beeq 1.0.0__tar.gz

beeq-1.0.0/PKG-INFO

@@ -0,0 +1,130 @@
+Metadata-Version: 2.4
+Name: beeq
+Version: 1.0.0
+Summary: The first AI hive. One curl. One queen. An army that works.
+Project-URL: Homepage, https://beeq.run
+Project-URL: Documentation, https://beeq.run/docs/
+Project-URL: Repository, https://github.com/ElmadaniS/beeq
+Project-URL: Verify actions, https://beeq.run/verify/
+Author-email: Elmadani SALKA <Elmadani.SALKA@proton.me>
+License: BSL-1.1
+Keywords: aap,agents,ai,beeq,hive,llm,orchestration,queen
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.10
+Requires-Dist: aiohttp>=3.9.0
+Requires-Dist: anthropic>=0.25.0
+Requires-Dist: beautifulsoup4>=4.12.0
+Requires-Dist: click>=8.1.0
+Requires-Dist: cryptography>=42.0.0
+Requires-Dist: fastapi>=0.111.0
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: mcp>=1.0.0
+Requires-Dist: ollama>=0.2.0
+Requires-Dist: openai>=1.30.0
+Requires-Dist: pydantic>=2.7.0
+Requires-Dist: python-dotenv>=1.0.0
+Requires-Dist: rich>=13.7.0
+Requires-Dist: uvicorn>=0.30.0
+Requires-Dist: websockets>=12.0
+Provides-Extra: dev
+Requires-Dist: build; extra == 'dev'
+Requires-Dist: hatchling; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.23; extra == 'dev'
+Requires-Dist: pytest>=7.0; extra == 'dev'
+Requires-Dist: twine; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# BeeQ
+
+**The first AI hive. One curl. One queen. An army that works.**
+
+```bash
+curl -fsSL https://beeq.run/install | bash
+```
+
+```
+BeeQ Hive Status
+┏━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━┓
+┃ Component       ┃ Status            ┃
+┡━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━┩
+│ Queen           │ ready             │
+│ Audit chain     │ valid — 0 entries │
+│ Worker-research │ active            │
+│ Worker-code     │ active            │
+│ Worker-write    │ active            │
+│ Worker-ops      │ active            │
+└─────────────────┴───────────────────┘
+```
+
+Every action signed. Every action traceable.
+Every action reversible. You remain sovereign.
+
+---
+
+## Install
+
+```bash
+# Option 1 — one curl (recommended)
+curl -fsSL https://beeq.run/install | bash
+
+# Option 2 — pip
+pip install beeq
+beeq connect ollama   # or: beeq connect claude --key sk-ant-...
+beeq start
+```
+
+## Usage
+
+```bash
+beeq start                        # start your hive interactively
+beeq mission "prepare my weekly report"   # single mission
+beeq status                       # hive status
+beeq audit                        # view full audit chain
+beeq revoke research              # revoke a worker (LEX §5)
+```
+
+## What makes BeeQ different
+
+| | Others | BeeQ |
+|---|---|---|
+| Agent cryptographic identity | ✗ | ✅ AAP |
+| Signed delegation chain | ✗ | ✅ scope(worker) ⊂ scope(queen) |
+| Tamper-evident audit | ✗ | ✅ hash chain |
+| Physical world (robots/IoT) | ✗ | ✅ NRP |
+| Physical World Rule | ✗ | ✅ Level 4 forbidden |
+| LLM-agnostic | partial | ✅ Claude/OpenAI/Ollama/GGUF |
+| Local-first | ✗ | ✅ your data never leaves |
+| Single curl install | partial | ✅ |
+
+## Architecture
+
+```
+HUMAN  (sovereign — gives mission, validates decisions)
+  ↓
+QUEEN  (orchestrates — decomposes, delegates, reports)
+  ↓
+WORKERS (execute within signed AAP scope)
+  ├─ research   web · APIs · documents
+  ├─ code       files · git · execution
+  ├─ write      emails · articles · reports
+  └─ ops        infrastructure · monitoring
+```
+
+## Governed by
+
+- **LEX** — 11 civilizational laws (MIT)
+- **PHY** — 7 physical laws for embodied agents (MIT)
+- **AAP** — Agent Accountability Protocol (MIT)
+- **NRP** — Node Reach Protocol for physical world (MIT)
+
+## License
+
+BSL-1.1 — Free for individuals, research, open source.
+Commercial use requires a license.
+
+See [beeq.run](https://beeq.run) for details.

beeq-1.0.0/README.md

@@ -0,0 +1,89 @@
+# BeeQ
+
+**The first AI hive. One curl. One queen. An army that works.**
+
+```bash
+curl -fsSL https://beeq.run/install | bash
+```
+
+```
+BeeQ Hive Status
+┏━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━┓
+┃ Component       ┃ Status            ┃
+┡━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━┩
+│ Queen           │ ready             │
+│ Audit chain     │ valid — 0 entries │
+│ Worker-research │ active            │
+│ Worker-code     │ active            │
+│ Worker-write    │ active            │
+│ Worker-ops      │ active            │
+└─────────────────┴───────────────────┘
+```
+
+Every action signed. Every action traceable.
+Every action reversible. You remain sovereign.
+
+---
+
+## Install
+
+```bash
+# Option 1 — one curl (recommended)
+curl -fsSL https://beeq.run/install | bash
+
+# Option 2 — pip
+pip install beeq
+beeq connect ollama   # or: beeq connect claude --key sk-ant-...
+beeq start
+```
+
+## Usage
+
+```bash
+beeq start                        # start your hive interactively
+beeq mission "prepare my weekly report"   # single mission
+beeq status                       # hive status
+beeq audit                        # view full audit chain
+beeq revoke research              # revoke a worker (LEX §5)
+```
+
+## What makes BeeQ different
+
+| | Others | BeeQ |
+|---|---|---|
+| Agent cryptographic identity | ✗ | ✅ AAP |
+| Signed delegation chain | ✗ | ✅ scope(worker) ⊂ scope(queen) |
+| Tamper-evident audit | ✗ | ✅ hash chain |
+| Physical world (robots/IoT) | ✗ | ✅ NRP |
+| Physical World Rule | ✗ | ✅ Level 4 forbidden |
+| LLM-agnostic | partial | ✅ Claude/OpenAI/Ollama/GGUF |
+| Local-first | ✗ | ✅ your data never leaves |
+| Single curl install | partial | ✅ |
+
+## Architecture
+
+```
+HUMAN  (sovereign — gives mission, validates decisions)
+  ↓
+QUEEN  (orchestrates — decomposes, delegates, reports)
+  ↓
+WORKERS (execute within signed AAP scope)
+  ├─ research   web · APIs · documents
+  ├─ code       files · git · execution
+  ├─ write      emails · articles · reports
+  └─ ops        infrastructure · monitoring
+```
+
+## Governed by
+
+- **LEX** — 11 civilizational laws (MIT)
+- **PHY** — 7 physical laws for embodied agents (MIT)
+- **AAP** — Agent Accountability Protocol (MIT)
+- **NRP** — Node Reach Protocol for physical world (MIT)
+
+## License
+
+BSL-1.1 — Free for individuals, research, open source.
+Commercial use requires a license.
+
+See [beeq.run](https://beeq.run) for details.

beeq-1.0.0/beeq/__init__.py

@@ -0,0 +1,22 @@
+"""BeeQ — The First AI Hive."""
+import sys
+import os
+
+# Ensure vendored AAP is available if not installed globally
+_vendor = os.path.join(os.path.dirname(__file__), "_vendor")
+if _vendor not in sys.path:
+    sys.path.insert(0, _vendor)
+
+# Verify AAP is importable
+try:
+    import aap  # noqa: F401
+except ImportError:
+    raise ImportError(
+        "BeeQ requires AAP (Agent Accountability Protocol). "
+        "Please run: pip install aap-protocol\n"
+        "Or it should be bundled — check your installation."
+    )
+
+__version__ = "1.0.0"
+__author__  = "Elmadani SALKA"
+__url__     = "https://beeq.run"

beeq-1.0.0/beeq/_vendor/__init__.py

@@ -0,0 +1,3 @@
+# BeeQ vendored dependencies
+# AAP (Agent Accountability Protocol) — MIT License
+# Bundled to ensure zero external dependency at install time

beeq-1.0.0/beeq/_vendor/aap/__init__.py

@@ -0,0 +1,25 @@
+"""
+AAP — Agent Accountability Protocol
+Python SDK v0.1 — Reference Implementation
+
+https://aap-protocol.dev
+License: MIT
+"""
+from .identity import AAPIdentity, AAPKeyPair
+from .authorization import AAPAuthorization, AuthorizationLevel
+from .provenance import AAPProvenance
+from .audit import AAPAuditChain, AAPAuditEntry
+from .exceptions import (
+    AAPError, AAPValidationError, AAPSignatureError,
+    AAPPhysicalWorldViolation, AAPScopeError, AAPRevocationError
+)
+
+__version__ = "0.1.0"
+__all__ = [
+    "AAPIdentity", "AAPKeyPair",
+    "AAPAuthorization", "AuthorizationLevel",
+    "AAPProvenance",
+    "AAPAuditChain", "AAPAuditEntry",
+    "AAPError", "AAPValidationError", "AAPSignatureError",
+    "AAPPhysicalWorldViolation", "AAPScopeError", "AAPRevocationError",
+]

beeq-1.0.0/beeq/_vendor/aap/audit.py

@@ -0,0 +1,160 @@
+"""AAP AuditChain — tamper-evident append-only log of all agent actions."""
+from __future__ import annotations
+
+import hashlib, json, uuid
+from dataclasses import dataclass, field
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import ClassVar
+
+from .exceptions import AAPChainError, AAPValidationError
+from .identity import _signable, _verify_signature, AAPKeyPair
+
+
+def _hash_entry(entry_dict: dict) -> str:
+    canonical = json.dumps(entry_dict, sort_keys=True, separators=(",", ":")).encode()
+    return f"sha256:{hashlib.sha256(canonical).hexdigest()}"
+
+
+@dataclass
+class AAPAuditEntry:
+    """A single tamper-evident entry in the audit chain."""
+    AAP_VERSION: ClassVar[str] = "0.1"
+
+    entry_id: str
+    prev_hash: str       # sha256:... or "genesis"
+    agent_id: str
+    action: str
+    result: str          # success | failure | blocked | revoked
+    timestamp: datetime
+    provenance_id: str
+    signature: str
+    authorization_level: int = 0
+    physical: bool = False
+    result_detail: str | None = None
+
+    VALID_RESULTS: ClassVar[frozenset] = frozenset({"success", "failure", "blocked", "revoked"})
+
+    def __post_init__(self) -> None:
+        if self.result not in self.VALID_RESULTS:
+            raise AAPValidationError(
+                f"Invalid result: '{self.result}'. Must be one of: {self.VALID_RESULTS}",
+                field="result"
+            )
+
+    def to_dict(self) -> dict:
+        d = {
+            "aap_version": self.AAP_VERSION,
+            "entry_id": self.entry_id,
+            "prev_hash": self.prev_hash,
+            "agent_id": self.agent_id,
+            "action": self.action,
+            "result": self.result,
+            "timestamp": self.timestamp.isoformat(),
+            "provenance_id": self.provenance_id,
+            "authorization_level": self.authorization_level,
+            "physical": self.physical,
+            "signature": self.signature,
+        }
+        if self.result_detail:
+            d["result_detail"] = self.result_detail
+        return d
+
+    @classmethod
+    def from_dict(cls, data: dict) -> "AAPAuditEntry":
+        return cls(
+            entry_id=data["entry_id"],
+            prev_hash=data["prev_hash"],
+            agent_id=data["agent_id"],
+            action=data["action"],
+            result=data["result"],
+            timestamp=datetime.fromisoformat(data["timestamp"]),
+            provenance_id=data["provenance_id"],
+            signature=data["signature"],
+            authorization_level=data.get("authorization_level", 0),
+            physical=data.get("physical", False),
+            result_detail=data.get("result_detail"),
+        )
+
+    def verify_signature(self, agent_public_key: str) -> None:
+        _verify_signature(agent_public_key, _signable(self.to_dict()), self.signature)
+
+
+class AAPAuditChain:
+    """
+    Tamper-evident audit chain.
+    Append-only. Each entry hashes the previous.
+    Tampering any entry breaks all subsequent hashes.
+    """
+
+    def __init__(self, storage_path: Path | None = None) -> None:
+        self._entries: list[AAPAuditEntry] = []
+        self._storage_path = storage_path
+        if storage_path and storage_path.exists():
+            self._load(storage_path)
+
+    def append(
+        self,
+        agent_id: str,
+        action: str,
+        result: str,
+        provenance_id: str,
+        agent_keypair: AAPKeyPair,
+        authorization_level: int = 0,
+        physical: bool = False,
+        result_detail: str | None = None,
+    ) -> AAPAuditEntry:
+        """Append a new entry. Signs it with the agent's key."""
+        prev_hash = self._last_hash()
+        entry = AAPAuditEntry(
+            entry_id=str(uuid.uuid4()),
+            prev_hash=prev_hash,
+            agent_id=agent_id,
+            action=action,
+            result=result,
+            timestamp=datetime.now(timezone.utc),
+            provenance_id=provenance_id,
+            signature="",
+            authorization_level=authorization_level,
+            physical=physical,
+            result_detail=result_detail,
+        )
+        doc = entry.to_dict()
+        entry.signature = agent_keypair.sign(_signable(doc))
+        self._entries.append(entry)
+        if self._storage_path:
+            self._persist(entry)
+        return entry
+
+    def verify(self) -> tuple[bool, int, str | None]:
+        """
+        Verify chain integrity.
+        Returns: (valid, entries_checked, broken_at_entry_id)
+        """
+        prev_hash = "genesis"
+        for i, entry in enumerate(self._entries):
+            expected_prev = prev_hash
+            if entry.prev_hash != expected_prev:
+                return False, i, entry.entry_id
+            prev_hash = _hash_entry(entry.to_dict())
+        return True, len(self._entries), None
+
+    def _last_hash(self) -> str:
+        if not self._entries:
+            return "genesis"
+        return _hash_entry(self._entries[-1].to_dict())
+
+    def to_list(self) -> list[dict]:
+        return [e.to_dict() for e in self._entries]
+
+    def __len__(self) -> int:
+        return len(self._entries)
+
+    def _persist(self, entry: AAPAuditEntry) -> None:
+        with open(self._storage_path, "a") as f:
+            f.write(json.dumps(entry.to_dict()) + "\n")
+
+    def _load(self, path: Path) -> None:
+        for line in path.read_text().splitlines():
+            if line.strip():
+                self._entries.append(AAPAuditEntry.from_dict(json.loads(line)))

beeq-1.0.0/beeq/_vendor/aap/authorization.py

@@ -0,0 +1,149 @@
+"""AAP Authorization — human-granted permission for an agent to act."""
+from __future__ import annotations
+
+import json
+import uuid
+from dataclasses import dataclass, field
+from datetime import datetime, timezone
+from enum import IntEnum
+from typing import ClassVar
+
+from .exceptions import AAPPhysicalWorldViolation, AAPValidationError, AAPRevocationError
+from .identity import _signable, _verify_signature, AAPKeyPair
+
+
+class AuthorizationLevel(IntEnum):
+    OBSERVE    = 0  # Read-only. No side effects.
+    SUGGEST    = 1  # Propose actions. Human executes.
+    ASSISTED   = 2  # Agent executes. Human confirms each action.
+    SUPERVISED = 3  # Agent executes. Human can intervene.
+    AUTONOMOUS = 4  # Agent executes within scope. Full audit required.
+
+    @property
+    def name_str(self) -> str:
+        return self.name.lower()
+
+
+PHYSICAL_MAX_LEVEL = AuthorizationLevel.SUPERVISED
+
+
+@dataclass
+class AAPAuthorization:
+    """
+    Authorization token granting an agent permission to act.
+    Signed by a human supervisor.
+
+    PHYSICAL WORLD RULE: Level 4 (Autonomous) is FORBIDDEN for physical nodes.
+    This is enforced at construction time. It is not configurable.
+    """
+    AAP_VERSION: ClassVar[str] = "0.1"
+
+    agent_id: str
+    level: AuthorizationLevel
+    scope: list[str]
+    granted_by: str          # did:key:z...
+    granted_at: datetime
+    signature: str
+    physical: bool = False
+    expires_at: datetime | None = None
+    session_id: str = field(default_factory=lambda: str(uuid.uuid4()))
+    _revoked: bool = field(default=False, init=False, repr=False)
+
+    def __post_init__(self) -> None:
+        self._enforce_physical_world_rule()
+
+    def _enforce_physical_world_rule(self) -> None:
+        """
+        PHYSICAL WORLD RULE: Autonomous (Level 4) is forbidden for physical nodes.
+        This rule cannot be bypassed, overridden, or configured away.
+        """
+        if self.physical and self.level > PHYSICAL_MAX_LEVEL:
+            raise AAPPhysicalWorldViolation(self.agent_id)
+
+    def revoke(self) -> None:
+        """Revoke this authorization."""
+        self._revoked = True
+
+    @property
+    def is_revoked(self) -> bool:
+        return self._revoked
+
+    def is_expired(self) -> bool:
+        if not self.expires_at:
+            return False
+        return datetime.now(timezone.utc) > self.expires_at
+
+    def is_valid(self) -> bool:
+        return not self.is_revoked and not self.is_expired()
+
+    def check(self) -> None:
+        """Raise if this authorization is not valid."""
+        if self.is_revoked:
+            raise AAPRevocationError(f"Authorization '{self.session_id}' has been revoked")
+        if self.is_expired():
+            raise AAPRevocationError(f"Authorization '{self.session_id}' has expired")
+
+    def to_dict(self) -> dict:
+        d = {
+            "aap_version": self.AAP_VERSION,
+            "agent_id": self.agent_id,
+            "level": int(self.level),
+            "level_name": self.level.name_str,
+            "scope": self.scope,
+            "physical": self.physical,
+            "granted_by": self.granted_by,
+            "granted_at": self.granted_at.isoformat(),
+            "session_id": self.session_id,
+            "signature": self.signature,
+        }
+        if self.expires_at:
+            d["expires_at"] = self.expires_at.isoformat()
+        return d
+
+    @classmethod
+    def from_dict(cls, data: dict) -> "AAPAuthorization":
+        required = {"aap_version", "agent_id", "level", "scope", "granted_by", "granted_at", "signature"}
+        missing = required - set(data.keys())
+        if missing:
+            raise AAPValidationError(f"Missing required fields: {missing}")
+        return cls(
+            agent_id=data["agent_id"],
+            level=AuthorizationLevel(data["level"]),
+            scope=data["scope"],
+            physical=data.get("physical", False),
+            granted_by=data["granted_by"],
+            granted_at=datetime.fromisoformat(data["granted_at"]),
+            signature=data["signature"],
+            session_id=data.get("session_id", str(uuid.uuid4())),
+            expires_at=datetime.fromisoformat(data["expires_at"]) if data.get("expires_at") else None,
+        )
+
+    def verify_signature(self, supervisor_public_key: str) -> None:
+        _verify_signature(supervisor_public_key, _signable(self.to_dict()), self.signature)
+
+    @classmethod
+    def create(
+        cls,
+        agent_id: str,
+        level: AuthorizationLevel,
+        scope: list[str],
+        supervisor_keypair: AAPKeyPair,
+        supervisor_did: str,
+        physical: bool = False,
+        expires_at: datetime | None = None,
+    ) -> "AAPAuthorization":
+        """Create and sign a new authorization. Raises AAPPhysicalWorldViolation if applicable."""
+        now = datetime.now(timezone.utc)
+        auth = cls(
+            agent_id=agent_id,
+            level=level,
+            scope=scope,
+            physical=physical,
+            granted_by=supervisor_did,
+            granted_at=now,
+            signature="",
+            expires_at=expires_at,
+        )
+        doc = auth.to_dict()
+        auth.signature = supervisor_keypair.sign(_signable(doc))
+        return auth

beeq-1.0.0/beeq/_vendor/aap/exceptions.py

@@ -0,0 +1,57 @@
+"""AAP exception hierarchy."""
+
+
+class AAPError(Exception):
+    """Base class for all AAP errors."""
+    code: str = "AAP-000"
+
+    def __init__(self, message: str, field: str | None = None, detail: str | None = None):
+        super().__init__(message)
+        self.field = field
+        self.detail = detail
+
+    def to_dict(self) -> dict:
+        d = {"code": self.code, "message": str(self)}
+        if self.field:
+            d["field"] = self.field
+        if self.detail:
+            d["detail"] = self.detail
+        return d
+
+
+class AAPValidationError(AAPError):
+    """Schema validation failed."""
+    code = "AAP-001"
+
+
+class AAPSignatureError(AAPError):
+    """Cryptographic signature is invalid."""
+    code = "AAP-002"
+
+
+class AAPPhysicalWorldViolation(AAPError):
+    """Physical World Rule violation: Level 4 forbidden for physical nodes."""
+    code = "AAP-003"
+
+    def __init__(self, agent_id: str):
+        super().__init__(
+            f"Physical World Rule: Autonomous (Level 4) is forbidden for physical agent '{agent_id}'. "
+            f"Maximum level for physical nodes is Supervised (Level 3). "
+            f"This rule is not configurable.",
+            field="level"
+        )
+
+
+class AAPScopeError(AAPError):
+    """Action is outside the agent's authorized scope."""
+    code = "AAP-004"
+
+
+class AAPRevocationError(AAPError):
+    """Identity or authorization has been revoked."""
+    code = "AAP-005"
+
+
+class AAPChainError(AAPError):
+    """Audit chain integrity violation."""
+    code = "AAP-006"