agent-hypervisor 2.0.0__py3-none-any.whl

agent_hypervisor-2.0.0.dist-info/METADATA

@@ -0,0 +1,412 @@
+Metadata-Version: 2.4
+Name: agent-hypervisor
+Version: 2.0.0
+Summary: Agent Hypervisor — Runtime supervisor for multi-agent Shared Sessions with Execution Rings, Joint Liability, Saga Orchestration, and Merkle audit trails
+Project-URL: Homepage, https://github.com/imran-siddique/agent-hypervisor
+Project-URL: Repository, https://github.com/imran-siddique/agent-hypervisor
+Project-URL: Documentation, https://github.com/imran-siddique/agent-hypervisor#readme
+Project-URL: Bug Tracker, https://github.com/imran-siddique/agent-hypervisor/issues
+Project-URL: Agent OS, https://github.com/imran-siddique/agent-os
+Project-URL: Agent Mesh, https://github.com/imran-siddique/agent-mesh
+Project-URL: Agent SRE, https://github.com/imran-siddique/agent-sre
+Author-email: Imran Siddique <imran.siddique@microsoft.com>
+License-Expression: MIT
+License-File: LICENSE
+Keywords: agents,ai,audit,execution-rings,governance,hypervisor,liability,merkle,multi-agent,safety,saga,shared-sessions,trust
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Science/Research
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Typing :: Typed
+Requires-Python: >=3.11
+Requires-Dist: pydantic>=2.0.0
+Provides-Extra: blockchain
+Requires-Dist: web3>=6.0.0; extra == 'blockchain'
+Provides-Extra: dev
+Requires-Dist: hypothesis>=6.0.0; extra == 'dev'
+Requires-Dist: mypy>=1.8.0; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
+Requires-Dist: pytest-cov>=4.0.0; extra == 'dev'
+Requires-Dist: pytest>=8.0.0; extra == 'dev'
+Requires-Dist: ruff>=0.4.0; extra == 'dev'
+Provides-Extra: full
+Requires-Dist: structlog>=24.1.0; extra == 'full'
+Provides-Extra: nexus
+Requires-Dist: structlog>=24.1.0; extra == 'nexus'
+Description-Content-Type: text/markdown
+
+<div align="center">
+
+# Agent Hypervisor
+
+**Runtime supervisor for multi-agent Shared Sessions with Execution Rings, Joint Liability, and Saga Orchestration**
+
+[![GitHub Stars](https://img.shields.io/github/stars/imran-siddique/agent-hypervisor?style=social)](https://github.com/imran-siddique/agent-hypervisor/stargazers)
+[![Sponsor](https://img.shields.io/badge/sponsor-%E2%9D%A4%EF%B8%8F-ff69b4)](https://github.com/sponsors/imran-siddique)
+[![CI](https://github.com/imran-siddique/agent-hypervisor/actions/workflows/ci.yml/badge.svg)](https://github.com/imran-siddique/agent-hypervisor/actions)
+[![Tests](https://img.shields.io/badge/tests-326%20passing-brightgreen)](https://github.com/imran-siddique/agent-hypervisor)
+[![Benchmark](https://img.shields.io/badge/latency-268%CE%BCs%20pipeline-orange)](benchmarks/)
+[![Python](https://img.shields.io/badge/python-3.11%2B-blue)](https://pypi.org/project/agent-hypervisor/)
+[![License](https://img.shields.io/badge/license-MIT-green)](LICENSE)
+[![Discussions](https://img.shields.io/github/discussions/imran-siddique/agent-hypervisor)](https://github.com/imran-siddique/agent-hypervisor/discussions)
+
+> :star: **If this project helps you, please star it!** It helps others discover Agent Hypervisor.
+
+> :link: **Part of the Agent Governance Ecosystem** -- Works with [Agent OS](https://github.com/imran-siddique/agent-os) (kernel), [AgentMesh](https://github.com/imran-siddique/agent-mesh) (trust network), and [Agent SRE](https://github.com/imran-siddique/agent-sre) (reliability)
+
+[Quick Start](#quick-start) | [Why a Hypervisor?](#why-a-hypervisor) | [Features](#key-features) | [Performance](#performance) | [Modules](#modules) | [Ecosystem](#ecosystem)
+
+</div>
+
+### Integrated Into Major AI Frameworks
+
+<p align="center">
+  <a href="https://github.com/langgenius/dify-plugins/pull/2060"><img src="https://img.shields.io/badge/Dify-65K_%E2%AD%90_Merged-success?style=flat-square" alt="Dify"></a>
+  <a href="https://github.com/run-llama/llama_index/pull/20644"><img src="https://img.shields.io/badge/LlamaIndex-47K_%E2%AD%90_Merged-success?style=flat-square" alt="LlamaIndex"></a>
+  <a href="https://github.com/nicepkg/awesome-github-copilot/pull/26"><img src="https://img.shields.io/badge/Awesome_Copilot-21.6K_%E2%AD%90_Merged-success?style=flat-square" alt="Awesome Copilot"></a>
+  <a href="https://github.com/microsoft/agent-lightning/pull/478"><img src="https://img.shields.io/badge/Agent--Lightning-15K_%E2%AD%90_Merged-success?style=flat-square" alt="Agent-Lightning"></a>
+  <img src="https://img.shields.io/badge/Open_PRs-25+-blue?style=flat-square" alt="Open PRs">
+  <img src="https://img.shields.io/badge/Framework_Issues-94+-blue?style=flat-square" alt="Issues">
+</p>
+
+## Quick Start
+
+```bash
+pip install agent-hypervisor
+```
+
+```python
+from hypervisor import Hypervisor, SessionConfig, ConsistencyMode
+
+hv = Hypervisor()
+session = await hv.create_session(
+    config=SessionConfig(enable_audit=True),
+    creator_did="did:mesh:admin",
+)
+ring = await hv.join_session(session.sso.session_id, "did:mesh:agent-1", sigma_raw=0.85)
+# → RING_2_STANDARD (trusted agent)
+```
+
+## Why a Hypervisor?
+
+Just as OS hypervisors isolate virtual machines and enforce resource boundaries, the **Agent Hypervisor** isolates AI agent sessions and enforces **governance boundaries**:
+
+| OS Hypervisor | Agent Hypervisor |
+|---------------|-----------------|
+| CPU rings (Ring 0–3) | **Execution Rings** — privilege levels based on trust score (σ_eff) |
+| Process isolation | **Session isolation** — VFS namespacing, DID-bound identity |
+| Memory protection | **Liability protection** — bonded reputation, collateral slashing |
+| System calls | **Saga transactions** — multi-step operations with automatic rollback |
+| Audit logs | **Merkle-chained delta audit** — tamper-evident forensic trail |
+
+## Architecture
+
+```
+┌──────────────────────────────────────────────────────────────┐
+│                      AGENT HYPERVISOR                        │
+│                                                              │
+│  ┌─────────────┐ ┌──────────────┐ ┌────────────────────────┐ │
+│  │   Session    │ │    Ring      │ │   Semantic Saga        │ │
+│  │   Manager    │ │   Enforcer   │ │   Orchestrator         │ │
+│  │             │ │              │ │  ┌──────────────────┐  │ │
+│  │  SSO + VFS  │ │  Ring 0–3    │ │  │ Timeout + Retry  │  │ │
+│  │  Lifecycle  │ │  σ_eff gates │ │  │ Compensation     │  │ │
+│  └──────┬──────┘ └──────┬───────┘ │  │ Escalation       │  │ │
+│         │               │         │  └──────────────────┘  │ │
+│  ┌──────┴──────┐ ┌──────┴───────┐ └────────────┬───────────┘ │
+│  │  Liability  │ │ Reversibility│               │            │
+│  │  Engine     │ │  Registry    │ ┌─────────────┴──────────┐ │
+│  │             │ │              │ │   Delta Audit Engine    │ │
+│  │  Vouch +    │ │  Execute/    │ │                        │ │
+│  │  Bond +     │ │  Undo API    │ │  Merkle Chain + GC     │ │
+│  │  Slash      │ │  Mapping     │ │  Blockchain Commit     │ │
+│  └─────────────┘ └──────────────┘ └────────────────────────┘ │
+└──────────────────────────────────────────────────────────────┘
+         │                │                    │
+┌────────┴────────────────┴────────────────────┴───────────────┐
+│                   AGENT-OS KERNEL LAYER                       │
+│  ┌────────┐ ┌──────┐ ┌──────┐ ┌─────┐ ┌──────────┐          │
+│  │ IATP   │ │ CMVK │ │Nexus │ │CaaS │ │  SCAK    │          │
+│  └────────┘ └──────┘ └──────┘ └─────┘ └──────────┘          │
+└──────────────────────────────────────────────────────────────┘
+```
+
+## Key Features
+
+### 🔐 Execution Rings (Hardware-Inspired Privilege Model)
+
+```
+Ring 0 (Root)       — Hypervisor config & slashing — requires SRE Witness
+Ring 1 (Privileged) — Non-reversible actions — requires σ_eff > 0.95 + consensus
+Ring 2 (Standard)   — Reversible actions — requires σ_eff > 0.60
+Ring 3 (Sandbox)    — Read-only / research — default for unknown agents
+```
+
+Agents are automatically assigned to rings based on their effective trust score. Ring demotion happens in real-time if trust drops.
+
+**v2.0:** Dynamic ring elevation (sudo with TTL), ring breach detection with circuit breakers, ring inheritance for spawned agents.
+
+### 🤝 Joint Liability (Trust as Collateral)
+
+High-trust agents can **vouch** for low-trust agents by bonding a percentage of their reputation:
+
+```
+σ_eff = σ_low + (ω × σ_high_bonded)
+```
+
+If the vouchee violates intent, **both agents are penalized** — the voucher's collateral is slashed. Max exposure limits (default: 80% of σ) prevent over-bonding.
+
+**v2.0:** Shapley-value fault attribution (proportional blame, not binary), quarantine-before-terminate, persistent liability ledger for admission decisions.
+
+### 🔄 Semantic Saga Orchestrator
+
+Multi-step agent transactions with:
+- **Timeout enforcement** — steps that hang are automatically cancelled
+- **Retry with backoff** — transient failures retry with exponential delay
+- **Reverse-order compensation** — on failure, all committed steps are undone
+- **Escalation** — if compensation fails, Joint Liability slashing is triggered
+
+**v2.0:** Parallel fan-out (ALL/MAJORITY/ANY policies), semantic checkpoints for partial replay, declarative YAML/dict DSL.
+
+### 🔒 Session Consistency (NEW in v2.0)
+
+- **Vector clocks** — causal consistency for shared VFS state
+- **Intent locks** — READ/WRITE/EXCLUSIVE with deadlock detection
+- **Isolation levels** — SNAPSHOT, READ_COMMITTED, SERIALIZABLE per saga
+
+### 🛡️ Security (NEW in v2.0)
+
+- **Rate limiting** — token bucket per agent per ring (sandbox: 5 rps, root: 100 rps)
+- **Kill switch** — graceful termination with saga step handoff to substitute agents
+
+### 📡 Observability (NEW in v2.0)
+
+- **Structured event bus** — every hypervisor action emits typed events
+- **Causal trace IDs** — distributed tracing with full delegation tree encoding
+
+### 📋 Delta Audit Engine
+
+Forensic-grade audit trails using:
+- **Semantic diffs** — captures what changed, not full snapshots
+- **Merkle chaining** — each delta references its parent hash (tamper-evident)
+- **Blockchain commitment** — Summary Hash anchored on-chain at session end
+- **Garbage collection** — ephemeral data purged, forensic artifacts retained
+
+## Performance
+
+| Operation | Mean Latency | Throughput |
+|-----------|-------------|------------|
+| Ring computation | **0.3μs** | 3.75M ops/s |
+| Delta audit capture | **27μs** | 26K ops/s |
+| Session lifecycle | **54μs** | 15.7K ops/s |
+| 3-step saga | **151μs** | 5.3K ops/s |
+| **Full governance pipeline** | **268μs** | **2,983 ops/s** |
+
+> Full pipeline = session create + agent join + 3 audit deltas + saga step + terminate with Merkle root
+
+## Installation
+
+```bash
+pip install agent-hypervisor
+```
+
+## Quick Start
+
+```python
+from hypervisor import Hypervisor, SessionConfig, ConsistencyMode
+
+hv = Hypervisor()
+
+# Create a shared session
+session = await hv.create_session(
+    config=SessionConfig(
+        consistency_mode=ConsistencyMode.EVENTUAL,
+        max_participants=5,
+        min_sigma_eff=0.60,
+    ),
+    creator_did="did:mesh:admin",
+)
+
+# Agents join via IATP handshake — ring assigned by trust score
+ring = await hv.join_session(
+    session.sso.session_id,
+    agent_did="did:mesh:agent-alpha",
+    sigma_raw=0.85,
+)
+# → ExecutionRing.RING_2_STANDARD
+
+# Activate and execute
+await hv.activate_session(session.sso.session_id)
+
+# Multi-step saga with automatic compensation
+saga = session.saga.create_saga(session.sso.session_id)
+step = session.saga.add_step(
+    saga.saga_id, "draft_email", "did:mesh:agent-alpha",
+    execute_api="/api/draft", undo_api="/api/undo-draft",
+    timeout_seconds=30, max_retries=2,
+)
+result = await session.saga.execute_step(
+    saga.saga_id, step.step_id, executor=draft_email
+)
+
+# Terminate — returns Merkle root Summary Hash
+merkle_root = await hv.terminate_session(session.sso.session_id)
+```
+
+## Modules
+
+| Module | Description | Tests |
+|--------|-------------|-------|
+| `hypervisor.session` | Shared Session Object lifecycle + VFS | 52 |
+| `hypervisor.rings` | 4-ring privilege + elevation + breach detection | 34 |
+| `hypervisor.liability` | Vouching, slashing, attribution, quarantine, ledger | 39 |
+| `hypervisor.reversibility` | Execute/Undo API registry | 4 |
+| `hypervisor.saga` | Saga orchestrator + fan-out + checkpoints + DSL | 41 |
+| `hypervisor.audit` | Delta engine, Merkle chain, GC, commitment | 10 |
+| `hypervisor.verification` | DID transaction history verification | 4 |
+| `hypervisor.observability` | Event bus, causal trace IDs | 22 |
+| `hypervisor.security` | Rate limiter, kill switch | 16 |
+| `hypervisor.integrations` | Nexus, CMVK, IATP cross-module adapters | -- |
+| **Integration** | End-to-end lifecycle, edge cases, security | **24** |
+| **Scenarios** | Cross-module governance pipelines (7 suites) | **18** |
+| **Total** | | **326** |
+
+## Test Suite
+
+```bash
+# Run all tests
+pytest tests/ -v
+
+# Run only integration tests
+pytest tests/integration/ -v
+
+# Run benchmarks
+python benchmarks/bench_hypervisor.py
+```
+
+## Cross-Module Integrations
+
+The Hypervisor integrates with other Agent-OS modules via adapters in `hypervisor.integrations`:
+
+### Nexus Adapter — Trust-Scored Ring Assignment
+
+```python
+from hypervisor.integrations.nexus_adapter import NexusAdapter
+from nexus.reputation import ReputationEngine
+
+nexus = NexusAdapter(scorer=ReputationEngine())
+sigma = nexus.resolve_sigma("did:mesh:agent-1", history=agent_history)
+# → 0.82 (Nexus 820/1000 normalized)
+
+ring = await hv.join_session(session_id, "did:mesh:agent-1", sigma_raw=sigma)
+# → RING_2_STANDARD
+
+# Report slashing back to Nexus for persistent reputation loss
+nexus.report_slash("did:mesh:agent-1", reason="Behavioral drift", severity="high")
+```
+
+### CMVK Adapter — Behavioral Drift Detection
+
+```python
+from hypervisor.integrations.cmvk_adapter import CMVKAdapter
+
+cmvk = CMVKAdapter(verifier=cmvk_engine)
+result = cmvk.check_behavioral_drift(
+    agent_did="did:mesh:agent-1",
+    session_id=session_id,
+    claimed_embedding=manifest_vector,
+    observed_embedding=output_vector,
+)
+
+if result.should_slash:
+    hv.slashing.slash(...)  # Trigger liability cascade
+```
+
+### IATP Adapter — Capability Manifest Parsing
+
+```python
+from hypervisor.integrations.iatp_adapter import IATPAdapter
+
+iatp = IATPAdapter()
+analysis = iatp.analyze_manifest(manifest)  # or analyze_manifest_dict(dict)
+# → ManifestAnalysis with ring_hint, sigma_hint, actions, reversibility flags
+
+ring = await hv.join_session(
+    session_id, analysis.agent_did,
+    actions=analysis.actions, sigma_raw=analysis.sigma_hint,
+)
+```
+
+## Ecosystem
+
+Agent Hypervisor is part of the **Agent Governance Ecosystem** — four specialized repos that work together:
+
+`
+┌─────────────────────────────────────────────────────────────┐
+│                  Agent Governance Ecosystem                   │
+│                                                               │
+│  ┌──────────────┐  ┌──────────────┐  ┌──────────────────┐   │
+│  │   Agent OS    │  │  Agent Mesh  │  │    Agent SRE     │   │
+│  │  Governance   │  │   Trust      │  │   Reliability    │   │
+│  │  Kernel       │  │   Network    │  │   Platform       │   │
+│  └──────┬───────┘  └──────┬───────┘  └───────┬──────────┘   │
+│         │                 │                   │               │
+│         └─────────┬───────┴───────────┬───────┘               │
+│                   │                   │                       │
+│          ┌────────┴───────────────────┴────────┐              │
+│          │        Agent Hypervisor              │              │
+│          │  Runtime supervisor for all agents   │              │
+│          └──────────────────────────────────────┘              │
+└─────────────────────────────────────────────────────────────┘
+`
+
+| Repo | Role | Stars |
+|------|------|-------|
+| [Agent OS](https://github.com/imran-siddique/agent-os) | Policy enforcement kernel | 1,500+ tests |
+| [Agent Mesh](https://github.com/imran-siddique/agent-mesh) | Cryptographic trust network | 1,400+ tests |
+| [Agent SRE](https://github.com/imran-siddique/agent-sre) | SLO, chaos, cost guardrails | 1,070+ tests |
+| **Agent Hypervisor** | Session isolation & governance runtime | 326 tests |
+
+## Frequently Asked Questions
+
+**Why use a hypervisor for AI agents?**
+Just as OS hypervisors isolate virtual machines and enforce resource boundaries, an agent hypervisor isolates AI agent sessions and enforces governance boundaries. Without isolation, a misbehaving agent in a shared session can corrupt state, escalate privileges, or cascade failures across the entire system.
+
+**How do Execution Rings differ from traditional access control?**
+Traditional access control is static and binary (allowed/denied). Execution Rings are dynamic and graduated -- agents earn ring privileges based on their trust score, can request temporary elevation with TTL (like `sudo`), and are automatically demoted when trust drops. Ring breach detection catches anomalous behavior before damage occurs.
+
+**What happens when a multi-agent saga fails?**
+The Saga Orchestrator triggers reverse-order compensation for all committed steps. For parallel fan-out sagas, the failure policy determines the response: ALL_MUST_SUCCEED compensates if any branch fails, MAJORITY allows minority failures, and ANY succeeds if at least one branch completes. Semantic checkpoints enable partial replay without re-running completed effects.
+
+**How does Shapley-value fault attribution work?**
+When a saga fails, the hypervisor traces the causal DAG and assigns proportional blame: 50% weight to direct cause, 30% to enabling factors, 20% to temporal proximity. This prevents unfairly penalizing agents that merely contributed to but didn't directly cause a failure.
+
+## Contributing
+
+We welcome contributions! Please see our [Contributing Guide](CONTRIBUTING.md) for details.
+
+- :bug: [Report a Bug](https://github.com/imran-siddique/agent-hypervisor/issues/new?labels=bug)
+- :bulb: [Request a Feature](https://github.com/imran-siddique/agent-hypervisor/issues/new?labels=enhancement)
+- :speech_balloon: [Join Discussions](https://github.com/imran-siddique/agent-hypervisor/discussions)
+- Look for issues labeled [`good first issue`](https://github.com/imran-siddique/agent-hypervisor/labels/good%20first%20issue) to get started
+
+## License
+
+MIT -- see [LICENSE](LICENSE).
+
+---
+
+<div align="center">
+
+**[Agent OS](https://github.com/imran-siddique/agent-os)** | **[AgentMesh](https://github.com/imran-siddique/agent-mesh)** | **[Agent SRE](https://github.com/imran-siddique/agent-sre)** | **[Agent Hypervisor](https://github.com/imran-siddique/agent-hypervisor)**
+
+*Built with :heart: for the AI agent governance community*
+
+If Agent Hypervisor helps your work, please consider giving it a :star:
+
+</div>

agent_hypervisor-2.0.0.dist-info/RECORD

@@ -0,0 +1,47 @@
+hypervisor/__init__.py,sha256=twcdt4sicx6yqGmbQ4yYGf6nSxcgS3PV-ThdoxscCFQ,5519
+hypervisor/core.py,sha256=hMx2OSXCKkmh-581snSdXiIgvPXQk6vLV_GPIJA_Sgo,10813
+hypervisor/models.py,sha256=SjozGdcdxHQz5pt_FFwdOIi11A_Tr9juN0nEllZhoRs,3979
+hypervisor/audit/__init__.py,sha256=iAg9-m_phte0upsc9aavMJxSwJOXkCVWs1pPdAjVALg,62
+hypervisor/audit/commitment.py,sha256=3RwAAzb_UIlWpcyZWUW7joSvEL3D2z5kIQokbPh_I5k,2483
+hypervisor/audit/delta.py,sha256=pR6qc24FghdwFKQvpkh1Y0jM3AdQGSdXU75wADxAJ9A,4872
+hypervisor/audit/gc.py,sha256=fsBD9Ae_TkxZ4WVrWbSjJAXqZ4o9TSKIS_P9j_5YnyQ,4751
+hypervisor/integrations/__init__.py,sha256=SKxvdR6sK6YrxTKbHDMlD6w4-75sMlc8X-_-eM10iM4,281
+hypervisor/integrations/cmvk_adapter.py,sha256=BdNoNCZ67BSUwg-Ku1LTKdIueQh7oqZI0IJnji7D7g4,7953
+hypervisor/integrations/iatp_adapter.py,sha256=NJZ7UN9WFoSejeS6sQpa_lTtGcnw327WPvWcG7-qDWA,8938
+hypervisor/integrations/nexus_adapter.py,sha256=f7JrpRwBG_b_RvDqXjeJXrV6Dhln_fSfniuvVsu5JYY,6853
+hypervisor/liability/__init__.py,sha256=c1uPMCXK8oaqCYXIWVauUOnLH1SGb9AGynKZQ8daImQ,4444
+hypervisor/liability/attribution.py,sha256=RCzTqnUoiQYftwesip0-MpQzni6XGXKnX-ymGG4IyEg,7449
+hypervisor/liability/ledger.py,sha256=_tY94mCIVRIJQdj3ammfssEvbC8GbUmIqZkquoFK2N8,6075
+hypervisor/liability/quarantine.py,sha256=TBL35uwhxxJJYBNfBHxEcnLFOTaKnbI58kV-2STTEOA,6092
+hypervisor/liability/slashing.py,sha256=wcfgBDzsc-YvLpXeVcctpZulHCeaD7L2v1II3VrWR5E,4824
+hypervisor/liability/vouching.py,sha256=Daw6hlKNQvJSHjL-xkKxdQJeNcR1glfYDAJkcdQKfIQ,8488
+hypervisor/observability/__init__.py,sha256=URFdmUeCTh1tifgqVED6sCW-oUaDQzrgRH_nqne7fvg,365
+hypervisor/observability/causal_trace.py,sha256=kwtAzHomEM6xwtDx3isJ_LzHgN-QxCO8qbkJ1By7cN4,2290
+hypervisor/observability/event_bus.py,sha256=sKZZWo95aeq59r25PcHTn5C6kcJe2Yq2J_2DN4Vb0gA,7626
+hypervisor/reversibility/__init__.py,sha256=LiPyIMyZLD4QGvUtliTxq13q3hkrqgabFBPQZMWtrJw,33
+hypervisor/reversibility/registry.py,sha256=HEWFtMmjSkJMlbs4WQZqpLcWOoOE12dolgck7PS-7fY,3686
+hypervisor/rings/__init__.py,sha256=lHlnA4TLBPyLQDu0fDGbGE7FsuBeKAuj5UTVfL7C3r0,454
+hypervisor/rings/breach_detector.py,sha256=OWxzj-5e0uNl9gTpvDwvBIV-9GYyMrcX1B_og45QU60,7563
+hypervisor/rings/classifier.py,sha256=aYPMhB12vGlrtrIITc9EBjdwjv7zc3PQL0NFqS7z_s0,2572
+hypervisor/rings/elevation.py,sha256=yF1GPeuBu15q-FgOOCygtByNs15wF7JQp5FrNiw_8Mk,7676
+hypervisor/rings/enforcer.py,sha256=tufNV1rBIQ5vr6E7__Jogp5UTyR6EnYrpRuUtf9ktq4,4811
+hypervisor/saga/__init__.py,sha256=2SSBPHiIqs_JeQ7Ie585IybMBnd4ptM6ufyYBE7oUtI,514
+hypervisor/saga/checkpoint.py,sha256=aOtcTsotGEbGmaCMzAJPd0uFX39be3zhs9Zig0-IMx4,5511
+hypervisor/saga/dsl.py,sha256=ASowPySVgtFG6xSsXct10MBxwyA2_mWbSiVdnAQ97QA,7867
+hypervisor/saga/fan_out.py,sha256=ZC1JeoIKI2cGulu1uj6EHCzNy5v8zjIUHOsFCAsZS2g,6381
+hypervisor/saga/orchestrator.py,sha256=yDAMWo4qnz8LdDoaa8mIjXdnq1hKLc9LYB_DCCX_MLA,7407
+hypervisor/saga/state_machine.py,sha256=GL7-2PRD6nMNSdSe-pJhXiaqHx7Fst1D_R94GcKuUYs,5186
+hypervisor/security/__init__.py,sha256=vJ2XzQzl8qHsgUiJj-qIrZZLct29KZTs1PWvyh0XPJ8,336
+hypervisor/security/kill_switch.py,sha256=F5EbnejjJFGuvvS6RYBLJ_NYPvMjXQhboziMmVPqqHM,5429
+hypervisor/security/rate_limiter.py,sha256=3rwH17hKlonHZgOnESfe8NyNu4V9x-_iankhG5I1g3o,5505
+hypervisor/session/__init__.py,sha256=Rw_fg051sxnu2c9cFCmRxkSDnY37zXx_57-ZrUfGOVk,7090
+hypervisor/session/intent_locks.py,sha256=_XBGz-xXsip9RldMIOzOhsi_Ay6eYRBngBjDxREF2i4,7587
+hypervisor/session/isolation.py,sha256=b-cYsJAM02avNaW26a-FAH9LEzaN_0GAzHwnKj9VUHQ,1886
+hypervisor/session/sso.py,sha256=6RMDHONJuWgxLnSB7DNVvk9RM5uFWRLCZzRQa7O6qcE,8479
+hypervisor/session/vector_clock.py,sha256=wgbjv5H0ADNuxgHay0sg1hlwib8F99Vxl6f-nke1lgk,6103
+hypervisor/verification/__init__.py,sha256=eRLu8pan4WDFtzH3LAec3JmXFTfox2UAohdDMkqmjLI,32
+hypervisor/verification/history.py,sha256=oFV2JP0tFRIelPx0iXWelj7oVZp5Sf-FAW2cw9S93AY,5482
+agent_hypervisor-2.0.0.dist-info/METADATA,sha256=bTi4efeAiujY9ABohiojhKF8vlLuX-OnRWa08v-aVTU,21346
+agent_hypervisor-2.0.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+agent_hypervisor-2.0.0.dist-info/licenses/LICENSE,sha256=f63WV0JQV3G7HARoFf-08d0nw_7e_ZgmTHH4I1B0Zy4,1092
+agent_hypervisor-2.0.0.dist-info/RECORD,,

agent_hypervisor-2.0.0.dist-info/WHEEL

@@ -0,0 +1,4 @@
+Wheel-Version: 1.0
+Generator: hatchling 1.28.0
+Root-Is-Purelib: true
+Tag: py3-none-any

agent_hypervisor-2.0.0.dist-info/licenses/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Imran Siddique
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

hypervisor/__init__.py

@@ -0,0 +1,169 @@
+"""
+Agent Hypervisor v2.0
+
+Runtime supervisor for multi-agent Shared Sessions. Enforces a strict security
+model based on Verified Intent, Joint Liability scoring, hardware-inspired
+Execution Rings, and delta-based forensic audit trails.
+
+The Hypervisor composes existing Agent-OS modules (IATP, CMVK, Nexus, CaaS, SCAK)
+into a unified governance runtime for multi-agent collaboration.
+
+Core Components:
+    - SessionManager: Shared Session Object (SSO) lifecycle
+    - LiabilityEngine: Vouching, bonding, and collateral slashing
+    - RingEnforcer: 4-ring privilege model (Ring 0-3)
+    - ReversibilityRegistry: Execute/Undo API mapping
+    - SagaOrchestrator: Semantic saga with reverse-order compensation
+    - DeltaAuditEngine: Merkle-chained semantic diffs
+
+v2.0 Additions:
+    - Observability: Structured event bus with causal trace IDs
+    - Dynamic Rings: Time-bounded elevation (sudo with TTL), breach detection
+    - Liability: Shapley-value fault attribution, quarantine, persistent ledger
+    - Saga: Parallel fan-out with failure policies, semantic checkpoints, DSL
+    - Session: Vector clocks, intent locks, isolation levels
+    - Security: Per-agent rate limiting, kill switch with saga handoff
+
+Usage:
+    >>> from hypervisor import Hypervisor, SessionConfig, ConsistencyMode
+    >>> hv = Hypervisor()
+    >>> session = await hv.create_session(
+    ...     config=SessionConfig(consistency_mode=ConsistencyMode.EVENTUAL)
+    ... )
+
+Version: 2.0.0
+"""
+
+__version__ = "2.0.0"
+
+# Core models
+from hypervisor.models import (
+    ConsistencyMode,
+    ExecutionRing,
+    ReversibilityLevel,
+    SessionConfig,
+    SessionState,
+)
+
+# Session management
+from hypervisor.session import SharedSessionObject
+from hypervisor.session.sso import SessionVFS, VFSEdit, VFSPermissionError
+from hypervisor.session.vector_clock import VectorClock, VectorClockManager, CausalViolationError
+from hypervisor.session.intent_locks import IntentLockManager, LockIntent, LockContentionError, DeadlockError
+from hypervisor.session.isolation import IsolationLevel
+
+# Liability engine
+from hypervisor.liability.vouching import VouchRecord, VouchingEngine
+from hypervisor.liability.slashing import SlashingEngine
+from hypervisor.liability import LiabilityMatrix
+from hypervisor.liability.attribution import CausalAttributor, AttributionResult
+from hypervisor.liability.quarantine import QuarantineManager, QuarantineReason
+from hypervisor.liability.ledger import LiabilityLedger, LedgerEntryType
+
+# Execution rings
+from hypervisor.rings.enforcer import RingEnforcer
+from hypervisor.rings.classifier import ActionClassifier
+from hypervisor.rings.elevation import RingElevationManager, RingElevation
+from hypervisor.rings.breach_detector import RingBreachDetector, BreachSeverity
+
+# Reversibility
+from hypervisor.reversibility.registry import ReversibilityRegistry
+
+# Saga
+from hypervisor.saga.orchestrator import SagaOrchestrator, SagaTimeoutError
+from hypervisor.saga.state_machine import SagaState, StepState
+from hypervisor.saga.fan_out import FanOutOrchestrator, FanOutPolicy
+from hypervisor.saga.checkpoint import CheckpointManager, SemanticCheckpoint
+from hypervisor.saga.dsl import SagaDSLParser, SagaDefinition
+
+# Audit
+from hypervisor.audit.delta import DeltaEngine
+from hypervisor.audit.commitment import CommitmentEngine
+from hypervisor.audit.gc import EphemeralGC
+
+# Verification
+from hypervisor.verification.history import TransactionHistoryVerifier
+
+# Observability
+from hypervisor.observability.event_bus import HypervisorEventBus, EventType, HypervisorEvent
+from hypervisor.observability.causal_trace import CausalTraceId
+
+# Security
+from hypervisor.security.rate_limiter import AgentRateLimiter, RateLimitExceeded
+from hypervisor.security.kill_switch import KillSwitch, KillResult
+
+# Top-level orchestrator
+from hypervisor.core import Hypervisor
+
+__all__ = [
+    # Version
+    "__version__",
+    # Core
+    "Hypervisor",
+    # Models
+    "ConsistencyMode",
+    "ExecutionRing",
+    "ReversibilityLevel",
+    "SessionConfig",
+    "SessionState",
+    # Session
+    "SharedSessionObject",
+    "SessionVFS",
+    "VFSEdit",
+    "VFSPermissionError",
+    "VectorClock",
+    "VectorClockManager",
+    "CausalViolationError",
+    "IntentLockManager",
+    "LockIntent",
+    "LockContentionError",
+    "DeadlockError",
+    "IsolationLevel",
+    # Liability
+    "VouchRecord",
+    "VouchingEngine",
+    "SlashingEngine",
+    "LiabilityMatrix",
+    "CausalAttributor",
+    "AttributionResult",
+    "QuarantineManager",
+    "QuarantineReason",
+    "LiabilityLedger",
+    "LedgerEntryType",
+    # Rings
+    "RingEnforcer",
+    "ActionClassifier",
+    "RingElevationManager",
+    "RingElevation",
+    "RingBreachDetector",
+    "BreachSeverity",
+    # Reversibility
+    "ReversibilityRegistry",
+    # Saga
+    "SagaOrchestrator",
+    "SagaTimeoutError",
+    "SagaState",
+    "StepState",
+    "FanOutOrchestrator",
+    "FanOutPolicy",
+    "CheckpointManager",
+    "SemanticCheckpoint",
+    "SagaDSLParser",
+    "SagaDefinition",
+    # Audit
+    "DeltaEngine",
+    "CommitmentEngine",
+    "EphemeralGC",
+    # Verification
+    "TransactionHistoryVerifier",
+    # Observability
+    "HypervisorEventBus",
+    "EventType",
+    "HypervisorEvent",
+    "CausalTraceId",
+    # Security
+    "AgentRateLimiter",
+    "RateLimitExceeded",
+    "KillSwitch",
+    "KillResult",
+]

hypervisor/audit/__init__.py

@@ -0,0 +1 @@
+"""Audit subpackage — delta engine, commitment, and GC."""