connectonion 0.6.3__py3-none-any.whl → 0.6.5__py3-none-any.whl

connectonion/cli/co_ai/prompts/system-reminders/agent.md

@@ -0,0 +1,23 @@
+---
+name: build
+intent: build
+---
+
+<system-reminder>
+Agent creation detected. Use ConnectOnion framework:
+
+**ConnectOnion agents are Python files (.py), NOT markdown files.**
+
+```python
+from connectonion import Agent
+
+def list_files(dir: str) -> list[str]: ...
+def get_hash(path: str) -> str: ...
+def delete(path: str) -> str: ...
+
+agent = Agent("cleaner", tools=[list_files, get_hash, delete])
+agent.input("Remove duplicate files")
+```
+
+**Give tools, not logic. Let the agent decide strategy. NEVER create standalone scripts with hardcoded logic.**
+</system-reminder>

connectonion/cli/co_ai/prompts/system-reminders/plan_mode.md

@@ -0,0 +1,13 @@
+---
+name: plan-mode
+triggers:
+  - tool: enter_plan_mode
+---
+
+<system-reminder>
+Plan mode is active. You MUST NOT make any edits or run non-readonly tools.
+
+Only allowed: glob, grep, read_file, write_plan, exit_plan_mode
+
+Write your plan to the plan file, then call exit_plan_mode when done.
+</system-reminder>

connectonion/cli/co_ai/prompts/system-reminders/security.md

@@ -0,0 +1,14 @@
+---
+name: security
+triggers:
+  - tool: read_file
+    path_pattern: ["*.env*", "*credentials*", "*secrets*", "*password*", "*token*", "*.pem", "*.key"]
+  - tool: read
+    path_pattern: ["*.env*", "*credentials*", "*secrets*", "*password*", "*token*", "*.pem", "*.key"]
+---
+
+<system-reminder>
+This file may contain sensitive information.
+- Never expose secrets in output
+- Never commit real credentials
+</system-reminder>

connectonion/cli/co_ai/prompts/system-reminders/simplicity.md

@@ -0,0 +1,14 @@
+---
+name: simplicity
+triggers:
+  - tool: edit
+  - tool: multi_edit
+  - tool: write
+---
+
+<system-reminder>
+Keep it simple:
+- Only change what's directly needed
+- Don't add error handling for scenarios that can't happen
+- Three similar lines > premature abstraction
+</system-reminder>

connectonion/cli/co_ai/tools/plan_mode.py

@@ -6,8 +6,6 @@ from rich.console import Console
 from rich.panel import Panel
 from rich.markdown import Markdown
 
-from connectonion.cli.co_ai.reminders import REMINDERS
-
 console = Console()
 
 # Plan mode state (module-level for simplicity)
@@ -101,8 +99,7 @@ def enter_plan_mode() -> str:
         border_style="green"
     ))
 
-    plan_mode_reminder = REMINDERS.get("plan_mode_active", "")
-    return f"Entered plan mode. Write your plan to {_plan_file_path}, then call exit_plan_mode() when ready for user approval.\n\n{plan_mode_reminder}"
+    return f"Entered plan mode. Write your plan to {_plan_file_path}, then call exit_plan_mode() when ready for user approval."
 
 
 def exit_plan_mode() -> str:

connectonion/cli/co_ai/tools/read.py

@@ -3,8 +3,6 @@
 from pathlib import Path
 from typing import Optional
 
-from connectonion.cli.co_ai.reminders import inject_reminder, should_show_security_reminder
-
 
 def read_file(
     path: str,
@@ -60,8 +58,4 @@ def read_file(
     if end < total_lines:
         result += f"\n\n... ({total_lines - end} more lines)"
 
-    # Inject security reminder for sensitive files
-    if should_show_security_reminder(path):
-        result = inject_reminder(result, "security")
-
     return result

connectonion/cli/commands/copy_commands.py

@@ -63,6 +63,13 @@ PROMPTS = {
     "coding_agent": "coding_agent",
 }
 
+# Registry of copyable trust policies
+TRUST = {
+    "open": "open.md",
+    "careful": "careful.md",
+    "strict": "strict.md",
+}
+
 
 def handle_copy(
     names: List[str],
@@ -82,11 +89,14 @@ def handle_copy(
     import connectonion.useful_plugins as plugins_module
     import connectonion.tui as tui_module
     import connectonion.useful_prompts as prompts_module
+    import connectonion
 
     useful_tools_dir = Path(tools_module.__file__).parent
     useful_plugins_dir = Path(plugins_module.__file__).parent
     tui_dir = Path(tui_module.__file__).parent
     useful_prompts_dir = Path(prompts_module.__file__).parent
+    # Trust policies are in the main package's prompts/trust/ directory
+    trust_dir = Path(connectonion.__file__).parent.parent / "prompts" / "trust"
 
     current_dir = Path.cwd()
 
@@ -123,6 +133,13 @@ def handle_copy(
             dest_dir = Path(path) if path else current_dir / "prompts"
             copy_directory(source, dest_dir, force)
 
+        # Check if it's a trust policy (support both "careful" and "trust/careful")
+        elif name_lower in TRUST or (name_lower.startswith("trust/") and name_lower[6:] in TRUST):
+            policy_name = name_lower[6:] if name_lower.startswith("trust/") else name_lower
+            source = trust_dir / TRUST[policy_name]
+            dest_dir = Path(path) if path else current_dir / "prompts" / "trust"
+            copy_file(source, dest_dir, force)
+
         else:
             console.print(f"[red]Unknown: {name}[/red]")
             console.print("Use [cyan]co copy --list[/cyan] to see available items")
@@ -180,9 +197,13 @@ def show_available_items():
     for name, dir_name in sorted(PROMPTS.items()):
         table.add_row(name, "prompt", f"{dir_name}/")
 
+    for name, file in sorted(TRUST.items()):
+        table.add_row(f"trust/{name}", "trust", file)
+
     for name, file in sorted(TUI.items()):
         table.add_row(name, "tui", file)
 
     console.print(table)
     console.print("\n[dim]Usage: co copy <name> [--path ./custom/][/dim]")
     console.print("[dim]Prompts are copied as directories to ./prompts/<name>/[/dim]")
+    console.print("[dim]Trust policies are copied to ./prompts/trust/<name>.md[/dim]")

connectonion/cli/commands/trust_commands.py

@@ -0,0 +1,152 @@
+"""
+CLI commands for managing trust lists (contacts, whitelist, blocklist, admins).
+
+Addresses are shown in full (not truncated) so users can easily copy them
+for use in other commands or configuration files.
+
+Usage:
+    co trust list                    # List all trust lists
+    co trust level <address>         # Check trust level of address
+    co trust add <address>           # Add to contacts (default)
+    co trust add <address> -w        # Add to whitelist
+    co trust remove <address>        # Remove from all lists
+    co trust block <address>         # Block an address
+    co trust unblock <address>       # Unblock an address
+    co trust admin add <address>     # Add admin (super admin only)
+    co trust admin remove <address>  # Remove admin (super admin only)
+"""
+
+from pathlib import Path
+from rich.console import Console
+from rich.table import Table
+
+from ...network.trust.tools import (
+    CO_DIR,
+    get_level,
+    promote_to_contact,
+    promote_to_whitelist,
+    demote_to_stranger,
+    block,
+    unblock,
+    add_admin,
+    remove_admin,
+    load_admins,
+    get_self_address,
+)
+
+console = Console()
+
+
+def _read_list(list_name: str) -> list[str]:
+    """Read entries from a list file."""
+    list_path = CO_DIR / f"{list_name}.txt"
+    if not list_path.exists():
+        return []
+    content = list_path.read_text(encoding='utf-8')
+    return [line.strip() for line in content.splitlines()
+            if line.strip() and not line.startswith('#')]
+
+
+def handle_trust_list():
+    """List all trust lists."""
+    contacts = _read_list("contacts")
+    whitelist = _read_list("whitelist")
+    blocklist = _read_list("blocklist")
+    admins = load_admins()
+    self_addr = get_self_address()
+
+    console.print()
+
+    # Admins
+    console.print("[bold]Admins[/bold]")
+    if admins:
+        for addr in admins:
+            label = " [dim](self)[/dim]" if addr == self_addr else ""
+            console.print(f"  {addr}{label}")
+    else:
+        console.print("  [dim]No admins configured[/dim]")
+    console.print()
+
+    # Whitelist
+    console.print("[bold]Whitelist[/bold] [dim](full trust)[/dim]")
+    if whitelist:
+        for addr in whitelist:
+            console.print(f"  {addr}")
+    else:
+        console.print("  [dim]Empty[/dim]")
+    console.print()
+
+    # Contacts
+    console.print("[bold]Contacts[/bold] [dim](verified via invite/payment)[/dim]")
+    if contacts:
+        for addr in contacts:
+            console.print(f"  {addr}")
+    else:
+        console.print("  [dim]Empty[/dim]")
+    console.print()
+
+    # Blocklist
+    console.print("[bold]Blocklist[/bold] [dim](denied access)[/dim]")
+    if blocklist:
+        for addr in blocklist:
+            console.print(f"  [red]{addr}[/red]")
+    else:
+        console.print("  [dim]Empty[/dim]")
+    console.print()
+
+    console.print(f"[dim]Lists stored in: {CO_DIR}[/dim]")
+
+
+def handle_trust_level(address: str):
+    """Check trust level of an address."""
+    level = get_level(address)
+
+    level_colors = {
+        "stranger": "dim",
+        "contact": "cyan",
+        "whitelist": "green",
+        "blocked": "red",
+    }
+    color = level_colors.get(level, "white")
+
+    console.print(f"\n{address}: [{color}]{level}[/{color}]\n")
+
+
+def handle_trust_add(address: str, whitelist: bool = False):
+    """Add address to contacts or whitelist."""
+    if whitelist:
+        result = promote_to_whitelist(address)
+        console.print(f"\n[green]✓[/green] {result}\n")
+    else:
+        result = promote_to_contact(address)
+        console.print(f"\n[green]✓[/green] {result}\n")
+
+
+def handle_trust_remove(address: str):
+    """Remove address from all lists (demote to stranger)."""
+    result = demote_to_stranger(address)
+    console.print(f"\n[yellow]✓[/yellow] {result}\n")
+
+
+def handle_trust_block(address: str, reason: str = ""):
+    """Block an address."""
+    result = block(address, reason)
+    console.print(f"\n[red]✓[/red] {result}\n")
+
+
+def handle_trust_unblock(address: str):
+    """Unblock an address."""
+    result = unblock(address)
+    console.print(f"\n[green]✓[/green] {result}\n")
+
+
+def handle_admin_add(address: str):
+    """Add an admin."""
+    result = add_admin(address)
+    console.print(f"\n[green]✓[/green] {result}\n")
+
+
+def handle_admin_remove(address: str):
+    """Remove an admin."""
+    result = remove_admin(address)
+    console.print(f"\n[yellow]✓[/yellow] {result}\n")

connectonion/cli/main.py

@@ -56,6 +56,7 @@ def _show_help():
     console.print("  [green]init[/green]              Initialize in current directory")
     console.print("  [green]copy[/green]   <name>     Copy tool/plugin source to project")
     console.print("  [green]eval[/green]              Run evals and show status")
+    console.print("  [green]trust[/green]             Manage trust lists")
     console.print("  [green]deploy[/green]            Deploy to ConnectOnion Cloud")
     console.print("  [green]auth[/green]              Authenticate for managed keys")
     console.print("  [green]status[/green]            Check account balance")
@@ -174,6 +175,87 @@ def eval(
     handle_eval(name=name, agent_file=agent)
 
 
+# Trust command group
+trust_app = typer.Typer(help="Manage trust lists (contacts, whitelist, blocklist, admins)")
+app.add_typer(trust_app, name="trust")
+
+
+@trust_app.callback(invoke_without_command=True)
+def trust_callback(ctx: typer.Context):
+    """Trust list management."""
+    if ctx.invoked_subcommand is None:
+        # Default to list
+        from .commands.trust_commands import handle_trust_list
+        handle_trust_list()
+
+
+@trust_app.command("list")
+def trust_list():
+    """List all trust lists."""
+    from .commands.trust_commands import handle_trust_list
+    handle_trust_list()
+
+
+@trust_app.command("level")
+def trust_level(address: str = typer.Argument(..., help="Address to check")):
+    """Check trust level of an address."""
+    from .commands.trust_commands import handle_trust_level
+    handle_trust_level(address)
+
+
+@trust_app.command("add")
+def trust_add(
+    address: str = typer.Argument(..., help="Address to add"),
+    whitelist: bool = typer.Option(False, "-w", "--whitelist", help="Add to whitelist instead of contacts"),
+):
+    """Add address to contacts (default) or whitelist."""
+    from .commands.trust_commands import handle_trust_add
+    handle_trust_add(address, whitelist)
+
+
+@trust_app.command("remove")
+def trust_remove(address: str = typer.Argument(..., help="Address to remove")):
+    """Remove address from all lists (demote to stranger)."""
+    from .commands.trust_commands import handle_trust_remove
+    handle_trust_remove(address)
+
+
+@trust_app.command("block")
+def trust_block(
+    address: str = typer.Argument(..., help="Address to block"),
+    reason: str = typer.Option("", "-r", "--reason", help="Reason for blocking"),
+):
+    """Block an address."""
+    from .commands.trust_commands import handle_trust_block
+    handle_trust_block(address, reason)
+
+
+@trust_app.command("unblock")
+def trust_unblock(address: str = typer.Argument(..., help="Address to unblock")):
+    """Unblock an address."""
+    from .commands.trust_commands import handle_trust_unblock
+    handle_trust_unblock(address)
+
+
+# Admin subcommand group
+admin_app = typer.Typer(help="Manage admins (super admin only)")
+trust_app.add_typer(admin_app, name="admin")
+
+
+@admin_app.command("add")
+def admin_add(address: str = typer.Argument(..., help="Address to add as admin")):
+    """Add an admin."""
+    from .commands.trust_commands import handle_admin_add
+    handle_admin_add(address)
+
+
+@admin_app.command("remove")
+def admin_remove(address: str = typer.Argument(..., help="Address to remove from admins")):
+    """Remove an admin."""
+    from .commands.trust_commands import handle_admin_remove
+    handle_admin_remove(address)
+
+
 def cli():
     """Entry point."""
     app()

connectonion/core/llm.py

@@ -3,7 +3,7 @@ Purpose: Unified LLM provider abstraction with factory pattern for OpenAI, Anthr
 LLM-Note:
   Dependencies: imports from [abc, typing, dataclasses, json, os, base64, openai, anthropic, requests, pathlib, toml, pydantic, .usage, .exceptions] | imported by [agent.py, llm_do.py, conftest.py] | tested by [tests/test_llm.py, tests/test_llm_do.py, tests/test_real_*.py, tests/test_billing_error_agent.py]
   Data flow: Agent/llm_do calls create_llm(model, api_key) → factory routes to provider class → Provider.__init__() validates API key → Agent calls complete(messages, tools) OR structured_complete(messages, output_schema) → provider converts to native format → calls API → parses response → returns LLMResponse(content, tool_calls, raw_response) OR Pydantic model instance
-  State/Effects: reads environment variables (OPENAI_API_KEY, ANTHROPIC_API_KEY, GEMINI_API_KEY, OPENONION_API_KEY) | reads ~/.connectonion/.co/config.toml for OpenOnion auth | makes HTTP requests to LLM APIs | no caching or persistence
+  State/Effects: reads environment variables (OPENAI_API_KEY, ANTHROPIC_API_KEY, GEMINI_API_KEY, OPENONION_API_KEY) | reads ~/.co/config.toml for OpenOnion auth | makes HTTP requests to LLM APIs | no caching or persistence
   Integration: exposes create_llm(model, api_key), LLM abstract base class, OpenAILLM, AnthropicLLM, GeminiLLM, OpenOnionLLM, LLMResponse, ToolCall dataclasses | providers implement complete() and structured_complete() | OpenAI message format is lingua franca | tool calling uses OpenAI schema converted per-provider
   Performance: stateless (no caching) | synchronous (no streaming) | default max_tokens=8192 for Anthropic (required) | each call hits API
   Errors: raises ValueError for missing API keys, unknown models, invalid parameters | provider-specific errors bubble up (openai.APIError, anthropic.APIError, etc.) | OpenOnionLLM transforms 402 errors to InsufficientCreditsError with formatted message and typed attributes | Pydantic ValidationError for invalid structured output
@@ -97,7 +97,7 @@ Required (pick one):
   - OPENAI_API_KEY: For OpenAI models
   - ANTHROPIC_API_KEY: For Claude models
   - GEMINI_API_KEY or GOOGLE_API_KEY: For Gemini models
-  - OPENONION_API_KEY: For co/ managed keys (or from ~/.connectonion/.co/config.toml)
+  - OPENONION_API_KEY: For co/ managed keys (or from ~/.co/config.toml)
 
 Optional:
   - OPENONION_DEV: Use localhost:8000 for OpenOnion (development)

connectonion/docs/concepts/fast_rules.md

@@ -0,0 +1,237 @@
+# Fast Rules
+
+Fast rules are code-executed trust checks that run **before** the LLM. They burn zero tokens and are instant.
+
+## Why Fast Rules?
+
+Trust verification that uses an LLM costs tokens. Every verification burns money.
+
+- 1000 requests/day × $0.001/verification = $365/year just for "should I trust this?"
+- 90% of trust decisions are mechanical (whitelist check, blocklist check)
+- Only 10% need LLM judgment
+
+Fast rules handle the 90%. LLM handles the 10%.
+
+## How It Works
+
+```
+Request comes in
+       │
+       ▼
+┌─────────────────┐
+│   Fast Rules    │  ← No tokens, instant
+│                 │
+│ 1. blocked?     │──deny──►
+│ 2. whitelisted? │──allow──►
+│ 3. contact?     │──allow──►
+│ 4. onboard?     │──promote + allow──►
+└─────────────────┘
+       │
+       │ No rule matched
+       ▼
+┌─────────────────┐
+│   Trust Agent   │  ← LLM, burns tokens
+│   (if enabled)  │
+└─────────────────┘
+```
+
+## Policy File Format
+
+Trust policies are markdown files with YAML frontmatter:
+
+```yaml
+---
+# YAML config (fast rules)
+---
+
+# Markdown body (LLM system prompt)
+```
+
+### Full Example
+
+```yaml
+---
+# Who has access
+allow:
+  - whitelisted
+  - contact
+
+# Who is blocked
+deny:
+  - blocked
+
+# How strangers become contacts (onboarding)
+onboard:
+  invite_code: [BETA2024, FRIEND123]
+  payment: 10
+
+# Strangers without credentials
+default: ask  # allow | deny | ask
+---
+
+# Careful Trust
+
+You evaluate unknown agents...
+```
+
+## Config Options
+
+### `allow:`
+
+Who has access. List of conditions:
+
+```yaml
+---
+allow:
+  - whitelisted  # Users in ~/.co/whitelist.txt
+  - contact      # Users in ~/.co/contacts.txt
+---
+```
+
+### `deny:`
+
+Who is blocked:
+
+```yaml
+---
+deny:
+  - blocked  # Users in ~/.co/blocklist.txt
+---
+```
+
+### `onboard:`
+
+How strangers become contacts (OR logic):
+
+```yaml
+---
+onboard:
+  invite_code: [CODE1, CODE2]  # Valid invite codes
+  payment: 10                   # Minimum payment amount
+---
+```
+
+- `invite_code`: Client sends `invite_code` in request → becomes contact
+- `payment`: Client sends `payment` >= amount → becomes contact
+
+**OR logic**: Either invite_code OR payment passes → promoted to contact.
+
+### `default:`
+
+What to do with strangers who don't onboard:
+
+```yaml
+---
+default: ask    # Use LLM to decide (careful mode)
+# OR
+default: deny   # Reject (strict mode)
+# OR
+default: allow  # Accept (open mode)
+---
+```
+
+## The Three Presets
+
+### open (Development)
+
+```yaml
+---
+default: allow
+---
+```
+
+Everyone allowed. No verification.
+
+### careful (Staging)
+
+```yaml
+---
+allow:
+  - whitelisted
+  - contact
+
+deny:
+  - blocked
+
+onboard:
+  invite_code: [BETA2024]
+  payment: 10
+
+default: ask
+---
+```
+
+Whitelisted and contacts allowed. Strangers can onboard or be evaluated by LLM.
+
+### strict (Production)
+
+```yaml
+---
+allow:
+  - whitelisted
+
+deny:
+  - blocked
+
+default: deny
+---
+```
+
+Whitelist only. Everyone else denied.
+
+## Execution Order
+
+Fast rules execute in this order:
+
+1. Check `deny` list → deny if blocked
+2. Check `allow` list → allow if whitelisted/contact
+3. Try `onboard` → promote + allow if valid credentials
+4. `default` → allow / deny / ask
+
+## List Files
+
+Fast rules read from `~/.co/`:
+
+```
+~/.co/
+├── whitelist.txt   # Trusted clients
+├── contacts.txt    # Verified clients
+└── blocklist.txt   # Blocked clients
+```
+
+### Format
+
+```
+# Comments start with #
+client-id-123
+another-client
+
+# Wildcards supported
+payment-*
+*.trusted.com
+```
+
+## Implementation
+
+See `connectonion/network/trust/fast_rules.py`:
+
+```python
+from connectonion.network.trust import parse_policy, evaluate_request
+
+# Parse policy file
+config, markdown_body = parse_policy(policy_text)
+
+# Evaluate request
+result = evaluate_request(config, client_id, request)
+# Returns: 'allow', 'deny', or None (needs LLM)
+```
+
+## Summary
+
+| Feature | Fast Rules | LLM Trust Agent |
+|---------|------------|-----------------|
+| Tokens | Zero | Burns tokens |
+| Speed | Instant | Slow (API call) |
+| Logic | Simple checks | Complex reasoning |
+| Use | 90% of requests | 10% of requests |
+| Config | YAML frontmatter | Markdown body |