agmem 0.1.2__py3-none-any.whl → 0.1.3__py3-none-any.whl

memvcs/commands/fsck.py

@@ -66,6 +66,10 @@ class FsckCommand:
         issues_found += ref_issues
         issues_fixed += ref_fixed
 
+        # Cryptographic verification (Merkle + signature)
+        crypto_issues = FsckCommand._check_crypto(repo, args.verbose)
+        issues_found += crypto_issues
+
         # Print summary
         print()
         print("=" * 40)
@@ -195,3 +199,30 @@ class FsckCommand:
             print(f"  Found {issues} ref issues")
 
         return issues, 0
+
+    @staticmethod
+    def _check_crypto(repo, verbose: bool) -> int:
+        """Verify Merkle/signature on branch tips. Returns number of issues."""
+        print("\nChecking commit signatures...")
+        try:
+            from ..core.crypto_verify import verify_commit, load_public_key
+        except ImportError:
+            if verbose:
+                print("  Crypto verification not available")
+            return 0
+        issues = 0
+        pub = load_public_key(repo.mem_dir)
+        for branch in repo.refs.list_branches():
+            ch = repo.refs.get_branch_commit(branch)
+            if not ch:
+                continue
+            ok, err = verify_commit(repo.object_store, ch, public_key_pem=pub, mem_dir=repo.mem_dir)
+            if not ok:
+                issues += 1
+                if verbose:
+                    print(f"  {branch} ({ch[:8]}): {err}")
+        if issues == 0:
+            print("  Commit signatures consistent")
+        else:
+            print(f"  Found {issues} commit(s) with verification issues")
+        return issues

memvcs/commands/garden.py

@@ -38,6 +38,11 @@ class GardenCommand:
             help="LLM provider for summarization (default: none)",
         )
         parser.add_argument("--model", help="LLM model to use (e.g., gpt-3.5-turbo)")
+        parser.add_argument(
+            "--private",
+            action="store_true",
+            help="Use differential privacy (spend epsilon from budget)",
+        )
 
     @staticmethod
     def execute(args) -> int:
@@ -45,6 +50,15 @@ class GardenCommand:
         if code != 0:
             return code
 
+        if getattr(args, "private", False):
+            from ..core.privacy_budget import load_budget, spend_epsilon
+
+            spent, max_eps, _ = load_budget(repo.mem_dir)
+            epsilon_cost = 0.1
+            if not spend_epsilon(repo.mem_dir, epsilon_cost):
+                print(f"Privacy budget exceeded (spent {spent:.2f}, max {max_eps}).")
+                return 1
+
         # Build config
         config = GardenerConfig(
             threshold=args.threshold,

memvcs/commands/gc.py

@@ -0,0 +1,51 @@
+"""
+agmem gc - Garbage collection.
+
+Remove unreachable objects; optionally repack.
+"""
+
+import argparse
+
+from ..commands.base import require_repo
+from ..core.pack import run_gc
+
+
+class GcCommand:
+    """Garbage collect unreachable objects."""
+
+    name = "gc"
+    help = "Remove unreachable objects (garbage collection)"
+
+    @staticmethod
+    def add_arguments(parser: argparse.ArgumentParser):
+        parser.add_argument(
+            "--dry-run",
+            action="store_true",
+            help="Report what would be removed without deleting",
+        )
+        parser.add_argument(
+            "--prune-days",
+            type=int,
+            default=90,
+            metavar="N",
+            help="Consider reflog entries within N days (default 90)",
+        )
+
+    @staticmethod
+    def execute(args) -> int:
+        repo, code = require_repo()
+        if code != 0:
+            return code
+
+        gc_prune_days = getattr(args, "prune_days", 90)
+        deleted, freed = run_gc(
+            repo.mem_dir,
+            repo.object_store,
+            gc_prune_days=gc_prune_days,
+            dry_run=args.dry_run,
+        )
+        if args.dry_run:
+            print(f"Would remove {deleted} unreachable object(s) ({freed} bytes).")
+        else:
+            print(f"Removed {deleted} unreachable object(s) ({freed} bytes reclaimed).")
+        return 0

memvcs/commands/merge.py

@@ -23,6 +23,11 @@ class MergeCommand:
             "--no-commit", action="store_true", help="Perform merge but do not commit"
         )
         parser.add_argument("--abort", action="store_true", help="Abort the current merge")
+        parser.add_argument(
+            "--yes",
+            action="store_true",
+            help="Accept conditionally trusted branch commits without prompting",
+        )
 
     @staticmethod
     def execute(args) -> int:
@@ -53,6 +58,24 @@ class MergeCommand:
             print(f"Error: Branch '{args.branch}' not found.")
             return 1
 
+        # Trust check for branch tip (may be from another agent)
+        other_commit_hash = repo.refs.get_branch_commit(args.branch)
+        if other_commit_hash:
+            from ..core.objects import Commit
+            from ..core.trust import find_verifying_key, get_trust_level
+
+            other_commit = Commit.load(repo.object_store, other_commit_hash)
+            if other_commit and other_commit.metadata:
+                key_pem = find_verifying_key(repo.mem_dir, other_commit.metadata)
+                if key_pem is not None:
+                    level = get_trust_level(repo.mem_dir, key_pem)
+                    if level == "untrusted":
+                        print(f"Merge blocked: branch '{args.branch}' signed by untrusted key.")
+                        return 1
+                    if level == "conditional" and not getattr(args, "yes", False):
+                        print("Branch signed by conditionally trusted key. Use --yes to merge.")
+                        return 1
+
         # Perform merge
         engine = MergeEngine(repo)
         result = engine.merge(args.branch, message=args.message)
@@ -61,16 +84,47 @@ class MergeCommand:
             print(f"Merge successful: {result.message}")
             if result.commit_hash:
                 print(f"  Commit: {result.commit_hash[:8]}")
+            try:
+                from ..core.audit import append_audit
+
+                append_audit(
+                    repo.mem_dir, "merge", {"branch": args.branch, "commit": result.commit_hash}
+                )
+            except Exception:
+                pass
             return 0
         else:
             print(f"Merge failed: {result.message}")
 
             if result.conflicts:
+                # Persist conflicts for agmem resolve
+                try:
+                    import json
+
+                    merge_dir = repo.mem_dir / "merge"
+                    merge_dir.mkdir(parents=True, exist_ok=True)
+                    conflicts_data = [
+                        {
+                            "path": c.path,
+                            "message": c.message,
+                            "memory_type": getattr(c, "memory_type", None),
+                            "payload": getattr(c, "payload", None),
+                            "ours_content": c.ours_content,
+                            "theirs_content": c.theirs_content,
+                            "base_content": c.base_content,
+                        }
+                        for c in result.conflicts
+                    ]
+                    (merge_dir / "conflicts.json").write_text(json.dumps(conflicts_data, indent=2))
+                except Exception:
+                    pass
                 print()
                 print("Conflicts:")
                 for conflict in result.conflicts:
                     print(f"  {conflict.path}")
                 print()
-                print("Resolve conflicts and run 'agmem commit' to complete the merge.")
+                print(
+                    "Resolve conflicts with 'agmem resolve' or edit files and run 'agmem commit'."
+                )
 
             return 1

memvcs/commands/prove.py

@@ -0,0 +1,66 @@
+"""
+agmem prove - Generate zero-knowledge proofs (stub).
+
+Prove properties of memory (keyword, freshness) without revealing content.
+"""
+
+import argparse
+from pathlib import Path
+
+from ..commands.base import require_repo
+from ..core.zk_proofs import prove_keyword_containment, prove_memory_freshness
+
+
+class ProveCommand:
+    """Generate zk proofs for memory properties."""
+
+    name = "prove"
+    help = "Prove a property of memory without revealing content (zk stub)"
+
+    @staticmethod
+    def add_arguments(parser: argparse.ArgumentParser):
+        parser.add_argument(
+            "--memory", "-m", required=True, help="Memory file path (under current/)"
+        )
+        parser.add_argument(
+            "--property",
+            "-p",
+            choices=["keyword", "freshness"],
+            required=True,
+            help="Property to prove",
+        )
+        parser.add_argument("--value", "-v", help="Value (e.g. keyword or ISO date)")
+        parser.add_argument("--output", "-o", help="Output proof file path")
+
+    @staticmethod
+    def execute(args) -> int:
+        repo, code = require_repo()
+        if code != 0:
+            return code
+
+        path = repo.current_dir / args.memory
+        if not path.exists():
+            print(f"Memory file not found: {args.memory}")
+            return 1
+
+        out = args.output or "proof.bin"
+        out_path = Path(out)
+        if not out_path.is_absolute():
+            out_path = repo.root / out_path
+
+        if args.property == "keyword":
+            if not args.value:
+                print("--value required for keyword (the keyword)")
+                return 1
+            ok = prove_keyword_containment(path, args.value, out_path)
+        else:
+            if not args.value:
+                print("--value required for freshness (ISO date)")
+                return 1
+            ok = prove_memory_freshness(path, args.value, out_path)
+
+        if not ok:
+            print("Proof generation not yet implemented (zk backend required).")
+            return 1
+        print(f"Proof written to {out_path}")
+        return 0

memvcs/commands/pull.py

@@ -25,6 +25,11 @@ class PullCommand:
             nargs="?",
             help="Branch to pull (default: all)",
         )
+        parser.add_argument(
+            "--yes",
+            action="store_true",
+            help="Accept conditionally trusted remote commits without prompting",
+        )
 
     @staticmethod
     def execute(args) -> int:
@@ -51,6 +56,28 @@ class PullCommand:
                 remote_ref = f"{args.remote}/{current_branch}"
                 remote_hash = repo.resolve_ref(remote_ref)
                 if remote_hash:
+                    from memvcs.core.crypto_verify import verify_commit_optional
+
+                    verify_commit_optional(
+                        repo.object_store, remote_hash, mem_dir=repo.mem_dir, strict=False
+                    )
+                    # Trust check: block or require confirmation for untrusted/conditional
+                    from memvcs.core.objects import Commit
+                    from memvcs.core.trust import find_verifying_key, get_trust_level
+
+                    remote_commit = Commit.load(repo.object_store, remote_hash)
+                    if remote_commit and remote_commit.metadata:
+                        key_pem = find_verifying_key(repo.mem_dir, remote_commit.metadata)
+                        if key_pem is not None:
+                            level = get_trust_level(repo.mem_dir, key_pem)
+                            if level == "untrusted":
+                                print(f"Pull blocked: remote commit signed by untrusted key.")
+                                return 1
+                            if level == "conditional" and not getattr(args, "yes", False):
+                                print(
+                                    "Remote commit from conditionally trusted key. Use --yes to merge."
+                                )
+                                return 1
                     from memvcs.core.merge import MergeEngine
 
                     merge_engine = MergeEngine(repo)

memvcs/commands/resolve.py

@@ -0,0 +1,130 @@
+"""
+agmem resolve - Structured conflict resolution.
+
+Resolve merge conflicts with ours/theirs/both choices; record in audit.
+"""
+
+import argparse
+import json
+from pathlib import Path
+from typing import Optional
+
+from ..commands.base import require_repo
+
+
+def _path_under_current(path_str: str, current_dir: Path) -> Optional[Path]:
+    """Resolve path under current_dir; return None if it escapes (path traversal)."""
+    try:
+        full = (current_dir / path_str).resolve()
+        full.relative_to(current_dir.resolve())
+        return full
+    except (ValueError, RuntimeError):
+        return None
+
+
+def _resolved_content(choice: str, ours: str, theirs: str) -> str:
+    """Return content for choice: ours, theirs, or both (merged)."""
+    if choice == "ours":
+        return ours
+    if choice == "theirs":
+        return theirs
+    return ours.rstrip() + "\n\n--- merged ---\n\n" + theirs
+
+
+class ResolveCommand:
+    """Resolve merge conflicts interactively (ours/theirs/both)."""
+
+    name = "resolve"
+    help = "Resolve merge conflicts (ours / theirs / both)"
+
+    @staticmethod
+    def add_arguments(parser: argparse.ArgumentParser):
+        parser.add_argument(
+            "path",
+            nargs="?",
+            help="Conflict path to resolve (or resolve all if omitted)",
+        )
+        parser.add_argument(
+            "--ours",
+            action="store_true",
+            help="Resolve with our version",
+        )
+        parser.add_argument(
+            "--theirs",
+            action="store_true",
+            help="Resolve with their version",
+        )
+        parser.add_argument(
+            "--both",
+            action="store_true",
+            help="Keep both (append theirs after ours with separator)",
+        )
+
+    @staticmethod
+    def execute(args) -> int:
+        repo, code = require_repo()
+        if code != 0:
+            return code
+
+        merge_dir = repo.mem_dir / "merge"
+        conflicts_file = merge_dir / "conflicts.json"
+        if not conflicts_file.exists():
+            print("No unresolved conflicts.")
+            return 0
+
+        try:
+            conflicts = json.loads(conflicts_file.read_text())
+        except Exception:
+            print("Could not read conflicts file.")
+            return 1
+
+        if not conflicts:
+            print("No unresolved conflicts.")
+            conflicts_file.unlink(missing_ok=True)
+            return 0
+
+        choice = None
+        if args.ours:
+            choice = "ours"
+        elif args.theirs:
+            choice = "theirs"
+        elif args.both:
+            choice = "both"
+
+        resolved = 0
+        remaining = []
+        for c in conflicts:
+            path = c.get("path", "")
+            if args.path and path != args.path:
+                remaining.append(c)
+                continue
+            if choice is None:
+                print(f"Conflict: {path}")
+                print("  Use: agmem resolve <path> --ours | --theirs | --both")
+                remaining.append(c)
+                continue
+            ours_content = c.get("ours_content") or ""
+            theirs_content = c.get("theirs_content") or ""
+            full_path = _path_under_current(path, repo.current_dir)
+            if full_path is None:
+                print(f"Error: Conflict path escapes repository: {path}")
+                remaining.append(c)
+                continue
+            content = _resolved_content(choice, ours_content, theirs_content)
+            full_path.parent.mkdir(parents=True, exist_ok=True)
+            full_path.write_text(content, encoding="utf-8")
+            resolved += 1
+            try:
+                from ..core.audit import append_audit
+
+                append_audit(repo.mem_dir, "resolve", {"path": path, "choice": choice})
+            except Exception:
+                pass
+
+        if remaining:
+            conflicts_file.write_text(json.dumps(remaining, indent=2))
+        else:
+            conflicts_file.unlink(missing_ok=True)
+        if resolved:
+            print(f"Resolved {resolved} conflict(s). Stage and commit to complete.")
+        return 0

memvcs/commands/verify.py

@@ -1,7 +1,7 @@
 """
-agmem verify - Belief consistency checker.
+agmem verify - Belief consistency and cryptographic commit verification.
 
-Scans semantic memories for logical contradictions.
+Scans semantic memories for logical contradictions; optionally verifies commit Merkle/signatures.
 """
 
 import argparse
@@ -12,10 +12,10 @@ from ..core.consistency import ConsistencyChecker, ConsistencyResult
 
 
 class VerifyCommand:
-    """Verify belief consistency of semantic memories."""
+    """Verify belief consistency and/or cryptographic integrity of commits."""
 
     name = "verify"
-    help = "Scan semantic memories for logical contradictions"
+    help = "Scan semantic memories for contradictions; optionally verify commit signatures"
 
     @staticmethod
     def add_arguments(parser: argparse.ArgumentParser):
@@ -23,8 +23,17 @@ class VerifyCommand:
             "--consistency",
             "-c",
             action="store_true",
-            default=True,
-            help="Check for contradictions (default)",
+            help="Check semantic memories for contradictions",
+        )
+        parser.add_argument(
+            "--crypto",
+            action="store_true",
+            help="Verify Merkle tree and signatures for commits",
+        )
+        parser.add_argument(
+            "--ref",
+            metavar="REF",
+            help="Commit or ref to verify (with --crypto); default HEAD",
         )
         parser.add_argument(
             "--llm",
@@ -32,28 +41,70 @@ class VerifyCommand:
             help="Use LLM for triple extraction (requires OpenAI)",
         )
 
+    @staticmethod
+    def _run_crypto_verify(repo, ref: str = None) -> int:
+        """Run cryptographic verification. Returns 0 if all OK, 1 on failure."""
+        from ..core.crypto_verify import verify_commit, load_public_key
+
+        if ref:
+            commit_hash = repo.resolve_ref(ref)
+            if not commit_hash:
+                print(f"Ref not found: {ref}")
+                return 1
+        else:
+            head = repo.refs.get_head()
+            if head["type"] == "branch":
+                commit_hash = repo.refs.get_branch_commit(head["value"])
+            else:
+                commit_hash = head.get("value")
+            if not commit_hash:
+                print("No commit to verify (empty repo).")
+                return 0
+        pub = load_public_key(repo.mem_dir)
+        ok, err = verify_commit(
+            repo.object_store, commit_hash, public_key_pem=pub, mem_dir=repo.mem_dir
+        )
+        if ok:
+            print(f"Commit {commit_hash[:8]} verified (Merkle + signature OK).")
+            return 0
+        print(f"Commit {commit_hash[:8]} verification failed: {err}")
+        return 1
+
     @staticmethod
     def execute(args) -> int:
         repo, code = require_repo()
         if code != 0:
             return code
 
-        checker = ConsistencyChecker(repo, llm_provider="openai" if args.llm else None)
-        result = checker.check(use_llm=args.llm)
+        run_consistency = args.consistency
+        run_crypto = args.crypto
+        if not run_consistency and not run_crypto:
+            run_consistency = True
 
-        print(f"Checked {result.files_checked} semantic file(s)")
-        if result.valid:
-            print("No contradictions found.")
-            return 0
+        exit_code = 0
 
-        print(f"\nFound {len(result.contradictions)} contradiction(s):")
-        for i, c in enumerate(result.contradictions, 1):
-            print(f"\n[{i}] {c.reason}")
-            print(
-                f"    {c.triple1.source}:{c.triple1.line}: {c.triple1.subject} {c.triple1.predicate} {c.triple1.obj}"
-            )
-            print(
-                f"    {c.triple2.source}:{c.triple2.line}: {c.triple2.subject} {c.triple2.predicate} {c.triple2.obj}"
-            )
-        print("\nUse 'agmem repair --strategy confidence' to attempt auto-fix.")
-        return 1
+        if run_crypto:
+            if VerifyCommand._run_crypto_verify(repo, args.ref) != 0:
+                exit_code = 1
+
+        if run_consistency:
+            checker = ConsistencyChecker(repo, llm_provider="openai" if args.llm else None)
+            result = checker.check(use_llm=args.llm)
+
+            print(f"Checked {result.files_checked} semantic file(s)")
+            if result.valid:
+                print("No contradictions found.")
+            else:
+                exit_code = 1
+                print(f"\nFound {len(result.contradictions)} contradiction(s):")
+                for i, c in enumerate(result.contradictions, 1):
+                    print(f"\n[{i}] {c.reason}")
+                    print(
+                        f"    {c.triple1.source}:{c.triple1.line}: {c.triple1.subject} {c.triple1.predicate} {c.triple1.obj}"
+                    )
+                    print(
+                        f"    {c.triple2.source}:{c.triple2.line}: {c.triple2.subject} {c.triple2.predicate} {c.triple2.obj}"
+                    )
+                print("\nUse 'agmem repair --strategy confidence' to attempt auto-fix.")
+
+        return exit_code