tryassay 0.3.0 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/pricing-enforcer.d.ts +45 -0
- package/dist/api/pricing-enforcer.js +144 -0
- package/dist/api/pricing-enforcer.js.map +1 -0
- package/dist/api/server.d.ts +28 -0
- package/dist/api/server.js +265 -0
- package/dist/api/server.js.map +1 -0
- package/dist/api/team-session.d.ts +59 -0
- package/dist/api/team-session.js +240 -0
- package/dist/api/team-session.js.map +1 -0
- package/dist/cli.js +142 -2
- package/dist/cli.js.map +1 -1
- package/dist/commands/api.d.ts +4 -0
- package/dist/commands/api.js +50 -0
- package/dist/commands/api.js.map +1 -0
- package/dist/commands/runtime.d.ts +69 -0
- package/dist/commands/runtime.js +673 -0
- package/dist/commands/runtime.js.map +1 -1
- package/dist/runtime/agent-loop.d.ts +6 -0
- package/dist/runtime/agent-loop.js +87 -5
- package/dist/runtime/agent-loop.js.map +1 -1
- package/dist/runtime/agent-spawner.d.ts +56 -0
- package/dist/runtime/agent-spawner.js +217 -0
- package/dist/runtime/agent-spawner.js.map +1 -0
- package/dist/runtime/agents/code-agent.d.ts +11 -0
- package/dist/runtime/agents/code-agent.js +90 -0
- package/dist/runtime/agents/code-agent.js.map +1 -0
- package/dist/runtime/agents/coordinator-agent.d.ts +20 -0
- package/dist/runtime/agents/coordinator-agent.js +182 -0
- package/dist/runtime/agents/coordinator-agent.js.map +1 -0
- package/dist/runtime/agents/ops-agent.d.ts +11 -0
- package/dist/runtime/agents/ops-agent.js +113 -0
- package/dist/runtime/agents/ops-agent.js.map +1 -0
- package/dist/runtime/agents/research-agent.d.ts +11 -0
- package/dist/runtime/agents/research-agent.js +114 -0
- package/dist/runtime/agents/research-agent.js.map +1 -0
- package/dist/runtime/agents/review-agent.d.ts +11 -0
- package/dist/runtime/agents/review-agent.js +96 -0
- package/dist/runtime/agents/review-agent.js.map +1 -0
- package/dist/runtime/agents/test-agent.d.ts +11 -0
- package/dist/runtime/agents/test-agent.js +114 -0
- package/dist/runtime/agents/test-agent.js.map +1 -0
- package/dist/runtime/capability-registry.d.ts +62 -0
- package/dist/runtime/capability-registry.js +191 -0
- package/dist/runtime/capability-registry.js.map +1 -0
- package/dist/runtime/collusion-detector.d.ts +35 -0
- package/dist/runtime/collusion-detector.js +97 -0
- package/dist/runtime/collusion-detector.js.map +1 -0
- package/dist/runtime/composition-verifier.d.ts +22 -0
- package/dist/runtime/composition-verifier.js +265 -0
- package/dist/runtime/composition-verifier.js.map +1 -0
- package/dist/runtime/confidence-calibrator.d.ts +10 -0
- package/dist/runtime/confidence-calibrator.js +95 -0
- package/dist/runtime/confidence-calibrator.js.map +1 -0
- package/dist/runtime/domain-coverage-analyzer.d.ts +24 -0
- package/dist/runtime/domain-coverage-analyzer.js +178 -0
- package/dist/runtime/domain-coverage-analyzer.js.map +1 -0
- package/dist/runtime/enriched-prompt-builder.d.ts +25 -0
- package/dist/runtime/enriched-prompt-builder.js +173 -0
- package/dist/runtime/enriched-prompt-builder.js.map +1 -0
- package/dist/runtime/gap-detector.d.ts +6 -0
- package/dist/runtime/gap-detector.js +111 -0
- package/dist/runtime/gap-detector.js.map +1 -0
- package/dist/runtime/human-escalation.d.ts +41 -0
- package/dist/runtime/human-escalation.js +122 -0
- package/dist/runtime/human-escalation.js.map +1 -0
- package/dist/runtime/kill-switch.d.ts +51 -0
- package/dist/runtime/kill-switch.js +185 -0
- package/dist/runtime/kill-switch.js.map +1 -0
- package/dist/runtime/layer2-guardian.d.ts +81 -0
- package/dist/runtime/layer2-guardian.js +263 -0
- package/dist/runtime/layer2-guardian.js.map +1 -0
- package/dist/runtime/message-bus.d.ts +57 -0
- package/dist/runtime/message-bus.js +115 -0
- package/dist/runtime/message-bus.js.map +1 -0
- package/dist/runtime/multi-agent-loop.d.ts +37 -0
- package/dist/runtime/multi-agent-loop.js +411 -0
- package/dist/runtime/multi-agent-loop.js.map +1 -0
- package/dist/runtime/pattern-extractor.d.ts +20 -0
- package/dist/runtime/pattern-extractor.js +257 -0
- package/dist/runtime/pattern-extractor.js.map +1 -0
- package/dist/runtime/planner.d.ts +2 -2
- package/dist/runtime/planner.js +10 -7
- package/dist/runtime/planner.js.map +1 -1
- package/dist/runtime/prompt-safety-analyzer.d.ts +17 -0
- package/dist/runtime/prompt-safety-analyzer.js +230 -0
- package/dist/runtime/prompt-safety-analyzer.js.map +1 -0
- package/dist/runtime/reasoner.d.ts +2 -2
- package/dist/runtime/reasoner.js +9 -5
- package/dist/runtime/reasoner.js.map +1 -1
- package/dist/runtime/reflector.d.ts +7 -1
- package/dist/runtime/reflector.js.map +1 -1
- package/dist/runtime/rollback-manager.d.ts +50 -0
- package/dist/runtime/rollback-manager.js +157 -0
- package/dist/runtime/rollback-manager.js.map +1 -0
- package/dist/runtime/rule-canary-deployer.d.ts +69 -0
- package/dist/runtime/rule-canary-deployer.js +289 -0
- package/dist/runtime/rule-canary-deployer.js.map +1 -0
- package/dist/runtime/rule-conflict-detector.d.ts +48 -0
- package/dist/runtime/rule-conflict-detector.js +214 -0
- package/dist/runtime/rule-conflict-detector.js.map +1 -0
- package/dist/runtime/rule-meta-verifier.d.ts +18 -0
- package/dist/runtime/rule-meta-verifier.js +275 -0
- package/dist/runtime/rule-meta-verifier.js.map +1 -0
- package/dist/runtime/rule-proposal-manager.d.ts +95 -0
- package/dist/runtime/rule-proposal-manager.js +190 -0
- package/dist/runtime/rule-proposal-manager.js.map +1 -0
- package/dist/runtime/safety-enforcer.d.ts +35 -0
- package/dist/runtime/safety-enforcer.js +165 -0
- package/dist/runtime/safety-enforcer.js.map +1 -0
- package/dist/runtime/safety-status.d.ts +48 -0
- package/dist/runtime/safety-status.js +119 -0
- package/dist/runtime/safety-status.js.map +1 -0
- package/dist/runtime/shadow-runner.d.ts +14 -0
- package/dist/runtime/shadow-runner.js +190 -0
- package/dist/runtime/shadow-runner.js.map +1 -0
- package/dist/runtime/shared-memory.d.ts +47 -0
- package/dist/runtime/shared-memory.js +151 -0
- package/dist/runtime/shared-memory.js.map +1 -0
- package/dist/runtime/specialized-agent.d.ts +72 -0
- package/dist/runtime/specialized-agent.js +123 -0
- package/dist/runtime/specialized-agent.js.map +1 -0
- package/dist/runtime/stall-detector.d.ts +13 -0
- package/dist/runtime/stall-detector.js +121 -0
- package/dist/runtime/stall-detector.js.map +1 -0
- package/dist/runtime/strategy-library.d.ts +11 -0
- package/dist/runtime/strategy-library.js +142 -0
- package/dist/runtime/strategy-library.js.map +1 -0
- package/dist/runtime/supabase-experience-store.d.ts +19 -0
- package/dist/runtime/supabase-experience-store.js +215 -0
- package/dist/runtime/supabase-experience-store.js.map +1 -0
- package/dist/runtime/tool-approval.d.ts +51 -0
- package/dist/runtime/tool-approval.js +148 -0
- package/dist/runtime/tool-approval.js.map +1 -0
- package/dist/runtime/tool-sandbox.d.ts +43 -0
- package/dist/runtime/tool-sandbox.js +394 -0
- package/dist/runtime/tool-sandbox.js.map +1 -0
- package/dist/runtime/tool-verifier.d.ts +18 -0
- package/dist/runtime/tool-verifier.js +323 -0
- package/dist/runtime/tool-verifier.js.map +1 -0
- package/dist/runtime/trust-manager.d.ts +63 -0
- package/dist/runtime/trust-manager.js +212 -0
- package/dist/runtime/trust-manager.js.map +1 -0
- package/dist/runtime/two-agent-loop.d.ts +35 -0
- package/dist/runtime/two-agent-loop.js +208 -0
- package/dist/runtime/two-agent-loop.js.map +1 -0
- package/dist/runtime/types.d.ts +939 -1
- package/dist/runtime/verification-intensity.d.ts +34 -0
- package/dist/runtime/verification-intensity.js +104 -0
- package/dist/runtime/verification-intensity.js.map +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"gap-detector.js","sourceRoot":"","sources":["../../src/runtime/gap-detector.ts"],"names":[],"mappings":"AAAA,+DAA+D;AAC/D,8CAA8C;AAC9C,4DAA4D;AAC5D,0DAA0D;AAC1D,+DAA+D;AAE/D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAGvD,MAAM,OAAO,WAAW;IACtB,KAAK,CAAC,OAAO,CAAC,QAA+B;QAC3C,MAAM,UAAU,GAAoB,EAAE,CAAC;QAEvC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC3C,CAAC,CAAC,sBAAsB;YACxB,CAAC,CAAC,QAAQ,GAAG,GAAG;YAChB,CAAC,CAAC,cAAc,GAAG,GAAG;YACtB,CAAC,CAAC,WAAW,IAAI,EAAE,CACpB,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;YACvC,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;gBAClD,IAAI,SAAS,IAAI,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;oBACnD,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC7B,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,wBAAwB;YAC1B,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,OAA4B;QACpD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC5C,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,IAAI;YAChB,MAAM,EAAE;;4CAE8B;YACtC,QAAQ,EAAE,CAAC;oBACT,IAAI,EAAE,MAAM;oBACZ,OAAO,EAAE,mCAAmC,CAAC,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,CAAC,OAAO,CAAC,cAAc,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;;YAE/I,OAAO,CAAC,aAAa;gBACjB,OAAO,CAAC,WAAW;iBAClB,OAAO,CAAC,YAAY;uBACd,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;EAgBzD;iBACK,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACjF,IAAI,CAAC;YACH,IAAI,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC1B,IAAI,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAC3E,CAAC;YACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAEnC,OAAO;gBACL,EAAE,EAAE,UAAU,EAAE;gBAChB,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,SAAS,EAAE,MAAM,CAAC,SAAS,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO;gBACvD,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,YAAY;gBACzC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;gBAClE,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,qBAAqB,EAAE,EAAE;gBACzB,uBAAuB,EAAE,MAAM,CAAC,uBAAuB,IAAI,CAAC;gBAC5D,MAAM,EAAE,UAAU;gBAClB,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACrC,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,iBAAiB,CAAC,SAAwB;QAChD,IAAI,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACjD,IAAI,SAAS,CAAC,SAAS,KAAK,OAAO;YAAE,OAAO,IAAI,CAAC,CAAC,6BAA6B;QAE/E,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAElD,KAAK,MAAM,EAAE,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;gBACrC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;gBACrC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,uBAAuB;gBAE5C,MAAM,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;gBAChD,IAAI,aAAa,KAAK,EAAE,CAAC,eAAe,EAAE,CAAC;oBACzC,OAAO,KAAK,CAAC,CAAC,4CAA4C;gBAC5D,CAAC;YACH,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC,CAAC,gBAAgB;QAChC,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
import type { HumanEscalation, TaskGraph, AgentMessage, MemoryConflict, AuditEntry, TrustWindow, CollusionEvent, SafetyPolicy, StallReport } from './types.js';
|
|
2
|
+
export declare class HumanEscalationManager {
|
|
3
|
+
private escalations;
|
|
4
|
+
private policy;
|
|
5
|
+
constructor(policy: SafetyPolicy);
|
|
6
|
+
/**
|
|
7
|
+
* Create an escalation from a safety threshold breach.
|
|
8
|
+
*/
|
|
9
|
+
escalateSafetyBreach(rule: string, currentValue: number, maxValue: number, context: EscalationContext): HumanEscalation;
|
|
10
|
+
/**
|
|
11
|
+
* Create an escalation from a collusion detection.
|
|
12
|
+
*/
|
|
13
|
+
escalateCollusion(event: CollusionEvent, context: EscalationContext): HumanEscalation;
|
|
14
|
+
/**
|
|
15
|
+
* Create an escalation from an unresolvable stall.
|
|
16
|
+
*/
|
|
17
|
+
escalateStall(stalls: readonly StallReport[], context: EscalationContext): HumanEscalation;
|
|
18
|
+
/**
|
|
19
|
+
* Create an escalation from trust collapse (too many demotions).
|
|
20
|
+
*/
|
|
21
|
+
escalateTrustCollapse(agentId: string, demotions: number, context: EscalationContext): HumanEscalation;
|
|
22
|
+
/**
|
|
23
|
+
* Record a human response to a pending escalation.
|
|
24
|
+
*/
|
|
25
|
+
resolve(escalationId: string, action: string, reasoning: string): boolean;
|
|
26
|
+
/** Get all escalations. */
|
|
27
|
+
getAllEscalations(): readonly HumanEscalation[];
|
|
28
|
+
/** Get pending escalations. */
|
|
29
|
+
getPending(): readonly HumanEscalation[];
|
|
30
|
+
/** Check if there are any unresolved escalations. */
|
|
31
|
+
hasUnresolved(): boolean;
|
|
32
|
+
private createEscalation;
|
|
33
|
+
}
|
|
34
|
+
export interface EscalationContext {
|
|
35
|
+
readonly taskGraph: TaskGraph;
|
|
36
|
+
readonly relevantMessages: readonly AgentMessage[];
|
|
37
|
+
readonly conflictingClaims: readonly MemoryConflict[];
|
|
38
|
+
readonly recentAudit: readonly AuditEntry[];
|
|
39
|
+
readonly trustSnapshots: readonly TrustWindow[];
|
|
40
|
+
readonly collusionEvents: readonly CollusionEvent[];
|
|
41
|
+
}
|
|
@@ -0,0 +1,122 @@
|
|
|
1
|
+
// ============================================================
|
|
2
|
+
// Assay Verified Agent Runtime — Human Escalation Manager
|
|
3
|
+
// Packages structured context for human review when the system
|
|
4
|
+
// cannot resolve a situation autonomously.
|
|
5
|
+
// ============================================================
|
|
6
|
+
import { randomUUID } from 'node:crypto';
|
|
7
|
+
// ── Human Escalation Manager ───────────────────────────────
|
|
8
|
+
export class HumanEscalationManager {
|
|
9
|
+
escalations = [];
|
|
10
|
+
policy;
|
|
11
|
+
constructor(policy) {
|
|
12
|
+
this.policy = policy;
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* Create an escalation from a safety threshold breach.
|
|
16
|
+
*/
|
|
17
|
+
escalateSafetyBreach(rule, currentValue, maxValue, context) {
|
|
18
|
+
return this.createEscalation({
|
|
19
|
+
type: 'safety_threshold',
|
|
20
|
+
rule,
|
|
21
|
+
value: currentValue,
|
|
22
|
+
max: maxValue,
|
|
23
|
+
}, context, [
|
|
24
|
+
`Reduce the affected agent's autonomy`,
|
|
25
|
+
`Replace the agent with a different model`,
|
|
26
|
+
`Abort the current task and start fresh`,
|
|
27
|
+
`Override the safety threshold (increases risk)`,
|
|
28
|
+
]);
|
|
29
|
+
}
|
|
30
|
+
/**
|
|
31
|
+
* Create an escalation from a collusion detection.
|
|
32
|
+
*/
|
|
33
|
+
escalateCollusion(event, context) {
|
|
34
|
+
return this.createEscalation({ type: 'collusion_detected', event }, context, [
|
|
35
|
+
`Switch one agent to a different LLM provider (model diversity)`,
|
|
36
|
+
`Require formal verification for all claims from these agents`,
|
|
37
|
+
`Demote both agents to untrusted`,
|
|
38
|
+
`Review the specific claim manually: "${event.claimText}"`,
|
|
39
|
+
]);
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Create an escalation from an unresolvable stall.
|
|
43
|
+
*/
|
|
44
|
+
escalateStall(stalls, context) {
|
|
45
|
+
const actions = [];
|
|
46
|
+
for (const stall of stalls) {
|
|
47
|
+
switch (stall.type) {
|
|
48
|
+
case 'dependency_deadlock':
|
|
49
|
+
actions.push(`Break circular dependency involving task ${stall.taskId}`);
|
|
50
|
+
break;
|
|
51
|
+
case 'reject_loop':
|
|
52
|
+
actions.push(`Simplify or redefine task ${stall.taskId} (rejected ${stall.attempts} times)`);
|
|
53
|
+
break;
|
|
54
|
+
case 'timeout':
|
|
55
|
+
actions.push(`Investigate why task ${stall.taskId} is taking ${stall.duration}ms`);
|
|
56
|
+
break;
|
|
57
|
+
case 'resource_contention':
|
|
58
|
+
actions.push(`Add another agent for the ${stall.taskId} specialization`);
|
|
59
|
+
break;
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
return this.createEscalation({ type: 'stall_unresolvable', stalls }, context, actions);
|
|
63
|
+
}
|
|
64
|
+
/**
|
|
65
|
+
* Create an escalation from trust collapse (too many demotions).
|
|
66
|
+
*/
|
|
67
|
+
escalateTrustCollapse(agentId, demotions, context) {
|
|
68
|
+
return this.createEscalation({ type: 'trust_collapse', agentId, demotions }, context, [
|
|
69
|
+
`Replace the agent with a different model`,
|
|
70
|
+
`Review the agent's recent verification failures`,
|
|
71
|
+
`Reset the agent's trust and retry with closer oversight`,
|
|
72
|
+
`Remove the agent from the team`,
|
|
73
|
+
]);
|
|
74
|
+
}
|
|
75
|
+
/**
|
|
76
|
+
* Record a human response to a pending escalation.
|
|
77
|
+
*/
|
|
78
|
+
resolve(escalationId, action, reasoning) {
|
|
79
|
+
const escalation = this.escalations.find(e => e.id === escalationId);
|
|
80
|
+
if (!escalation || escalation.status !== 'pending')
|
|
81
|
+
return false;
|
|
82
|
+
escalation.status = 'resolved';
|
|
83
|
+
escalation.humanResponse = {
|
|
84
|
+
action,
|
|
85
|
+
reasoning,
|
|
86
|
+
timestamp: new Date().toISOString(),
|
|
87
|
+
};
|
|
88
|
+
return true;
|
|
89
|
+
}
|
|
90
|
+
/** Get all escalations. */
|
|
91
|
+
getAllEscalations() {
|
|
92
|
+
return this.escalations;
|
|
93
|
+
}
|
|
94
|
+
/** Get pending escalations. */
|
|
95
|
+
getPending() {
|
|
96
|
+
return this.escalations.filter(e => e.status === 'pending');
|
|
97
|
+
}
|
|
98
|
+
/** Check if there are any unresolved escalations. */
|
|
99
|
+
hasUnresolved() {
|
|
100
|
+
return this.escalations.some(e => e.status === 'pending');
|
|
101
|
+
}
|
|
102
|
+
// ── Private ─────────────────────────────────────────────
|
|
103
|
+
createEscalation(trigger, context, suggestedActions) {
|
|
104
|
+
const escalation = {
|
|
105
|
+
id: randomUUID(),
|
|
106
|
+
trigger,
|
|
107
|
+
context: {
|
|
108
|
+
taskGraph: context.taskGraph,
|
|
109
|
+
relevantMessages: context.relevantMessages,
|
|
110
|
+
conflictingClaims: context.conflictingClaims,
|
|
111
|
+
recentAudit: context.recentAudit.slice(-20), // Last 20 audit entries
|
|
112
|
+
trustSnapshots: context.trustSnapshots,
|
|
113
|
+
collusionEvents: context.collusionEvents,
|
|
114
|
+
},
|
|
115
|
+
suggestedActions,
|
|
116
|
+
status: 'pending',
|
|
117
|
+
};
|
|
118
|
+
this.escalations.push(escalation);
|
|
119
|
+
return escalation;
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
//# sourceMappingURL=human-escalation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"human-escalation.js","sourceRoot":"","sources":["../../src/runtime/human-escalation.ts"],"names":[],"mappings":"AAAA,+DAA+D;AAC/D,0DAA0D;AAC1D,+DAA+D;AAC/D,2CAA2C;AAC3C,+DAA+D;AAE/D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAczC,8DAA8D;AAE9D,MAAM,OAAO,sBAAsB;IACzB,WAAW,GAAsB,EAAE,CAAC;IACpC,MAAM,CAAe;IAE7B,YAAY,MAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,oBAAoB,CAClB,IAAY,EACZ,YAAoB,EACpB,QAAgB,EAChB,OAA0B;QAE1B,OAAO,IAAI,CAAC,gBAAgB,CAC1B;YACE,IAAI,EAAE,kBAAkB;YACxB,IAAI;YACJ,KAAK,EAAE,YAAY;YACnB,GAAG,EAAE,QAAQ;SACd,EACD,OAAO,EACP;YACE,sCAAsC;YACtC,0CAA0C;YAC1C,wCAAwC;YACxC,gDAAgD;SACjD,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,iBAAiB,CACf,KAAqB,EACrB,OAA0B;QAE1B,OAAO,IAAI,CAAC,gBAAgB,CAC1B,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,EACrC,OAAO,EACP;YACE,gEAAgE;YAChE,8DAA8D;YAC9D,iCAAiC;YACjC,wCAAwC,KAAK,CAAC,SAAS,GAAG;SAC3D,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,aAAa,CACX,MAA8B,EAC9B,OAA0B;QAE1B,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;gBACnB,KAAK,qBAAqB;oBACxB,OAAO,CAAC,IAAI,CAAC,4CAA4C,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;oBACzE,MAAM;gBACR,KAAK,aAAa;oBAChB,OAAO,CAAC,IAAI,CAAC,6BAA6B,KAAK,CAAC,MAAM,cAAc,KAAK,CAAC,QAAQ,SAAS,CAAC,CAAC;oBAC7F,MAAM;gBACR,KAAK,SAAS;oBACZ,OAAO,CAAC,IAAI,CAAC,wBAAwB,KAAK,CAAC,MAAM,cAAc,KAAK,CAAC,QAAQ,IAAI,CAAC,CAAC;oBACnF,MAAM;gBACR,KAAK,qBAAqB;oBACxB,OAAO,CAAC,IAAI,CAAC,6BAA6B,KAAK,CAAC,MAAM,iBAAiB,CAAC,CAAC;oBACzE,MAAM;YACV,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAC1B,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,EACtC,OAAO,EACP,OAAO,CACR,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,qBAAqB,CACnB,OAAe,EACf,SAAiB,EACjB,OAA0B;QAE1B,OAAO,IAAI,CAAC,gBAAgB,CAC1B,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,SAAS,EAAE,EAC9C,OAAO,EACP;YACE,0CAA0C;YAC1C,iDAAiD;YACjD,yDAAyD;YACzD,gCAAgC;SACjC,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,YAAoB,EAAE,MAAc,EAAE,SAAiB;QAC7D,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC;QACrE,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,MAAM,KAAK,SAAS;YAAE,OAAO,KAAK,CAAC;QAEhE,UAAiC,CAAC,MAAM,GAAG,UAAU,CAAC;QACtD,UAAkE,CAAC,aAAa,GAAG;YAClF,MAAM;YACN,SAAS;YACT,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,2BAA2B;IAC3B,iBAAiB;QACf,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,+BAA+B;IAC/B,UAAU;QACR,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;IAC9D,CAAC;IAED,qDAAqD;IACrD,aAAa;QACX,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;IAC5D,CAAC;IAED,2DAA2D;IAEnD,gBAAgB,CACtB,OAA+B,EAC/B,OAA0B,EAC1B,gBAA0B;QAE1B,MAAM,UAAU,GAAoB;YAClC,EAAE,EAAE,UAAU,EAAE;YAChB,OAAO;YACP,OAAO,EAAE;gBACP,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;gBAC1C,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;gBAC5C,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,wBAAwB;gBACrE,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,eAAe,EAAE,OAAO,CAAC,eAAe;aACzC;YACD,gBAAgB;YAChB,MAAM,EAAE,SAAS;SAClB,CAAC;QAEF,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAClC,OAAO,UAAU,CAAC;IACpB,CAAC;CACF"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
import { EventEmitter } from 'node:events';
|
|
2
|
+
import type { KillSwitchLevel, KillSwitchAction, KillSwitchEvent } from './types.js';
|
|
3
|
+
export declare class KillSwitch extends EventEmitter {
|
|
4
|
+
private eventLog;
|
|
5
|
+
private logPath;
|
|
6
|
+
private suspendedEntities;
|
|
7
|
+
private systemHalted;
|
|
8
|
+
constructor(logPath?: string);
|
|
9
|
+
/**
|
|
10
|
+
* Activate the kill switch at a given level.
|
|
11
|
+
* Validates that the level has authority for the requested action.
|
|
12
|
+
* Validates that the level is not being overridden by a higher level.
|
|
13
|
+
*/
|
|
14
|
+
activate(level: KillSwitchLevel, action: KillSwitchAction, target: string, triggeredBy: string, reason: string): Promise<KillSwitchEvent>;
|
|
15
|
+
/**
|
|
16
|
+
* Release a kill switch hold on a target.
|
|
17
|
+
* Only a level equal to or higher than the suspending level can release.
|
|
18
|
+
*/
|
|
19
|
+
release(target: string, releasedBy: string, level: KillSwitchLevel): Promise<{
|
|
20
|
+
released: boolean;
|
|
21
|
+
reason: string;
|
|
22
|
+
}>;
|
|
23
|
+
/**
|
|
24
|
+
* Check if a target is suspended.
|
|
25
|
+
*/
|
|
26
|
+
isSuspended(target: string): {
|
|
27
|
+
suspended: boolean;
|
|
28
|
+
event?: KillSwitchEvent;
|
|
29
|
+
};
|
|
30
|
+
/**
|
|
31
|
+
* Check if the system is halted (Layer 2 kill switch).
|
|
32
|
+
*/
|
|
33
|
+
isSystemHalted(): boolean;
|
|
34
|
+
/**
|
|
35
|
+
* Get all currently suspended entities.
|
|
36
|
+
*/
|
|
37
|
+
getSuspended(): Map<string, KillSwitchEvent>;
|
|
38
|
+
/**
|
|
39
|
+
* Get the full event log.
|
|
40
|
+
*/
|
|
41
|
+
getEventLog(): readonly KillSwitchEvent[];
|
|
42
|
+
/**
|
|
43
|
+
* Validate that a given entity has authority to perform an action.
|
|
44
|
+
* Used before executing any operation to check kill switch status.
|
|
45
|
+
*/
|
|
46
|
+
validateAuthority(requestingLevel: KillSwitchLevel, action: KillSwitchAction, target: string): {
|
|
47
|
+
authorized: boolean;
|
|
48
|
+
reason: string;
|
|
49
|
+
};
|
|
50
|
+
private logEvent;
|
|
51
|
+
}
|
|
@@ -0,0 +1,185 @@
|
|
|
1
|
+
// ============================================================
|
|
2
|
+
// Assay Verified Agent Runtime — Kill Switch Hierarchy
|
|
3
|
+
// Strictly ordered: Layer 2 > Human > Coordinator > Agent.
|
|
4
|
+
// No entity can override an entity above it.
|
|
5
|
+
//
|
|
6
|
+
// Layer 2 can halt the entire system.
|
|
7
|
+
// Humans can suspend any agent, tool, or rule.
|
|
8
|
+
// Coordinators can suspend agents they manage.
|
|
9
|
+
// Agents can halt their own tasks.
|
|
10
|
+
// ============================================================
|
|
11
|
+
import { randomUUID } from 'node:crypto';
|
|
12
|
+
import { appendFile, mkdir } from 'node:fs/promises';
|
|
13
|
+
import { dirname } from 'node:path';
|
|
14
|
+
import { EventEmitter } from 'node:events';
|
|
15
|
+
// ── Kill Switch Authority Map ──────────────────────────
|
|
16
|
+
const LEVEL_RANK = {
|
|
17
|
+
layer2: 4,
|
|
18
|
+
human: 3,
|
|
19
|
+
coordinator: 2,
|
|
20
|
+
agent: 1,
|
|
21
|
+
};
|
|
22
|
+
const ALLOWED_ACTIONS = {
|
|
23
|
+
layer2: ['halt_system', 'suspend_agent', 'suspend_tool', 'suspend_rule'],
|
|
24
|
+
human: ['suspend_agent', 'suspend_tool', 'suspend_rule', 'reassign_task', 'halt_task'],
|
|
25
|
+
coordinator: ['suspend_agent', 'reassign_task', 'halt_task'],
|
|
26
|
+
agent: ['halt_task'],
|
|
27
|
+
};
|
|
28
|
+
// ── Kill Switch ────────────────────────────────────────
|
|
29
|
+
export class KillSwitch extends EventEmitter {
|
|
30
|
+
eventLog = [];
|
|
31
|
+
logPath;
|
|
32
|
+
suspendedEntities = new Map();
|
|
33
|
+
systemHalted = false;
|
|
34
|
+
constructor(logPath) {
|
|
35
|
+
super();
|
|
36
|
+
this.logPath = logPath ?? '.assay/kill-switch.ndjson';
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Activate the kill switch at a given level.
|
|
40
|
+
* Validates that the level has authority for the requested action.
|
|
41
|
+
* Validates that the level is not being overridden by a higher level.
|
|
42
|
+
*/
|
|
43
|
+
async activate(level, action, target, triggeredBy, reason) {
|
|
44
|
+
// Validate action is allowed for this level
|
|
45
|
+
if (!ALLOWED_ACTIONS[level].includes(action)) {
|
|
46
|
+
throw new Error(`Kill switch level "${level}" cannot perform action "${action}". Allowed: ${ALLOWED_ACTIONS[level].join(', ')}`);
|
|
47
|
+
}
|
|
48
|
+
// Check if target is already suspended by a higher level
|
|
49
|
+
const existingSuspension = this.suspendedEntities.get(target);
|
|
50
|
+
if (existingSuspension) {
|
|
51
|
+
const existingRank = LEVEL_RANK[existingSuspension.level];
|
|
52
|
+
const requestRank = LEVEL_RANK[level];
|
|
53
|
+
if (existingRank > requestRank) {
|
|
54
|
+
throw new Error(`Target "${target}" is already suspended by "${existingSuspension.level}" (rank ${existingRank}). Level "${level}" (rank ${requestRank}) cannot override.`);
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
const event = {
|
|
58
|
+
id: `ks_${Date.now()}_${randomUUID().slice(0, 8)}`,
|
|
59
|
+
level,
|
|
60
|
+
action,
|
|
61
|
+
target,
|
|
62
|
+
triggered_by: triggeredBy,
|
|
63
|
+
reason,
|
|
64
|
+
timestamp: new Date().toISOString(),
|
|
65
|
+
auto_restart: action !== 'halt_system',
|
|
66
|
+
requires_redeployment: action === 'halt_system',
|
|
67
|
+
};
|
|
68
|
+
// Execute the action
|
|
69
|
+
if (action === 'halt_system') {
|
|
70
|
+
this.systemHalted = true;
|
|
71
|
+
}
|
|
72
|
+
if (action === 'suspend_agent' || action === 'suspend_tool' || action === 'suspend_rule') {
|
|
73
|
+
this.suspendedEntities.set(target, event);
|
|
74
|
+
}
|
|
75
|
+
this.eventLog.push(event);
|
|
76
|
+
// Emit the event
|
|
77
|
+
this.emit('kill_switch', event);
|
|
78
|
+
// Log to disk
|
|
79
|
+
await this.logEvent(event);
|
|
80
|
+
return event;
|
|
81
|
+
}
|
|
82
|
+
/**
|
|
83
|
+
* Release a kill switch hold on a target.
|
|
84
|
+
* Only a level equal to or higher than the suspending level can release.
|
|
85
|
+
*/
|
|
86
|
+
async release(target, releasedBy, level) {
|
|
87
|
+
const suspension = this.suspendedEntities.get(target);
|
|
88
|
+
if (!suspension) {
|
|
89
|
+
return { released: false, reason: `Target "${target}" is not suspended.` };
|
|
90
|
+
}
|
|
91
|
+
const suspendingRank = LEVEL_RANK[suspension.level];
|
|
92
|
+
const releaseRank = LEVEL_RANK[level];
|
|
93
|
+
if (releaseRank < suspendingRank) {
|
|
94
|
+
return {
|
|
95
|
+
released: false,
|
|
96
|
+
reason: `Cannot release: suspended by "${suspension.level}" (rank ${suspendingRank}), release attempted by "${level}" (rank ${releaseRank}). Need rank >= ${suspendingRank}.`,
|
|
97
|
+
};
|
|
98
|
+
}
|
|
99
|
+
this.suspendedEntities.delete(target);
|
|
100
|
+
const releaseEvent = {
|
|
101
|
+
id: `ks_release_${Date.now()}_${randomUUID().slice(0, 8)}`,
|
|
102
|
+
level,
|
|
103
|
+
action: 'halt_task', // Using halt_task as a generic "release" marker
|
|
104
|
+
target,
|
|
105
|
+
triggered_by: releasedBy,
|
|
106
|
+
reason: `Released from ${suspension.level} suspension`,
|
|
107
|
+
timestamp: new Date().toISOString(),
|
|
108
|
+
auto_restart: true,
|
|
109
|
+
requires_redeployment: false,
|
|
110
|
+
};
|
|
111
|
+
this.eventLog.push(releaseEvent);
|
|
112
|
+
this.emit('kill_switch_released', releaseEvent);
|
|
113
|
+
await this.logEvent(releaseEvent);
|
|
114
|
+
return { released: true, reason: `Released by "${level}" (${releasedBy}).` };
|
|
115
|
+
}
|
|
116
|
+
/**
|
|
117
|
+
* Check if a target is suspended.
|
|
118
|
+
*/
|
|
119
|
+
isSuspended(target) {
|
|
120
|
+
const event = this.suspendedEntities.get(target);
|
|
121
|
+
return { suspended: event !== undefined, event };
|
|
122
|
+
}
|
|
123
|
+
/**
|
|
124
|
+
* Check if the system is halted (Layer 2 kill switch).
|
|
125
|
+
*/
|
|
126
|
+
isSystemHalted() {
|
|
127
|
+
return this.systemHalted;
|
|
128
|
+
}
|
|
129
|
+
/**
|
|
130
|
+
* Get all currently suspended entities.
|
|
131
|
+
*/
|
|
132
|
+
getSuspended() {
|
|
133
|
+
return new Map(this.suspendedEntities);
|
|
134
|
+
}
|
|
135
|
+
/**
|
|
136
|
+
* Get the full event log.
|
|
137
|
+
*/
|
|
138
|
+
getEventLog() {
|
|
139
|
+
return this.eventLog;
|
|
140
|
+
}
|
|
141
|
+
/**
|
|
142
|
+
* Validate that a given entity has authority to perform an action.
|
|
143
|
+
* Used before executing any operation to check kill switch status.
|
|
144
|
+
*/
|
|
145
|
+
validateAuthority(requestingLevel, action, target) {
|
|
146
|
+
// System halt blocks everything except Layer 2
|
|
147
|
+
if (this.systemHalted && requestingLevel !== 'layer2') {
|
|
148
|
+
return {
|
|
149
|
+
authorized: false,
|
|
150
|
+
reason: 'System is halted by Layer 2. Only Layer 2 can act.',
|
|
151
|
+
};
|
|
152
|
+
}
|
|
153
|
+
// Check if target is suspended
|
|
154
|
+
const suspension = this.suspendedEntities.get(target);
|
|
155
|
+
if (suspension) {
|
|
156
|
+
const suspendingRank = LEVEL_RANK[suspension.level];
|
|
157
|
+
const requestRank = LEVEL_RANK[requestingLevel];
|
|
158
|
+
if (requestRank <= suspendingRank) {
|
|
159
|
+
return {
|
|
160
|
+
authorized: false,
|
|
161
|
+
reason: `Target "${target}" is suspended by "${suspension.level}". Level "${requestingLevel}" cannot act on it.`,
|
|
162
|
+
};
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
// Check if action is allowed for this level
|
|
166
|
+
if (!ALLOWED_ACTIONS[requestingLevel].includes(action)) {
|
|
167
|
+
return {
|
|
168
|
+
authorized: false,
|
|
169
|
+
reason: `Level "${requestingLevel}" cannot perform "${action}".`,
|
|
170
|
+
};
|
|
171
|
+
}
|
|
172
|
+
return { authorized: true, reason: 'Authorized.' };
|
|
173
|
+
}
|
|
174
|
+
// ── Private ──────────────────────────────────────────
|
|
175
|
+
async logEvent(event) {
|
|
176
|
+
try {
|
|
177
|
+
await mkdir(dirname(this.logPath), { recursive: true });
|
|
178
|
+
await appendFile(this.logPath, JSON.stringify(event) + '\n', 'utf-8');
|
|
179
|
+
}
|
|
180
|
+
catch {
|
|
181
|
+
// Kill switch logging failure must not prevent the kill switch from working
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
}
|
|
185
|
+
//# sourceMappingURL=kill-switch.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"kill-switch.js","sourceRoot":"","sources":["../../src/runtime/kill-switch.ts"],"names":[],"mappings":"AAAA,+DAA+D;AAC/D,uDAAuD;AACvD,2DAA2D;AAC3D,6CAA6C;AAC7C,EAAE;AACF,sCAAsC;AACtC,+CAA+C;AAC/C,+CAA+C;AAC/C,mCAAmC;AACnC,+DAA+D;AAE/D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAO3C,0DAA0D;AAE1D,MAAM,UAAU,GAAoC;IAClD,MAAM,EAAE,CAAC;IACT,KAAK,EAAE,CAAC;IACR,WAAW,EAAE,CAAC;IACd,KAAK,EAAE,CAAC;CACT,CAAC;AAEF,MAAM,eAAe,GAAgD;IACnE,MAAM,EAAE,CAAC,aAAa,EAAE,eAAe,EAAE,cAAc,EAAE,cAAc,CAAC;IACxE,KAAK,EAAE,CAAC,eAAe,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,EAAE,WAAW,CAAC;IACtF,WAAW,EAAE,CAAC,eAAe,EAAE,eAAe,EAAE,WAAW,CAAC;IAC5D,KAAK,EAAE,CAAC,WAAW,CAAC;CACrB,CAAC;AAEF,0DAA0D;AAE1D,MAAM,OAAO,UAAW,SAAQ,YAAY;IAClC,QAAQ,GAAsB,EAAE,CAAC;IACjC,OAAO,CAAS;IAChB,iBAAiB,GAAiC,IAAI,GAAG,EAAE,CAAC;IAC5D,YAAY,GAAY,KAAK,CAAC;IAEtC,YAAY,OAAgB;QAC1B,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,2BAA2B,CAAC;IACxD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,QAAQ,CACZ,KAAsB,EACtB,MAAwB,EACxB,MAAc,EACd,WAAmB,EACnB,MAAc;QAEd,4CAA4C;QAC5C,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CACb,sBAAsB,KAAK,4BAA4B,MAAM,eAAe,eAAe,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAChH,CAAC;QACJ,CAAC;QAED,yDAAyD;QACzD,MAAM,kBAAkB,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC9D,IAAI,kBAAkB,EAAE,CAAC;YACvB,MAAM,YAAY,GAAG,UAAU,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC1D,MAAM,WAAW,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;YACtC,IAAI,YAAY,GAAG,WAAW,EAAE,CAAC;gBAC/B,MAAM,IAAI,KAAK,CACb,WAAW,MAAM,8BAA8B,kBAAkB,CAAC,KAAK,WAAW,YAAY,aAAa,KAAK,WAAW,WAAW,oBAAoB,CAC3J,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,KAAK,GAAoB;YAC7B,EAAE,EAAE,MAAM,IAAI,CAAC,GAAG,EAAE,IAAI,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YAClD,KAAK;YACL,MAAM;YACN,MAAM;YACN,YAAY,EAAE,WAAW;YACzB,MAAM;YACN,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,YAAY,EAAE,MAAM,KAAK,aAAa;YACtC,qBAAqB,EAAE,MAAM,KAAK,aAAa;SAChD,CAAC;QAEF,qBAAqB;QACrB,IAAI,MAAM,KAAK,aAAa,EAAE,CAAC;YAC7B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;QAC3B,CAAC;QAED,IAAI,MAAM,KAAK,eAAe,IAAI,MAAM,KAAK,cAAc,IAAI,MAAM,KAAK,cAAc,EAAE,CAAC;YACzF,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE1B,iBAAiB;QACjB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAEhC,cAAc;QACd,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAE3B,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO,CACX,MAAc,EACd,UAAkB,EAClB,KAAsB;QAEtB,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,MAAM,qBAAqB,EAAE,CAAC;QAC7E,CAAC;QAED,MAAM,cAAc,GAAG,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QACpD,MAAM,WAAW,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;QAEtC,IAAI,WAAW,GAAG,cAAc,EAAE,CAAC;YACjC,OAAO;gBACL,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,iCAAiC,UAAU,CAAC,KAAK,WAAW,cAAc,4BAA4B,KAAK,WAAW,WAAW,mBAAmB,cAAc,GAAG;aAC9K,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAEtC,MAAM,YAAY,GAAoB;YACpC,EAAE,EAAE,cAAc,IAAI,CAAC,GAAG,EAAE,IAAI,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YAC1D,KAAK;YACL,MAAM,EAAE,WAAW,EAAE,gDAAgD;YACrE,MAAM;YACN,YAAY,EAAE,UAAU;YACxB,MAAM,EAAE,iBAAiB,UAAU,CAAC,KAAK,aAAa;YACtD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,YAAY,EAAE,IAAI;YAClB,qBAAqB,EAAE,KAAK;SAC7B,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACjC,IAAI,CAAC,IAAI,CAAC,sBAAsB,EAAE,YAAY,CAAC,CAAC;QAChD,MAAM,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAElC,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB,KAAK,MAAM,UAAU,IAAI,EAAE,CAAC;IAC/E,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,MAAc;QACxB,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACjD,OAAO,EAAE,SAAS,EAAE,KAAK,KAAK,SAAS,EAAE,KAAK,EAAE,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,iBAAiB,CACf,eAAgC,EAChC,MAAwB,EACxB,MAAc;QAEd,+CAA+C;QAC/C,IAAI,IAAI,CAAC,YAAY,IAAI,eAAe,KAAK,QAAQ,EAAE,CAAC;YACtD,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,oDAAoD;aAC7D,CAAC;QACJ,CAAC;QAED,+BAA+B;QAC/B,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,cAAc,GAAG,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;YACpD,MAAM,WAAW,GAAG,UAAU,CAAC,eAAe,CAAC,CAAC;YAChD,IAAI,WAAW,IAAI,cAAc,EAAE,CAAC;gBAClC,OAAO;oBACL,UAAU,EAAE,KAAK;oBACjB,MAAM,EAAE,WAAW,MAAM,sBAAsB,UAAU,CAAC,KAAK,aAAa,eAAe,qBAAqB;iBACjH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACvD,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,UAAU,eAAe,qBAAqB,MAAM,IAAI;aACjE,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IACrD,CAAC;IAED,wDAAwD;IAEhD,KAAK,CAAC,QAAQ,CAAC,KAAsB;QAC3C,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACxD,MAAM,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;QACxE,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;QAC9E,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
import type { Layer2Manifest, Layer2Component, IntegrityCheckResult } from './types.js';
|
|
2
|
+
export declare class Layer2Guardian {
|
|
3
|
+
private projectRoot;
|
|
4
|
+
private manifestPath;
|
|
5
|
+
private manifest;
|
|
6
|
+
private componentPaths;
|
|
7
|
+
constructor(projectRoot: string, opts?: {
|
|
8
|
+
manifestPath?: string;
|
|
9
|
+
componentPaths?: {
|
|
10
|
+
component: Layer2Component;
|
|
11
|
+
path: string;
|
|
12
|
+
}[];
|
|
13
|
+
});
|
|
14
|
+
/**
|
|
15
|
+
* Validate that a modification proposal does not target Layer 2.
|
|
16
|
+
* This is the first line of defense: structural prevention at the type level.
|
|
17
|
+
*/
|
|
18
|
+
validateProposal(proposal: {
|
|
19
|
+
safety: {
|
|
20
|
+
modifies_layer2: boolean;
|
|
21
|
+
modifies_approval_framework: boolean;
|
|
22
|
+
};
|
|
23
|
+
payload: unknown;
|
|
24
|
+
}): {
|
|
25
|
+
valid: boolean;
|
|
26
|
+
reason: string;
|
|
27
|
+
};
|
|
28
|
+
/**
|
|
29
|
+
* Verify that Layer 2 files have appropriate permissions.
|
|
30
|
+
* In production, Layer 2 files should be owned by a different user
|
|
31
|
+
* and be read-only from the agent's perspective.
|
|
32
|
+
*/
|
|
33
|
+
verifyPermissions(): Promise<{
|
|
34
|
+
valid: boolean;
|
|
35
|
+
findings: {
|
|
36
|
+
path: string;
|
|
37
|
+
issue: string;
|
|
38
|
+
}[];
|
|
39
|
+
}>;
|
|
40
|
+
/**
|
|
41
|
+
* Generate a Layer 2 manifest by hashing all component files.
|
|
42
|
+
* This is called during deployment (by humans), not at runtime (by agents).
|
|
43
|
+
*/
|
|
44
|
+
generateManifest(deployedBy: string): Promise<Layer2Manifest>;
|
|
45
|
+
/**
|
|
46
|
+
* Save the manifest to disk.
|
|
47
|
+
*/
|
|
48
|
+
saveManifest(manifest?: Layer2Manifest): Promise<void>;
|
|
49
|
+
/**
|
|
50
|
+
* Load the manifest from disk.
|
|
51
|
+
*/
|
|
52
|
+
loadManifest(): Promise<Layer2Manifest | null>;
|
|
53
|
+
/**
|
|
54
|
+
* Verify Layer 2 integrity by comparing current file hashes
|
|
55
|
+
* against the signed manifest. Called at system startup.
|
|
56
|
+
*
|
|
57
|
+
* If ANY component has been modified, returns a violation.
|
|
58
|
+
* The caller MUST halt the system on violation.
|
|
59
|
+
*/
|
|
60
|
+
verifyIntegrity(): Promise<IntegrityCheckResult>;
|
|
61
|
+
/**
|
|
62
|
+
* Run all four levels of verification.
|
|
63
|
+
* Returns a comprehensive status report.
|
|
64
|
+
*/
|
|
65
|
+
fullAudit(): Promise<{
|
|
66
|
+
permissions: {
|
|
67
|
+
valid: boolean;
|
|
68
|
+
findings: {
|
|
69
|
+
path: string;
|
|
70
|
+
issue: string;
|
|
71
|
+
}[];
|
|
72
|
+
};
|
|
73
|
+
integrity: IntegrityCheckResult;
|
|
74
|
+
manifestPresent: boolean;
|
|
75
|
+
overallSafe: boolean;
|
|
76
|
+
}>;
|
|
77
|
+
/**
|
|
78
|
+
* Get the current manifest (if loaded).
|
|
79
|
+
*/
|
|
80
|
+
getManifest(): Layer2Manifest | null;
|
|
81
|
+
}
|