services/openrouter';
 export { fetchPackageData, extractMetadata, buildVersionHistory, fetchSourceFiles, extractLocalSourceFiles, buildLocalPackageData } from './services/npm-registry';
 export { submitScoreOnChain, setReportURIOnChain } from './services/contract-writer';
 export { uploadReportToFileverse, uploadCheckReportToFileverse, fetchReportFromFileverse } from './services/fileverse';
+export type { FileverseUploadResult } from './services/fileverse';
 export { formatCheckReportAsMarkdown } from './services/report-formatter';
-export { runBenchmarkSuite, type AgentCandidate, type BenchmarkRunResult } from './services/benchmark-runner';
+export { runBenchmarkSuite, runBatchBenchmarkSuite, type AgentCandidate, type BenchmarkRunResult, type BatchBenchmarkRunResult } from './services/benchmark-runner';
 export { generateProof, verifyProof, generateCommitment, proofToOnChainBytes, type ZKProof } from './services/zk-verifier';
 
 if (import.meta.main) {

package/packages/scanner/src/queue/memory-queue.ts

@@ -8,6 +8,7 @@ import { uploadReportToFileverse } from '../services/fileverse';
 export interface ScanJobResult {
   report: ScanReport;
   reportURI: string;
+  ipfsHash?: string;
 }
 
 const activeJobs = new Map<string, Promise<ScanJobResult>>();
@@ -77,9 +78,13 @@ async function executeScan(
 
   log('Uploading report to Fileverse...');
   let reportURI: string;
+  let ipfsHash: string | undefined;
   try {
-    reportURI = await uploadReportToFileverse(report);
+    const uploadResult = await uploadReportToFileverse(report);
+    reportURI = uploadResult.link;
+    ipfsHash = uploadResult.ipfsHash;
     log(`Report uploaded: ${reportURI}`);
+    if (ipfsHash) log(`IPFS content hash: ${ipfsHash}`);
   } catch (err) {
     log(`Fileverse upload failed: ${err}`);
     reportURI = `local://report-${packageName}-${version}`;
@@ -92,5 +97,5 @@ async function executeScan(
     log(`On-chain report URI: ${err?.shortMessage || err?.message || 'failed'}`);
   }
 
-  return { report, reportURI };
+  return { report, reportURI, ipfsHash };
 }

package/packages/scanner/src/services/benchmark-runner.ts

@@ -3,10 +3,16 @@ import {
   buildBenchmarkPrompt,
   evaluateBenchmark,
   SYSTEM_PROMPT,
+  buildBatchSystemPrompt,
+  buildBatchBenchmarkPrompt,
+  evaluateBatchBenchmark,
+  expectedFlagForCase,
   type BenchmarkCase,
   type BenchmarkResult,
+  type BatchBenchmarkResponse,
+  type BatchBenchmarkResult,
 } from '@opm/core';
-import { callLLM } from './openrouter';
+import { callLLM, callLLMRaw } from './openrouter';
 import {
   generateCommitment,
   generateProof,
@@ -32,6 +38,85 @@ export interface BenchmarkRunResult {
   failureReasons: string[];
 }
 
+/** Result type for the fast single-call batch benchmark */
+export interface BatchBenchmarkRunResult {
+  candidate: AgentCandidate;
+  results: BatchBenchmarkResult[];
+  passed: number;
+  failed: number;
+  total: number;
+  accuracyPct: number;
+  zkProof: ZKProof;
+  verified: boolean;
+}
+
+/**
+ * Fast single-call benchmark: sends all 10 cases in one prompt,
+ * gets back 10 flagged/safe answers, compares to ground truth,
+ * generates ZK proof. ~10x faster than runBenchmarkSuite.
+ */
+export async function runBatchBenchmarkSuite(
+  candidate: AgentCandidate,
+  onStatus?: (msg: string) => void,
+): Promise<BatchBenchmarkRunResult> {
+  const log = onStatus || console.log;
+  const benchmarks = generateBenchmarkDataset();
+
+  // Expected verdicts: 1 = flagged, 0 = safe
+  const expectedVerdicts = benchmarks.map((b) => expectedFlagForCase(b) ? 1 : 0);
+
+  log(`Generating commitment for ${benchmarks.length} test cases...`);
+  const commitment = generateCommitment(expectedVerdicts);
+  log(`Commitment: ${commitment.expectedHash.slice(0, 16)}…`);
+
+  log(`Sending ${benchmarks.length} cases to ${candidate.model} (single call)...`);
+  const userPrompt = buildBatchBenchmarkPrompt(benchmarks);
+  // Use the candidate's own system prompt so a bad prompt actually fails the benchmark
+  const systemPrompt = buildBatchSystemPrompt(candidate.systemPrompt);
+
+  const response = await callLLMRaw<BatchBenchmarkResponse>(
+    candidate.model,
+    systemPrompt,
+    userPrompt,
+  );
+
+  if (!response?.answers || !Array.isArray(response.answers)) {
+    throw new Error(`Agent returned invalid batch response — expected { answers: [...] }`);
+  }
+
+  log(`Received ${response.answers.length} answers, evaluating...`);
+
+  const results = evaluateBatchBenchmark(benchmarks, response.answers);
+  const actualVerdicts = results.map((r) => r.actualFlagged ? 1 : 0);
+
+  const passed = results.filter((r) => r.passed).length;
+  const failed = results.filter((r) => !r.passed).length;
+  const accuracyPct = Math.round((passed / results.length) * 100);
+
+  results.forEach((r, i) => {
+    const icon = r.passed ? '✓' : '✗';
+    log(`  ${icon} Case ${i + 1} (${r.category}): ${r.actualFlagged ? 'FLAGGED' : 'SAFE'} — expected ${r.expectedFlagged ? 'FLAGGED' : 'SAFE'}`);
+  });
+
+  log(`Accuracy: ${passed}/${results.length} (${accuracyPct}%)`);
+  log('Generating ZK proof...');
+
+  const zkProof = generateProof(commitment, expectedVerdicts, actualVerdicts);
+  const verified = verifyProof(zkProof);
+  log(`ZK proof ${verified ? 'verified ✓' : 'INVALID ✗'}`);
+
+  return {
+    candidate,
+    results,
+    passed,
+    failed,
+    total: results.length,
+    accuracyPct,
+    zkProof,
+    verified,
+  };
+}
+
 export async function runBenchmarkSuite(
   candidate: AgentCandidate,
   onStatus?: (msg: string) => void,

package/packages/scanner/src/services/fileverse.ts

@@ -11,7 +11,49 @@ function getApiConfig() {
   return { apiUrl, apiKey };
 }
 
-export async function uploadReportToFileverse(report: ScanReport): Promise<string> {
+export interface FileverseUploadResult {
+  link: string;
+  ipfsHash?: string;
+}
+
+interface DdocResponse {
+  ddocId: string;
+  syncStatus: string;
+  link?: string;
+  contentHash?: string;
+  ipfsHash?: string;
+  cid?: string;
+  ipfsCid?: string;
+  [key: string]: unknown;
+}
+
+function extractIPFSHash(data: DdocResponse, log?: (msg: string) => void): string | undefined {
+  const knownFields = ['contentHash', 'ipfsHash', 'cid', 'ipfsCid', 'hash', 'ipfs', 'contentId'];
+  for (const field of knownFields) {
+    const val = data[field];
+    if (typeof val === 'string' && val.length > 0) return val;
+  }
+
+  for (const [key, val] of Object.entries(data)) {
+    if (typeof val === 'string' && (val.startsWith('Qm') || val.startsWith('bafy'))) {
+      return val;
+    }
+  }
+
+  if (data.link) {
+    const ipfsMatch = data.link.match(/\/ipfs\/(Qm[A-Za-z0-9]{44,}|bafy[a-z2-7]{50,})/);
+    if (ipfsMatch) return ipfsMatch[1];
+  }
+
+  if (log) {
+    const keys = Object.keys(data).filter((k) => !['ddocId', 'syncStatus', 'link'].includes(k));
+    if (keys.length > 0) log(`Fileverse extra fields: ${keys.join(', ')}`);
+  }
+
+  return undefined;
+}
+
+export async function uploadReportToFileverse(report: ScanReport): Promise<FileverseUploadResult> {
   const { apiUrl, apiKey } = getApiConfig();
 
   const title = `OPM Security Report: ${report.package}@${report.version}`;
@@ -28,16 +70,19 @@ export async function uploadReportToFileverse(report: ScanReport): Promise<strin
     throw new Error(`Fileverse create failed (${res.status}): ${body}`);
   }
 
-  const { data } = await res.json() as { data: { ddocId: string; syncStatus: string; link?: string } };
+  const { data } = await res.json() as { data: DdocResponse };
   const ddocId = data.ddocId;
+  let ipfsHash = extractIPFSHash(data);
 
-  if (data.syncStatus === 'synced' && data.link) return data.link;
+  if (data.syncStatus === 'synced' && data.link) {
+    return { link: data.link, ipfsHash };
+  }
 
-  const link = await pollForSync(apiUrl, apiKey, ddocId);
-  return link;
+  const syncResult = await pollForSync(apiUrl, apiKey, ddocId);
+  return { link: syncResult.link, ipfsHash: ipfsHash || syncResult.ipfsHash };
 }
 
-async function pollForSync(apiUrl: string, apiKey: string, ddocId: string): Promise<string> {
+async function pollForSync(apiUrl: string, apiKey: string, ddocId: string): Promise<FileverseUploadResult> {
   const start = Date.now();
 
   while (Date.now() - start < POLL_TIMEOUT_MS) {
@@ -46,15 +91,17 @@ async function pollForSync(apiUrl: string, apiKey: string, ddocId: string): Prom
     const res = await fetch(`${apiUrl}/api/ddocs/${ddocId}?apiKey=${encodeURIComponent(apiKey)}`);
     if (!res.ok) continue;
 
-    const doc = await res.json() as { syncStatus: string; link?: string };
-    if (doc.syncStatus === 'synced' && doc.link) return doc.link;
+    const doc = await res.json() as DdocResponse;
+    if (doc.syncStatus === 'synced' && doc.link) {
+      return { link: doc.link, ipfsHash: extractIPFSHash(doc) };
+    }
     if (doc.syncStatus === 'failed') throw new Error('Fileverse blockchain sync failed');
   }
 
-  return `https://ddocs.new/pending/${ddocId}`;
+  return { link: `https://ddocs.new/pending/${ddocId}` };
 }
 
-export async function uploadCheckReportToFileverse(report: CheckReport): Promise<string> {
+export async function uploadCheckReportToFileverse(report: CheckReport): Promise<FileverseUploadResult> {
   const { apiUrl, apiKey } = getApiConfig();
   const title = `OPM Check Report: ${report.project} (${report.totalDeps} deps)`;
   const content = formatCheckReportAsMarkdown(report);
@@ -70,8 +117,10 @@ export async function uploadCheckReportToFileverse(report: CheckReport): Promise
     throw new Error(`Fileverse create failed (${res.status}): ${body}`);
   }
 
-  const { data } = await res.json() as { data: { ddocId: string; syncStatus: string; link?: string } };
-  if (data.syncStatus === 'synced' && data.link) return data.link;
+  const { data } = await res.json() as { data: DdocResponse };
+  if (data.syncStatus === 'synced' && data.link) {
+    return { link: data.link, ipfsHash: extractIPFSHash(data) };
+  }
   return pollForSync(apiUrl, apiKey, data.ddocId);
 }