agentmesh-platform 1.0.0a1__py3-none-any.whl

agentmesh/trust/bridge.py

@@ -0,0 +1,386 @@
+"""
+Trust Bridge
+
+Unified trust layer across all protocols (A2A, MCP, IATP, ACP).
+Ensures consistent trust model regardless of underlying protocol.
+
+Integrates with agent-os IATP module for trust verification.
+"""
+
+from datetime import datetime
+from typing import Optional, Literal, Any
+from pydantic import BaseModel, Field
+import asyncio
+
+from .handshake import TrustHandshake, HandshakeResult
+from .capability import CapabilityScope
+
+# Import IATP from agent-os (the source of truth for trust protocol)
+try:
+    from modules.iatp import IATPClient, IATPMessage, TrustLevel
+    from modules.nexus import NexusClient, ReputationEngine
+    AGENT_OS_AVAILABLE = True
+except ImportError:
+    # Fallback if agent-os not installed yet (for development)
+    AGENT_OS_AVAILABLE = False
+    IATPClient = None
+    NexusClient = None
+
+
+class PeerInfo(BaseModel):
+    """Information about a peer agent."""
+    
+    peer_did: str
+    peer_name: Optional[str] = None
+    protocol: str  # "a2a", "mcp", "iatp", "acp"
+    
+    # Trust info
+    trust_score: int = Field(default=0, ge=0, le=1000)
+    trust_verified: bool = False
+    last_verified: Optional[datetime] = None
+    
+    # Capabilities
+    capabilities: list[str] = Field(default_factory=list)
+    
+    # Connection info
+    endpoint: Optional[str] = None
+    connected_at: Optional[datetime] = None
+
+
+class TrustBridge(BaseModel):
+    """
+    Unified trust bridge for multi-protocol agent communication.
+    
+    The TrustBridge ensures that regardless of which protocol is used
+    (A2A, MCP, IATP, ACP), trust verification happens consistently.
+    """
+    
+    agent_did: str = Field(..., description="This agent's DID")
+    
+    # Trust thresholds
+    default_trust_threshold: int = Field(default=700, ge=0, le=1000)
+    
+    # Known peers
+    peers: dict[str, PeerInfo] = Field(default_factory=dict)
+    
+    # Handshake handler
+    _handshake: Optional[TrustHandshake] = None
+    
+    model_config = {"arbitrary_types_allowed": True}
+    
+    def __init__(self, **data):
+        super().__init__(**data)
+        self._handshake = TrustHandshake(agent_did=self.agent_did)
+    
+    async def verify_peer(
+        self,
+        peer_did: str,
+        protocol: str = "iatp",
+        required_trust_score: Optional[int] = None,
+        required_capabilities: Optional[list[str]] = None,
+    ) -> HandshakeResult:
+        """
+        Verify a peer before communication.
+        
+        This is the core trust gate - all inter-agent communication
+        must pass through verification.
+        
+        Args:
+            peer_did: The peer's DID
+            protocol: Protocol to use for verification
+            required_trust_score: Minimum trust score required
+            required_capabilities: Capabilities the peer must have
+            
+        Returns:
+            HandshakeResult with verification status
+        """
+        threshold = required_trust_score or self.default_trust_threshold
+        
+        # Perform handshake
+        result = await self._handshake.initiate(
+            peer_did=peer_did,
+            protocol=protocol,
+            required_trust_score=threshold,
+            required_capabilities=required_capabilities,
+        )
+        
+        # Update peer info
+        if result.verified:
+            self.peers[peer_did] = PeerInfo(
+                peer_did=peer_did,
+                peer_name=result.peer_name,
+                protocol=protocol,
+                trust_score=result.trust_score,
+                trust_verified=True,
+                last_verified=datetime.utcnow(),
+                capabilities=result.capabilities,
+            )
+        
+        return result
+    
+    async def is_peer_trusted(
+        self,
+        peer_did: str,
+        required_score: Optional[int] = None,
+    ) -> bool:
+        """Quick check if a peer is trusted."""
+        peer = self.peers.get(peer_did)
+        if not peer or not peer.trust_verified:
+            return False
+        
+        threshold = required_score or self.default_trust_threshold
+        return peer.trust_score >= threshold
+    
+    def get_peer(self, peer_did: str) -> Optional[PeerInfo]:
+        """Get information about a known peer."""
+        return self.peers.get(peer_did)
+    
+    def get_trusted_peers(self, min_score: Optional[int] = None) -> list[PeerInfo]:
+        """Get all peers meeting trust threshold."""
+        threshold = min_score or self.default_trust_threshold
+        return [
+            peer for peer in self.peers.values()
+            if peer.trust_verified and peer.trust_score >= threshold
+        ]
+    
+    async def revoke_peer_trust(self, peer_did: str, reason: str) -> bool:
+        """Revoke trust for a peer."""
+        if peer_did in self.peers:
+            self.peers[peer_did].trust_verified = False
+            self.peers[peer_did].trust_score = 0
+            return True
+        return False
+
+
+class ProtocolBridge(BaseModel):
+    """
+    Protocol translation layer.
+    
+    Translates between A2A, MCP, IATP, and ACP transparently,
+    maintaining trust guarantees across protocol boundaries.
+    """
+    
+    agent_did: str
+    trust_bridge: Optional[TrustBridge] = None
+    
+    # Protocol handlers
+    supported_protocols: list[str] = Field(
+        default=["a2a", "mcp", "iatp", "acp"]
+    )
+    
+    model_config = {"arbitrary_types_allowed": True}
+    
+    def __init__(self, **data):
+        super().__init__(**data)
+        if not self.trust_bridge:
+            self.trust_bridge = TrustBridge(agent_did=self.agent_did)
+    
+    async def send_message(
+        self,
+        peer_did: str,
+        message: Any,
+        source_protocol: str,
+        target_protocol: Optional[str] = None,
+    ) -> Any:
+        """
+        Send a message to a peer, translating protocols if needed.
+        
+        Args:
+            peer_did: Target peer's DID
+            message: Message to send
+            source_protocol: Protocol the message is in
+            target_protocol: Protocol to send as (auto-detect if None)
+        """
+        # Verify trust first
+        if not await self.trust_bridge.is_peer_trusted(peer_did):
+            result = await self.trust_bridge.verify_peer(peer_did, source_protocol)
+            if not result.verified:
+                raise PermissionError(f"Peer not trusted: {peer_did}")
+        
+        peer = self.trust_bridge.get_peer(peer_did)
+        dest_protocol = target_protocol or peer.protocol
+        
+        # Translate if needed
+        if source_protocol != dest_protocol:
+            message = await self._translate(message, source_protocol, dest_protocol)
+        
+        # Send via appropriate handler
+        return await self._send(peer_did, message, dest_protocol)
+    
+    async def _translate(
+        self,
+        message: Any,
+        from_protocol: str,
+        to_protocol: str,
+    ) -> Any:
+        """Translate message between protocols."""
+        # Protocol translation mappings
+        if from_protocol == "a2a" and to_protocol == "mcp":
+            return self._a2a_to_mcp(message)
+        elif from_protocol == "mcp" and to_protocol == "a2a":
+            return self._mcp_to_a2a(message)
+        elif from_protocol == "iatp":
+            # IATP can wrap any protocol
+            return message
+        else:
+            # Default: pass through
+            return message
+    
+    def _a2a_to_mcp(self, message: dict) -> dict:
+        """Convert A2A message to MCP format."""
+        # A2A task -> MCP tool call
+        return {
+            "method": "tools/call",
+            "params": {
+                "name": message.get("task_type", "execute"),
+                "arguments": message.get("parameters", {}),
+            },
+        }
+    
+    def _mcp_to_a2a(self, message: dict) -> dict:
+        """Convert MCP message to A2A format."""
+        # MCP tool call -> A2A task
+        params = message.get("params", {})
+        return {
+            "task_type": params.get("name", "execute"),
+            "parameters": params.get("arguments", {}),
+        }
+    
+    async def _send(self, peer_did: str, message: Any, protocol: str) -> Any:
+        """Send message via protocol handler."""
+        # In production, would dispatch to actual protocol handlers
+        # For now, return a placeholder
+        return {
+            "status": "sent",
+            "peer": peer_did,
+            "protocol": protocol,
+        }
+    
+    def get_protocol_for_peer(self, peer_did: str) -> Optional[str]:
+        """Get the preferred protocol for a peer."""
+        peer = self.trust_bridge.get_peer(peer_did)
+        return peer.protocol if peer else None
+
+
+class A2AAdapter:
+    """
+    Adapter for Google A2A (Agent-to-Agent) protocol.
+    
+    Supports:
+    - Agent Card discovery
+    - Task lifecycle management
+    - Collaboration messaging
+    """
+    
+    def __init__(self, agent_did: str, trust_bridge: TrustBridge):
+        self.agent_did = agent_did
+        self.trust_bridge = trust_bridge
+    
+    async def discover_agent(self, endpoint: str) -> Optional[dict]:
+        """
+        Discover an agent via A2A Agent Card.
+        
+        GET /.well-known/agent.json
+        """
+        # Would make HTTP request in production
+        return {
+            "name": "discovered-agent",
+            "description": "An A2A-compatible agent",
+            "capabilities": ["task/execute"],
+        }
+    
+    async def create_task(
+        self,
+        peer_did: str,
+        task_type: str,
+        parameters: dict,
+    ) -> dict:
+        """Create a task on a peer agent."""
+        # Verify trust
+        if not await self.trust_bridge.is_peer_trusted(peer_did):
+            raise PermissionError("Peer not trusted")
+        
+        return {
+            "task_id": f"task_{peer_did}_{datetime.utcnow().timestamp()}",
+            "status": "created",
+            "type": task_type,
+        }
+    
+    async def get_task_status(self, peer_did: str, task_id: str) -> dict:
+        """Get status of a task."""
+        return {
+            "task_id": task_id,
+            "status": "running",
+        }
+
+
+class MCPAdapter:
+    """
+    Adapter for Anthropic MCP (Model Context Protocol).
+    
+    Supports:
+    - Tool registration
+    - Resource binding
+    - Governed tool invocation
+    
+    All MCP tool calls route through AgentMesh policy engine.
+    """
+    
+    def __init__(self, agent_did: str, trust_bridge: TrustBridge):
+        self.agent_did = agent_did
+        self.trust_bridge = trust_bridge
+        self._registered_tools: dict[str, dict] = {}
+    
+    def register_tool(
+        self,
+        name: str,
+        description: str,
+        input_schema: dict,
+        required_capability: Optional[str] = None,
+    ) -> None:
+        """Register a tool with the MCP adapter."""
+        self._registered_tools[name] = {
+            "name": name,
+            "description": description,
+            "inputSchema": input_schema,
+            "required_capability": required_capability,
+        }
+    
+    async def call_tool(
+        self,
+        peer_did: str,
+        tool_name: str,
+        arguments: dict,
+    ) -> dict:
+        """
+        Call a tool on a peer, with governance.
+        
+        Unlike raw MCP, this:
+        1. Verifies peer trust
+        2. Checks capability scope
+        3. Logs for audit
+        """
+        # Verify trust
+        if not await self.trust_bridge.is_peer_trusted(peer_did):
+            raise PermissionError("Peer not trusted for MCP tool call")
+        
+        peer = self.trust_bridge.get_peer(peer_did)
+        
+        # Check capability if tool requires one
+        tool = self._registered_tools.get(tool_name)
+        if tool and tool.get("required_capability"):
+            if tool["required_capability"] not in peer.capabilities:
+                raise PermissionError(
+                    f"Peer lacks capability: {tool['required_capability']}"
+                )
+        
+        # Execute (would actually call MCP in production)
+        return {
+            "tool": tool_name,
+            "result": "success",
+            "governed": True,
+        }
+    
+    def list_tools(self) -> list[dict]:
+        """List all registered tools."""
+        return list(self._registered_tools.values())

agentmesh/trust/capability.py

@@ -0,0 +1,293 @@
+"""
+Capability Scoping
+
+Capability-scoped credential issuance per tool/resource per agent.
+Agents cannot access any resource not explicitly in their credential scope.
+"""
+
+from datetime import datetime
+from typing import Optional, Literal
+from pydantic import BaseModel, Field
+import hashlib
+import uuid
+
+
+class CapabilityGrant(BaseModel):
+    """
+    A specific capability grant to an agent.
+    
+    Capabilities follow the format: action:resource[:qualifier]
+    Examples:
+    - read:data
+    - write:reports
+    - execute:tools:calculator
+    - admin:*
+    """
+    
+    grant_id: str = Field(default_factory=lambda: f"grant_{uuid.uuid4().hex[:12]}")
+    
+    # Capability specification
+    capability: str = Field(..., description="Capability string (e.g., 'read:data')")
+    action: str = Field(..., description="Action part (e.g., 'read')")
+    resource: str = Field(..., description="Resource part (e.g., 'data')")
+    qualifier: Optional[str] = Field(None, description="Optional qualifier")
+    
+    # Grant metadata
+    granted_to: str = Field(..., description="DID of grantee")
+    granted_by: str = Field(..., description="DID of grantor")
+    
+    # Scope restrictions
+    resource_ids: list[str] = Field(
+        default_factory=list,
+        description="Specific resource IDs this grant applies to"
+    )
+    conditions: dict = Field(
+        default_factory=dict,
+        description="Additional conditions for this grant"
+    )
+    
+    # Timing
+    granted_at: datetime = Field(default_factory=datetime.utcnow)
+    expires_at: Optional[datetime] = Field(None)
+    
+    # Status
+    active: bool = Field(default=True)
+    revoked_at: Optional[datetime] = Field(None)
+    
+    @classmethod
+    def parse_capability(cls, capability: str) -> tuple[str, str, Optional[str]]:
+        """Parse a capability string into components."""
+        parts = capability.split(":")
+        if len(parts) < 2:
+            raise ValueError(f"Invalid capability format: {capability}")
+        
+        action = parts[0]
+        resource = parts[1]
+        qualifier = parts[2] if len(parts) > 2 else None
+        
+        return action, resource, qualifier
+    
+    @classmethod
+    def create(
+        cls,
+        capability: str,
+        granted_to: str,
+        granted_by: str,
+        resource_ids: Optional[list[str]] = None,
+        expires_at: Optional[datetime] = None,
+    ) -> "CapabilityGrant":
+        """Create a new capability grant."""
+        action, resource, qualifier = cls.parse_capability(capability)
+        
+        return cls(
+            capability=capability,
+            action=action,
+            resource=resource,
+            qualifier=qualifier,
+            granted_to=granted_to,
+            granted_by=granted_by,
+            resource_ids=resource_ids or [],
+            expires_at=expires_at,
+        )
+    
+    def is_valid(self) -> bool:
+        """Check if grant is currently valid."""
+        if not self.active:
+            return False
+        if self.expires_at and datetime.utcnow() > self.expires_at:
+            return False
+        return True
+    
+    def matches(self, requested: str, resource_id: Optional[str] = None) -> bool:
+        """
+        Check if this grant satisfies a requested capability.
+        
+        Supports:
+        - Exact match: read:data matches read:data
+        - Wildcard: read:* matches read:data
+        - Resource scoping: if resource_ids set, must match
+        """
+        if not self.is_valid():
+            return False
+        
+        req_action, req_resource, req_qualifier = self.parse_capability(requested)
+        
+        # Check action
+        if self.action != "*" and self.action != req_action:
+            return False
+        
+        # Check resource
+        if self.resource != "*" and self.resource != req_resource:
+            return False
+        
+        # Check qualifier if present
+        if req_qualifier and self.qualifier:
+            if self.qualifier != "*" and self.qualifier != req_qualifier:
+                return False
+        
+        # Check resource ID if scoped
+        if self.resource_ids and resource_id:
+            if resource_id not in self.resource_ids:
+                return False
+        
+        return True
+    
+    def revoke(self) -> None:
+        """Revoke this grant."""
+        self.active = False
+        self.revoked_at = datetime.utcnow()
+
+
+class CapabilityScope(BaseModel):
+    """
+    Complete capability scope for an agent.
+    
+    Aggregates all grants and provides capability checking.
+    """
+    
+    agent_did: str
+    grants: list[CapabilityGrant] = Field(default_factory=list)
+    
+    # Denied capabilities (blocklist)
+    denied: list[str] = Field(default_factory=list)
+    
+    def add_grant(self, grant: CapabilityGrant) -> None:
+        """Add a capability grant."""
+        if grant.granted_to != self.agent_did:
+            raise ValueError("Grant is for different agent")
+        self.grants.append(grant)
+    
+    def has_capability(
+        self,
+        capability: str,
+        resource_id: Optional[str] = None,
+    ) -> bool:
+        """
+        Check if agent has a capability.
+        
+        Checks:
+        1. Not in denied list
+        2. Has matching grant
+        3. Grant is valid (not expired, not revoked)
+        """
+        # Check denied first
+        if capability in self.denied:
+            return False
+        
+        # Check for matching grant
+        for grant in self.grants:
+            if grant.matches(capability, resource_id):
+                return True
+        
+        return False
+    
+    def get_capabilities(self) -> list[str]:
+        """Get list of all active capabilities."""
+        capabilities = set()
+        for grant in self.grants:
+            if grant.is_valid():
+                capabilities.add(grant.capability)
+        return list(capabilities)
+    
+    def filter_capabilities(self, requested: list[str]) -> list[str]:
+        """Filter a list of requested capabilities to only those allowed."""
+        return [cap for cap in requested if self.has_capability(cap)]
+    
+    def deny(self, capability: str) -> None:
+        """Add a capability to the deny list."""
+        if capability not in self.denied:
+            self.denied.append(capability)
+    
+    def revoke_all(self) -> int:
+        """Revoke all grants. Returns count of revoked grants."""
+        count = 0
+        for grant in self.grants:
+            if grant.active:
+                grant.revoke()
+                count += 1
+        return count
+    
+    def revoke_from(self, grantor_did: str) -> int:
+        """Revoke all grants from a specific grantor."""
+        count = 0
+        for grant in self.grants:
+            if grant.active and grant.granted_by == grantor_did:
+                grant.revoke()
+                count += 1
+        return count
+    
+    def cleanup_expired(self) -> int:
+        """Remove expired and revoked grants. Returns count removed."""
+        before = len(self.grants)
+        self.grants = [g for g in self.grants if g.is_valid()]
+        return before - len(self.grants)
+
+
+class CapabilityRegistry:
+    """
+    Central registry for capability grants.
+    
+    Tracks who has what capabilities across the mesh.
+    """
+    
+    def __init__(self):
+        self._scopes: dict[str, CapabilityScope] = {}
+        self._grants_by_grantor: dict[str, list[str]] = {}  # grantor -> [grant_ids]
+    
+    def get_scope(self, agent_did: str) -> CapabilityScope:
+        """Get or create capability scope for an agent."""
+        if agent_did not in self._scopes:
+            self._scopes[agent_did] = CapabilityScope(agent_did=agent_did)
+        return self._scopes[agent_did]
+    
+    def grant(
+        self,
+        capability: str,
+        to_agent: str,
+        from_agent: str,
+        resource_ids: Optional[list[str]] = None,
+    ) -> CapabilityGrant:
+        """Grant a capability to an agent."""
+        grant = CapabilityGrant.create(
+            capability=capability,
+            granted_to=to_agent,
+            granted_by=from_agent,
+            resource_ids=resource_ids,
+        )
+        
+        scope = self.get_scope(to_agent)
+        scope.add_grant(grant)
+        
+        # Track by grantor
+        if from_agent not in self._grants_by_grantor:
+            self._grants_by_grantor[from_agent] = []
+        self._grants_by_grantor[from_agent].append(grant.grant_id)
+        
+        return grant
+    
+    def check(
+        self,
+        agent_did: str,
+        capability: str,
+        resource_id: Optional[str] = None,
+    ) -> bool:
+        """Check if an agent has a capability."""
+        scope = self._scopes.get(agent_did)
+        if not scope:
+            return False
+        return scope.has_capability(capability, resource_id)
+    
+    def revoke_all_from(self, grantor_did: str) -> int:
+        """Revoke all grants made by a grantor (e.g., when grantor is compromised)."""
+        count = 0
+        for scope in self._scopes.values():
+            count += scope.revoke_from(grantor_did)
+        return count
+    
+    def get_agents_with_capability(self, capability: str) -> list[str]:
+        """Get all agents that have a specific capability."""
+        result = []
+        for agent_did, scope in self._scopes.items():
+            if scope.has_capability(capability):
+                result.append(agent_did)
+        return result