agentmesh-platform 1.0.0a1__py3-none-any.whl

agentmesh/__init__.py

@@ -0,0 +1,119 @@
+"""
+AgentMesh - The Secure Nervous System for Cloud-Native Agent Ecosystems
+
+Identity · Trust · Reward · Governance
+
+AgentMesh is the platform built for the Governed Agent Mesh - the cloud-native,
+multi-vendor network of AI agents that will define enterprise operations.
+
+Version: 1.0.0-alpha
+"""
+
+__version__ = "1.0.0-alpha"
+
+# Layer 1: Identity & Zero-Trust Core
+from .identity import (
+    AgentIdentity,
+    AgentDID,
+    IdentityRegistry,
+    Credential,
+    CredentialManager,
+    DelegationChain,
+    DelegationLink,
+    HumanSponsor,
+    SponsorRegistry,
+    RiskScorer,
+    RiskScore,
+    SPIFFEIdentity,
+)
+
+# Layer 2: Trust & Protocol Bridge
+from .trust import (
+    TrustBridge,
+    ProtocolBridge,
+    A2AAdapter,
+    MCPAdapter,
+    TrustHandshake,
+    HandshakeResult,
+    CapabilityScope,
+    CapabilityGrant,
+    CapabilityRegistry,
+)
+
+# Layer 3: Governance & Compliance Plane
+from .governance import (
+    PolicyEngine,
+    Policy,
+    PolicyRule,
+    PolicyResult,
+    ComplianceEngine,
+    ComplianceFramework,
+    ComplianceControl,
+    AuditLog,
+    AuditEntry,
+    MerkleAuditChain,
+    ShadowMode,
+    ShadowResult,
+)
+
+# Layer 4: Reward & Learning Engine
+from .reward import (
+    RewardEngine,
+    TrustScore,
+    RewardDimension,
+    RewardSignal,
+    AdaptiveLearner,
+    WeightOptimizer,
+)
+
+__all__ = [
+    # Version
+    "__version__",
+    
+    # Layer 1: Identity
+    "AgentIdentity",
+    "AgentDID",
+    "IdentityRegistry",
+    "Credential",
+    "CredentialManager",
+    "DelegationChain",
+    "DelegationLink",
+    "HumanSponsor",
+    "SponsorRegistry",
+    "RiskScorer",
+    "RiskScore",
+    "SPIFFEIdentity",
+    
+    # Layer 2: Trust
+    "TrustBridge",
+    "ProtocolBridge",
+    "A2AAdapter",
+    "MCPAdapter",
+    "TrustHandshake",
+    "HandshakeResult",
+    "CapabilityScope",
+    "CapabilityGrant",
+    "CapabilityRegistry",
+    
+    # Layer 3: Governance
+    "PolicyEngine",
+    "Policy",
+    "PolicyRule",
+    "PolicyResult",
+    "ComplianceEngine",
+    "ComplianceFramework",
+    "ComplianceControl",
+    "AuditLog",
+    "AuditEntry",
+    "MerkleAuditChain",
+    "ShadowMode",
+    "ShadowResult",
+    
+    # Layer 4: Reward
+    "RewardEngine",
+    "TrustScore",
+    "RewardDimension",
+    "RewardSignal",
+    "AdaptiveLearner",
+    "WeightOptimizer",
+]

agentmesh/cli/__init__.py

@@ -0,0 +1,10 @@
+"""
+AgentMesh CLI
+
+Command-line interface for AgentMesh.
+Single CLI command: agentmesh init — scaffolds a governed agent in 30 seconds.
+"""
+
+from .main import app, main
+
+__all__ = ["app", "main"]

agentmesh/cli/main.py

@@ -0,0 +1,405 @@
+"""
+AgentMesh CLI - Main Entry Point
+
+Commands:
+- init: Scaffold a governed agent in 30 seconds
+- register: Register an agent with AgentMesh
+- run: Run a governed agent
+- status: Check agent status and trust score
+- audit: View audit logs
+- policy: Manage policies
+"""
+
+import click
+from rich.console import Console
+from rich.table import Table
+from rich.panel import Panel
+from rich import box
+from pathlib import Path
+import json
+import yaml
+import os
+
+console = Console()
+
+
+@click.group()
+@click.version_option(version="1.0.0-alpha")
+def app():
+    """
+    AgentMesh - The Secure Nervous System for Cloud-Native Agent Ecosystems
+    
+    Identity · Trust · Reward · Governance
+    """
+    pass
+
+
+@app.command()
+@click.option("--name", "-n", prompt="Agent name", help="Name of the agent")
+@click.option("--sponsor", "-s", prompt="Sponsor email", help="Human sponsor email")
+@click.option("--output", "-o", default=".", help="Output directory")
+def init(name: str, sponsor: str, output: str):
+    """
+    Initialize a new governed agent in 30 seconds.
+    
+    Creates the scaffolding for a governed agent with identity, trust, and audit built in.
+    """
+    output_path = Path(output)
+    agent_dir = output_path / name
+    
+    console.print(f"\n[bold blue]🚀 Initializing governed agent: {name}[/bold blue]\n")
+    
+    # Create directory structure
+    dirs = [
+        agent_dir,
+        agent_dir / "src",
+        agent_dir / "policies",
+        agent_dir / "tests",
+    ]
+    
+    for d in dirs:
+        d.mkdir(parents=True, exist_ok=True)
+        console.print(f"  [green]✓[/green] Created {d}")
+    
+    # Create agent manifest
+    manifest = {
+        "agent": {
+            "name": name,
+            "version": "0.1.0",
+            "did": f"did:agentmesh:{name}",
+        },
+        "sponsor": {
+            "email": sponsor,
+        },
+        "identity": {
+            "ttl_minutes": 15,
+            "auto_rotate": True,
+        },
+        "trust": {
+            "protocols": ["a2a", "mcp", "iatp"],
+            "min_peer_score": 500,
+        },
+        "governance": {
+            "policies_dir": "policies/",
+            "audit_enabled": True,
+        },
+        "reward": {
+            "dimensions": {
+                "policy_compliance": 0.25,
+                "resource_efficiency": 0.15,
+                "output_quality": 0.20,
+                "security_posture": 0.25,
+                "collaboration_health": 0.15,
+            },
+        },
+    }
+    
+    manifest_path = agent_dir / "agentmesh.yaml"
+    with open(manifest_path, "w") as f:
+        yaml.dump(manifest, f, default_flow_style=False)
+    console.print(f"  [green]✓[/green] Created {manifest_path}")
+    
+    # Create default policy
+    default_policy = {
+        "policies": [
+            {
+                "id": "default-security",
+                "name": "Default Security Policy",
+                "enabled": True,
+                "rules": [
+                    {
+                        "id": "no-secrets-in-output",
+                        "action": "block",
+                        "conditions": [
+                            "output contains 'password'",
+                            "output contains 'api_key'",
+                            "output contains 'secret'",
+                        ],
+                        "message": "Potential secret detected in output",
+                    },
+                    {
+                        "id": "require-peer-trust",
+                        "action": "block",
+                        "conditions": ["peer_trust_score < 500"],
+                        "message": "Peer trust score below threshold",
+                    },
+                ],
+            }
+        ]
+    }
+    
+    policy_path = agent_dir / "policies" / "default.yaml"
+    with open(policy_path, "w") as f:
+        yaml.dump(default_policy, f, default_flow_style=False)
+    console.print(f"  [green]✓[/green] Created {policy_path}")
+    
+    # Create main agent file
+    agent_code = f'''"""
+{name} - A Governed Agent
+
+This agent is secured by AgentMesh with:
+- Cryptographic identity
+- Trust scoring
+- Policy enforcement
+- Audit logging
+"""
+
+from agentmesh import AgentMesh, AgentIdentity, PolicyEngine
+
+# Initialize AgentMesh
+mesh = AgentMesh.from_config("agentmesh.yaml")
+
+# Create identity
+identity = mesh.create_identity()
+print(f"Agent DID: {{identity.did}}")
+
+# Load policies
+policies = mesh.load_policies()
+print(f"Loaded {{len(policies)}} policies")
+
+# Start the agent
+async def main():
+    """Main agent loop."""
+    async with mesh.run(identity) as agent:
+        # Your agent logic here
+        print(f"Agent {{identity.name}} is running with trust score: {{agent.trust_score}}")
+        
+        # Example: Register capabilities
+        await agent.register_capabilities([
+            "text_processing",
+            "data_analysis",
+        ])
+        
+        # Example: Handle incoming requests
+        async for request in agent.requests():
+            # Policy is automatically enforced
+            # Audit is automatically logged
+            response = await agent.process(request)
+            await agent.respond(response)
+
+
+if __name__ == "__main__":
+    import asyncio
+    asyncio.run(main())
+'''
+    
+    main_path = agent_dir / "src" / "main.py"
+    with open(main_path, "w") as f:
+        f.write(agent_code)
+    console.print(f"  [green]✓[/green] Created {main_path}")
+    
+    # Create pyproject.toml
+    pyproject = f'''[project]
+name = "{name}"
+version = "0.1.0"
+description = "A governed agent secured by AgentMesh"
+requires-python = ">=3.11"
+dependencies = [
+    "agentmesh>=1.0.0",
+]
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+'''
+    
+    pyproject_path = agent_dir / "pyproject.toml"
+    with open(pyproject_path, "w") as f:
+        f.write(pyproject)
+    console.print(f"  [green]✓[/green] Created {pyproject_path}")
+    
+    # Summary
+    console.print()
+    console.print(Panel(
+        f"""[bold green]Agent initialized successfully![/bold green]
+
+[bold]Next steps:[/bold]
+1. cd {agent_dir}
+2. pip install -e .
+3. python src/main.py
+
+[bold]Configuration:[/bold]
+- Edit agentmesh.yaml for agent settings
+- Add policies to policies/ directory
+- Customize src/main.py with your agent logic
+
+[bold]Security:[/bold]
+- Identity TTL: 15 minutes (auto-rotate)
+- Min peer trust score: 500
+- Audit logging: enabled""",
+        title="🛡️ AgentMesh",
+        border_style="green",
+    ))
+
+
+@app.command()
+@click.argument("agent_dir", type=click.Path(exists=True))
+@click.option("--name", "-n", help="Override agent name")
+def register(agent_dir: str, name: str = None):
+    """Register an agent with AgentMesh."""
+    agent_path = Path(agent_dir)
+    manifest_path = agent_path / "agentmesh.yaml"
+    
+    if not manifest_path.exists():
+        console.print("[red]Error: agentmesh.yaml not found. Run 'agentmesh init' first.[/red]")
+        return
+    
+    with open(manifest_path) as f:
+        manifest = yaml.safe_load(f)
+    
+    agent_name = name or manifest["agent"]["name"]
+    
+    console.print(f"\n[bold blue]📝 Registering agent: {agent_name}[/bold blue]\n")
+    
+    # Simulate registration
+    from agentmesh.identity import AgentIdentity
+    identity = AgentIdentity.create(agent_name)
+    
+    console.print(f"  [green]✓[/green] Generated identity: {identity.did}")
+    console.print(f"  [green]✓[/green] Public key: {identity.public_key[:32]}...")
+    console.print(f"  [green]✓[/green] Registered with AgentMesh CA")
+    console.print()
+    
+    # Save identity
+    identity_file = agent_path / ".agentmesh" / "identity.json"
+    identity_file.parent.mkdir(parents=True, exist_ok=True)
+    
+    with open(identity_file, "w") as f:
+        json.dump({
+            "did": identity.did,
+            "public_key": identity.public_key,
+            "created_at": identity.created_at.isoformat(),
+        }, f, indent=2)
+    
+    console.print(f"[green]Identity saved to {identity_file}[/green]")
+
+
+@app.command()
+@click.argument("agent_dir", type=click.Path(exists=True), default=".")
+def status(agent_dir: str):
+    """Check agent status and trust score."""
+    agent_path = Path(agent_dir)
+    manifest_path = agent_path / "agentmesh.yaml"
+    identity_path = agent_path / ".agentmesh" / "identity.json"
+    
+    console.print(f"\n[bold blue]📊 Agent Status[/bold blue]\n")
+    
+    # Load manifest
+    if manifest_path.exists():
+        with open(manifest_path) as f:
+            manifest = yaml.safe_load(f)
+        
+        console.print(f"  Agent: [bold]{manifest['agent']['name']}[/bold]")
+        console.print(f"  Version: {manifest['agent']['version']}")
+        console.print(f"  Sponsor: {manifest['sponsor']['email']}")
+    else:
+        console.print("  [yellow]No manifest found[/yellow]")
+    
+    console.print()
+    
+    # Load identity
+    if identity_path.exists():
+        with open(identity_path) as f:
+            identity = json.load(f)
+        
+        console.print(f"  [green]✓[/green] Identity: Registered")
+        console.print(f"    DID: {identity['did']}")
+    else:
+        console.print(f"  [yellow]○[/yellow] Identity: Not registered")
+    
+    console.print()
+    
+    # Trust score (simulated)
+    table = Table(title="Trust Score", box=box.ROUNDED)
+    table.add_column("Dimension", style="cyan")
+    table.add_column("Score", justify="right")
+    table.add_column("Trend")
+    
+    table.add_row("Policy Compliance", "85/100", "[green]↑[/green]")
+    table.add_row("Resource Efficiency", "72/100", "[white]→[/white]")
+    table.add_row("Output Quality", "91/100", "[green]↑[/green]")
+    table.add_row("Security Posture", "88/100", "[white]→[/white]")
+    table.add_row("Collaboration Health", "79/100", "[green]↑[/green]")
+    table.add_row("[bold]Total", "[bold]820/1000", "[bold green]Trusted")
+    
+    console.print(table)
+
+
+@app.command()
+@click.argument("policy_file", type=click.Path(exists=True))
+@click.option("--validate", is_flag=True, help="Validate policy only")
+def policy(policy_file: str, validate: bool):
+    """Load and validate a policy file."""
+    console.print(f"\n[bold blue]📜 Policy: {policy_file}[/bold blue]\n")
+    
+    try:
+        with open(policy_file) as f:
+            if policy_file.endswith(".yaml") or policy_file.endswith(".yml"):
+                policy_data = yaml.safe_load(f)
+            else:
+                policy_data = json.load(f)
+        
+        from agentmesh.governance import PolicyEngine
+        engine = PolicyEngine()
+        
+        policies = policy_data.get("policies", [])
+        for p in policies:
+            engine.load_policy(p)
+            console.print(f"  [green]✓[/green] Loaded: {p['name']} ({len(p.get('rules', []))} rules)")
+        
+        console.print(f"\n[green]Successfully loaded {len(policies)} policies[/green]")
+        
+    except Exception as e:
+        console.print(f"[red]Error: {e}[/red]")
+
+
+@app.command()
+@click.option("--agent", "-a", help="Filter by agent DID")
+@click.option("--limit", "-l", default=20, help="Number of entries")
+@click.option("--format", "fmt", type=click.Choice(["table", "json"]), default="table")
+def audit(agent: str, limit: int, fmt: str):
+    """View audit logs."""
+    console.print(f"\n[bold blue]📋 Audit Log[/bold blue]\n")
+    
+    # Simulated audit entries
+    entries = [
+        {"timestamp": "2026-01-31T10:15:00Z", "agent": "agent-1", "action": "credential_issued", "status": "success"},
+        {"timestamp": "2026-01-31T10:14:30Z", "agent": "agent-1", "action": "policy_check", "status": "allowed"},
+        {"timestamp": "2026-01-31T10:14:00Z", "agent": "agent-2", "action": "handshake", "status": "success"},
+        {"timestamp": "2026-01-31T10:13:00Z", "agent": "agent-1", "action": "tool_call", "status": "allowed"},
+        {"timestamp": "2026-01-31T10:12:00Z", "agent": "agent-3", "action": "policy_check", "status": "blocked"},
+    ]
+    
+    if agent:
+        entries = [e for e in entries if e["agent"] == agent]
+    
+    entries = entries[:limit]
+    
+    if fmt == "json":
+        console.print(json.dumps(entries, indent=2))
+    else:
+        table = Table(box=box.SIMPLE)
+        table.add_column("Timestamp", style="dim")
+        table.add_column("Agent")
+        table.add_column("Action")
+        table.add_column("Status")
+        
+        for entry in entries:
+            status_style = "green" if entry["status"] in ["success", "allowed"] else "red"
+            table.add_row(
+                entry["timestamp"],
+                entry["agent"],
+                entry["action"],
+                f"[{status_style}]{entry['status']}[/{status_style}]",
+            )
+        
+        console.print(table)
+
+
+def main():
+    """Main entry point."""
+    app()
+
+
+if __name__ == "__main__":
+    main()

agentmesh/governance/__init__.py

@@ -0,0 +1,26 @@
+"""
+Governance & Compliance Plane (Layer 3)
+
+Declarative policy engine with automated compliance mapping.
+Tamper-evident audit logs with Merkle-chain hashing.
+"""
+
+from .policy import PolicyEngine, Policy, PolicyRule, PolicyDecision
+from .compliance import ComplianceEngine, ComplianceFramework, ComplianceReport
+from .audit import AuditLog, AuditEntry, MerkleAuditChain
+from .shadow import ShadowMode, ShadowResult
+
+__all__ = [
+    "PolicyEngine",
+    "Policy",
+    "PolicyRule",
+    "PolicyDecision",
+    "ComplianceEngine",
+    "ComplianceFramework",
+    "ComplianceReport",
+    "AuditLog",
+    "AuditEntry",
+    "MerkleAuditChain",
+    "ShadowMode",
+    "ShadowResult",
+]