aion-protocol 2.0.0__tar.gz

aion_protocol-2.0.0/PKG-INFO

@@ -0,0 +1,91 @@
+Metadata-Version: 2.4
+Name: aion-protocol
+Version: 2.0.0
+Summary: Immutable Authority Infrastructure for Autonomous AI Agents
+Author: Sourabh Ranjan
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+
+# AION Protocol
+
+Immutable Authority Infrastructure for Autonomous AI Agents.
+
+Before any AI agent can act in the world — it must be authorized.
+AION issues, enforces, and immutably logs that authority.
+
+---
+
+## The Problem
+
+AI agents are acting without permission systems.
+They send emails, execute code, move data — with no cryptographic proof of who authorized them.
+This is the core unsolved problem of the Autonomous AI Agent era.
+
+---
+
+## What AION Does
+
+1. **Issue** — a signed authority token is created with scope + expiry
+2. **Enforce** — agent must present token before acting
+3. **Audit** — every action is immutably logged with hash chaining
+
+No token = no action. Simple.
+
+---
+
+## Install
+
+pip install aion-protocol
+
+---
+
+## Quickstart
+
+Issue a token:
+aion issue ops.read
+
+Enforce it:
+aion enforce <jti> ops.read
+
+Revoke it:
+aion revoke <jti>
+
+---
+
+## REST API
+
+Start the server:
+uvicorn aion.api:app --reload
+
+Endpoints:
+POST /issue
+POST /enforce
+GET  /verify/{jti}
+POST /revoke/{jti}
+GET  /health
+
+API docs: http://127.0.0.1:8000/docs
+
+---
+
+## What AION Prevents
+
+- Agents acting without permission
+- Replay attacks — consumed tokens are blocked
+- Scope escalation — ops.read cannot enforce ops.write
+- Silent actions — every action is logged
+
+---
+
+## Built For
+
+The Autonomous AI Agent era.
+When millions of agents act in the world — authority infrastructure is not optional.
+
+---
+
+## Status
+
+v2.0 — SQLite storage, REST API, 3 tests passing.
+
+GitHub: https://github.com/Sourabh1845/aion-protocol

aion_protocol-2.0.0/README.md

@@ -0,0 +1,83 @@
+# AION Protocol
+
+Immutable Authority Infrastructure for Autonomous AI Agents.
+
+Before any AI agent can act in the world — it must be authorized.
+AION issues, enforces, and immutably logs that authority.
+
+---
+
+## The Problem
+
+AI agents are acting without permission systems.
+They send emails, execute code, move data — with no cryptographic proof of who authorized them.
+This is the core unsolved problem of the Autonomous AI Agent era.
+
+---
+
+## What AION Does
+
+1. **Issue** — a signed authority token is created with scope + expiry
+2. **Enforce** — agent must present token before acting
+3. **Audit** — every action is immutably logged with hash chaining
+
+No token = no action. Simple.
+
+---
+
+## Install
+
+pip install aion-protocol
+
+---
+
+## Quickstart
+
+Issue a token:
+aion issue ops.read
+
+Enforce it:
+aion enforce <jti> ops.read
+
+Revoke it:
+aion revoke <jti>
+
+---
+
+## REST API
+
+Start the server:
+uvicorn aion.api:app --reload
+
+Endpoints:
+POST /issue
+POST /enforce
+GET  /verify/{jti}
+POST /revoke/{jti}
+GET  /health
+
+API docs: http://127.0.0.1:8000/docs
+
+---
+
+## What AION Prevents
+
+- Agents acting without permission
+- Replay attacks — consumed tokens are blocked
+- Scope escalation — ops.read cannot enforce ops.write
+- Silent actions — every action is logged
+
+---
+
+## Built For
+
+The Autonomous AI Agent era.
+When millions of agents act in the world — authority infrastructure is not optional.
+
+---
+
+## Status
+
+v2.0 — SQLite storage, REST API, 3 tests passing.
+
+GitHub: https://github.com/Sourabh1845/aion-protocol

aion_protocol-2.0.0/aion/__init__.py

@@ -0,0 +1,2 @@
+__version__ = "2.0.0"
+__author__ = "Sourabh Ranjan"

aion_protocol-2.0.0/aion/api.py

@@ -0,0 +1,34 @@
+from fastapi import FastAPI
+from pydantic import BaseModel
+from aion.authority import issue, verify, revoke
+from aion.enforce import enforce
+
+app = FastAPI(title="AION Protocol", version="2.0.0")
+
+class IssueRequest(BaseModel):
+    scope: str
+    issuer: str = "root.system"
+
+class EnforceRequest(BaseModel):
+    jti: str
+    scope: str
+
+@app.post("/issue")
+def issue_authority(req: IssueRequest):
+    return issue(req.scope, issuer=req.issuer)
+
+@app.post("/enforce")
+def enforce_authority(req: EnforceRequest):
+    return enforce(req.jti, req.scope)
+
+@app.get("/verify/{jti}")
+def verify_authority(jti: str, scope: str):
+    return verify(jti, scope)
+
+@app.post("/revoke/{jti}")
+def revoke_authority(jti: str):
+    return revoke(jti)
+
+@app.get("/health")
+def health():
+    return {"status": "AION is running"}

aion_protocol-2.0.0/aion/audit.py

@@ -0,0 +1,30 @@
+import json
+import hashlib
+from datetime import datetime, timezone
+from pathlib import Path
+
+AUDIT_FILE = Path(__file__).parent.parent / "storage" / "audit_log.json"
+
+def _hash_record(record):
+    payload = json.dumps(record, sort_keys=True).encode()
+    return hashlib.sha256(payload).hexdigest()
+
+def log(event_type, payload):
+    AUDIT_FILE.parent.mkdir(exist_ok=True)
+
+    if AUDIT_FILE.exists():
+        data = json.loads(AUDIT_FILE.read_text())
+    else:
+        data = []
+
+    prev_hash = data[-1]["hash"] if data else "GENESIS"
+
+    record = {
+        "timestamp": datetime.now(timezone.utc).isoformat(),
+        "event": event_type,
+        "payload": payload,
+        "prev_hash": prev_hash,
+    }
+    record["hash"] = _hash_record(record)
+    data.append(record)
+    AUDIT_FILE.write_text(json.dumps(data, indent=2))

aion_protocol-2.0.0/aion/authority.py

@@ -0,0 +1,50 @@
+import uuid
+from datetime import datetime, timedelta, timezone
+from aion.store import save_authority, get_authority, mark_consumed, revoke_authority
+from aion.audit import log
+
+TTL_SECONDS = 300
+
+def issue(scope, parent=None, policy=None, issuer="root.system"):
+    now = datetime.now(timezone.utc)
+    auth = {
+        "jti": str(uuid.uuid4()),
+        "issuer": issuer,
+        "scope": scope,
+        "parent": parent,
+        "policy": policy or {},
+        "issued_at": now.isoformat(),
+        "expires_at": (now + timedelta(seconds=TTL_SECONDS)).isoformat(),
+        "consumed": False,
+        "revoked": False,
+    }
+    save_authority(auth)
+    log("ISSUE", auth)
+    return auth
+
+def verify(jti, scope):
+    auth = get_authority(jti)
+
+    if not auth:
+        return {"error": "NOT_FOUND"}
+    if auth["revoked"]:
+        log("VERIFY_FAIL", {"jti": jti, "reason": "REVOKED"})
+        return {"error": "REVOKED"}
+    if auth["consumed"]:
+        log("VERIFY_FAIL", {"jti": jti, "reason": "CONSUMED"})
+        return {"error": "CONSUMED"}
+    if auth["scope"] != scope:
+        log("VERIFY_FAIL", {"jti": jti, "reason": "SCOPE_MISMATCH"})
+        return {"error": "SCOPE_MISMATCH"}
+    if datetime.fromisoformat(auth["expires_at"]) < datetime.now(timezone.utc):
+        log("VERIFY_FAIL", {"jti": jti, "reason": "EXPIRED"})
+        return {"error": "EXPIRED"}
+
+    mark_consumed(jti)
+    log("VERIFY_OK", {"jti": jti, "scope": scope})
+    return {"status": "OK", "jti": jti, "scope": scope}
+
+def revoke(jti):
+    revoke_authority(jti)
+    log("REVOKE", {"jti": jti})
+    return {"status": "REVOKED", "jti": jti}

aion_protocol-2.0.0/aion/cli.py

@@ -0,0 +1,37 @@
+import sys
+import json
+from aion.authority import issue, verify, revoke
+from aion.enforce import enforce
+
+def main():
+    if len(sys.argv) < 2:
+        print("Usage: aion <command> [args]")
+        print("Commands: issue <scope> | verify <jti> <scope> | enforce <jti> <scope> | revoke <jti>")
+        return
+
+    cmd = sys.argv[1]
+
+    if cmd == "issue":
+        scope = sys.argv[2] if len(sys.argv) > 2 else "default"
+        result = issue(scope)
+        print(json.dumps(result, indent=2))
+
+    elif cmd == "verify":
+        jti = sys.argv[2]
+        scope = sys.argv[3]
+        print(json.dumps(verify(jti, scope), indent=2))
+
+    elif cmd == "enforce":
+        jti = sys.argv[2]
+        scope = sys.argv[3]
+        print(json.dumps(enforce(jti, scope), indent=2))
+
+    elif cmd == "revoke":
+        jti = sys.argv[2]
+        print(json.dumps(revoke(jti), indent=2))
+
+    else:
+        print(f"Unknown command: {cmd}")
+
+if __name__ == "__main__":
+    main()

aion_protocol-2.0.0/aion/enforce.py

@@ -0,0 +1,12 @@
+from aion.authority import verify
+from aion.audit import log
+
+def enforce(jti, scope):
+    result = verify(jti, scope)
+
+    if "error" in result:
+        log("ENFORCE_DENY", result)
+        return {"error": "ENFORCEMENT_DENIED", "reason": result}
+
+    log("ENFORCE_ALLOW", result)
+    return {"status": "ENFORCED", "jti": jti, "scope": scope}

aion_protocol-2.0.0/aion/storage.py

@@ -0,0 +1,86 @@
+import sqlite3
+from pathlib import Path
+from datetime import datetime
+
+DB_FILE = Path(__file__).parent.parent / "storage" / "aion.db"
+
+def get_conn():
+    DB_FILE.parent.mkdir(exist_ok=True)
+    return sqlite3.connect(DB_FILE)
+
+def init_db():
+    conn = get_conn()
+    conn.execute("""
+        CREATE TABLE IF NOT EXISTS authorities (
+            jti TEXT PRIMARY KEY,
+            issuer TEXT,
+            scope TEXT,
+            parent TEXT,
+            policy TEXT,
+            issued_at TEXT,
+            expires_at TEXT,
+            consumed INTEGER DEFAULT 0,
+            revoked INTEGER DEFAULT 0
+        )
+    """)
+    conn.execute("""
+        CREATE TABLE IF NOT EXISTS audit_log (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            event TEXT,
+            jti TEXT,
+            scope TEXT,
+            timestamp TEXT,
+            prev_hash TEXT,
+            hash TEXT
+        )
+    """)
+    conn.commit()
+    conn.close()
+
+def insert_authority(auth):
+    import json
+    conn = get_conn()
+    conn.execute("""
+        INSERT INTO authorities VALUES (?,?,?,?,?,?,?,?,?)
+    """, (
+        auth["jti"], auth["issuer"], auth["scope"],
+        auth.get("parent"), json.dumps(auth.get("policy", {})),
+        auth["issued_at"], auth["expires_at"],
+        int(auth["consumed"]), int(auth["revoked"])
+    ))
+    conn.commit()
+    conn.close()
+
+def get_authority(jti):
+    import json
+    conn = get_conn()
+    row = conn.execute(
+        "SELECT * FROM authorities WHERE jti=?", (jti,)
+    ).fetchone()
+    conn.close()
+    if not row:
+        return None
+    return {
+        "jti": row[0], "issuer": row[1], "scope": row[2],
+        "parent": row[3], "policy": json.loads(row[4]),
+        "issued_at": row[5], "expires_at": row[6],
+        "consumed": bool(row[7]), "revoked": bool(row[8])
+    }
+
+def mark_consumed(jti):
+    conn = get_conn()
+    conn.execute(
+        "UPDATE authorities SET consumed=1 WHERE jti=?", (jti,)
+    )
+    conn.commit()
+    conn.close()
+
+def revoke_authority(jti):
+    conn = get_conn()
+    conn.execute(
+        "UPDATE authorities SET revoked=1 WHERE jti=?", (jti,)
+    )
+    conn.commit()
+    conn.close()
+
+init_db()

aion_protocol-2.0.0/aion/store.py

@@ -0,0 +1,6 @@
+from aion.storage import (
+    get_authority,
+    insert_authority as save_authority,
+    mark_consumed,
+    revoke_authority
+)

aion_protocol-2.0.0/aion_protocol.egg-info/PKG-INFO

@@ -0,0 +1,91 @@
+Metadata-Version: 2.4
+Name: aion-protocol
+Version: 2.0.0
+Summary: Immutable Authority Infrastructure for Autonomous AI Agents
+Author: Sourabh Ranjan
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+
+# AION Protocol
+
+Immutable Authority Infrastructure for Autonomous AI Agents.
+
+Before any AI agent can act in the world — it must be authorized.
+AION issues, enforces, and immutably logs that authority.
+
+---
+
+## The Problem
+
+AI agents are acting without permission systems.
+They send emails, execute code, move data — with no cryptographic proof of who authorized them.
+This is the core unsolved problem of the Autonomous AI Agent era.
+
+---
+
+## What AION Does
+
+1. **Issue** — a signed authority token is created with scope + expiry
+2. **Enforce** — agent must present token before acting
+3. **Audit** — every action is immutably logged with hash chaining
+
+No token = no action. Simple.
+
+---
+
+## Install
+
+pip install aion-protocol
+
+---
+
+## Quickstart
+
+Issue a token:
+aion issue ops.read
+
+Enforce it:
+aion enforce <jti> ops.read
+
+Revoke it:
+aion revoke <jti>
+
+---
+
+## REST API
+
+Start the server:
+uvicorn aion.api:app --reload
+
+Endpoints:
+POST /issue
+POST /enforce
+GET  /verify/{jti}
+POST /revoke/{jti}
+GET  /health
+
+API docs: http://127.0.0.1:8000/docs
+
+---
+
+## What AION Prevents
+
+- Agents acting without permission
+- Replay attacks — consumed tokens are blocked
+- Scope escalation — ops.read cannot enforce ops.write
+- Silent actions — every action is logged
+
+---
+
+## Built For
+
+The Autonomous AI Agent era.
+When millions of agents act in the world — authority infrastructure is not optional.
+
+---
+
+## Status
+
+v2.0 — SQLite storage, REST API, 3 tests passing.
+
+GitHub: https://github.com/Sourabh1845/aion-protocol

aion_protocol-2.0.0/aion_protocol.egg-info/SOURCES.txt

@@ -0,0 +1,18 @@
+README.md
+pyproject.toml
+aion/__init__.py
+aion/api.py
+aion/audit.py
+aion/authority.py
+aion/cli.py
+aion/enforce.py
+aion/storage.py
+aion/store.py
+aion_protocol.egg-info/PKG-INFO
+aion_protocol.egg-info/SOURCES.txt
+aion_protocol.egg-info/dependency_links.txt
+aion_protocol.egg-info/entry_points.txt
+aion_protocol.egg-info/top_level.txt
+tests/test_expiry.py
+tests/test_replay.py
+tests/test_scope.py

aion_protocol-2.0.0/aion_protocol.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

aion_protocol-2.0.0/aion_protocol.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+aion = aion.cli:main

aion_protocol-2.0.0/aion_protocol.egg-info/top_level.txt

@@ -0,0 +1 @@
+aion

aion_protocol-2.0.0/pyproject.toml

@@ -0,0 +1,19 @@
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "aion-protocol"
+version = "2.0.0"
+description = "Immutable Authority Infrastructure for Autonomous AI Agents"
+authors = [{name = "Sourabh Ranjan"}]
+readme = "README.md"
+requires-python = ">=3.10"
+dependencies = []
+
+[project.scripts]
+aion = "aion.cli:main"
+
+[tool.setuptools.packages.find]
+where = ["."]
+include = ["aion*"]

aion_protocol-2.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

aion_protocol-2.0.0/tests/test_expiry.py

@@ -0,0 +1,22 @@
+from aion.authority import issue, verify
+from aion.storage import get_conn
+from datetime import datetime, timezone
+
+def test_expiry():
+    auth = issue("ops.read")
+    jti = auth["jti"]
+    
+    # Manually expire karo
+    conn = get_conn()
+    conn.execute(
+        "UPDATE authorities SET expires_at=? WHERE jti=?",
+        ("2020-01-01T00:00:00+00:00", jti)
+    )
+    conn.commit()
+    conn.close()
+    
+    # Ab verify karo — expired hona chahiye
+    result = verify(jti, "ops.read")
+    assert result["error"] == "EXPIRED"
+    
+    print("Expiry test PASSED")

aion_protocol-2.0.0/tests/test_replay.py

@@ -0,0 +1,15 @@
+from aion.authority import issue, verify
+
+def test_replay_attack():
+    auth = issue("ops.read")
+    jti = auth["jti"]
+    
+    # Pehli baar — pass hona chahiye
+    result1 = verify(jti, "ops.read")
+    assert result1["status"] == "OK"
+    
+    # Doosri baar — block hona chahiye
+    result2 = verify(jti, "ops.read")
+    assert result2["error"] == "CONSUMED"
+    
+    print("Replay attack test PASSED")

aion_protocol-2.0.0/tests/test_scope.py

@@ -0,0 +1,11 @@
+from aion.authority import issue, verify
+
+def test_scope_escalation():
+    auth = issue("ops.read")
+    jti = auth["jti"]
+    
+    # ops.write maangna — block hona chahiye
+    result = verify(jti, "ops.write")
+    assert result["error"] == "SCOPE_MISMATCH"
+    
+    print("Scope escalation test PASSED")