connectonion 0.6.4__py3-none-any.whl → 0.6.5__py3-none-any.whl

connectonion/__init__.py

@@ -10,7 +10,7 @@ LLM-Note:
 ConnectOnion - A simple agent framework with behavior tracking.
 """
 
-__version__ = "0.6.4"
+__version__ = "0.6.5"
 
 # Auto-load .env files for the entire framework
 from dotenv import load_dotenv

connectonion/cli/co_ai/main.py

@@ -47,6 +47,6 @@ def start_server(
             web_mode=True,
         )
 
-    # Start server with open trust (no auth required)
+    # Start server with careful trust (requires invite code or payment for strangers)
     # relay_url=None disables P2P discovery
-    host(agent_factory, port=port, trust="open", relay_url=None)
+    host(agent_factory, port=port, trust="careful", relay_url=None)

connectonion/cli/co_ai/prompts/connectonion/concepts/trust.md

@@ -1,291 +1,249 @@
 # Trust in ConnectOnion
 
-The `trust` parameter provides flexible, bidirectional trust configuration for agent interactions.
+Trust is a **host layer** concern that controls who can access your agent. It manages onboarding, access control, and client state transitions.
 
 ## Quick Start
 
 ```python
-from connectonion import Agent, need
-
-# Simple trust levels
-translator = need("translate", trust="strict")   # Production: verified only
-analyzer = need("analyze", trust="tested")       # Default: test first
-scraper = need("scrape", trust="open")          # Development: trust all
-
-# For your own agent
-agent = Agent(
-    name="my_service",
-    tools=[process_data],
-    trust="strict"  # Who can use my services
-)
+from connectonion import Agent
+from connectonion.network import host
+
+# Create your agent (no trust here - agent only cares about its job)
+agent = Agent("my_service", tools=[process_data])
+
+# Host it with trust (trust is a host concern)
+host(agent, trust="careful")  # Default: verify before allowing access
 ```
 
-## Three Forms of Trust
+## Core Concepts
 
-### 1. Trust Levels (String)
+### Separation of Concerns
 
-Simple predefined levels for common scenarios:
+| Layer | Responsibility |
+|-------|----------------|
+| **Agent** | What it does (skills, tools, reasoning) |
+| **Host** | How it's accessed (network, trust, security) |
 
 ```python
-# Development - trust everyone
-agent = need("service", trust="open")
+# Agent is pure - only cares about its job
+agent = Agent("translator", tools=[translate])
 
-# Default - test before trusting
-agent = need("service", trust="tested")
-
-# Production - only verified/whitelisted
-agent = need("service", trust="strict")
+# Trust is configured at host level
+host(agent, trust="open")     # Dev: trust everyone
+host(agent, trust="careful")  # Staging: verify first
+host(agent, trust="strict")   # Prod: whitelist only
 ```
 
-### 2. Trust Policy (Natural Language)
+### Two-Tier Verification
 
-Express complex requirements in plain English:
+| Type | Tokens | When to Use |
+|------|--------|-------------|
+| **Fast Rules** | Zero | Simple checks (invite code, payment, whitelist) |
+| **Trust Agent** | Burns tokens | Complex decisions (behavior analysis, edge cases) |
 
-```python
-# Inline policy
-translator = need("translate", trust="""
-    I trust agents that:
-    - Pass capability tests
-    - Respond within 500ms
-    - Are on my whitelist OR from local network
-""")
-
-# From file
-translator = need("translate", trust="./trust_policy.md")
-```
+90% of requests use fast rules (instant, free). 10% use trust agent (LLM reasoning, rare).
 
-Example trust policy file:
-```markdown
-# My Trust Requirements
+## Trust Levels
 
-I trust agents that meet ALL of these criteria:
-- Successfully translate "Hello" to "Hola"
-- Respond in less than 1 second
-- Have processed at least 10 requests successfully
+### Open (Development)
 
-I immediately reject agents that:
-- Fail basic capability tests
-- Take longer than 5 seconds
-- Are on my blacklist
-```
+Trust everyone. No verification.
 
-### 3. Trust Agent
+```python
+host(agent, trust="open")
+```
 
-For maximum control, use a custom trust agent:
+Use for: Local development, Jupyter notebooks, testing.
 
-```python
-# Create a trust agent with verification tools
-trust_agent = Agent(
-    name="my_guardian",
-    tools=[
-        check_whitelist,
-        verify_capability,
-        measure_response_time,
-        check_reputation
-    ],
-    system_prompt="""
-        You verify other agents before allowing interaction.
-        Be strict with payment processors, relaxed with read-only services.
-    """
-)
+### Careful (Default)
 
-# Use it for your agent
-my_agent = Agent(
-    name="my_service",
-    tools=[process_payment],
-    trust=trust_agent  # My guardian protects me
-)
+Verify strangers before granting access. Fast rules first, then trust agent for complex cases.
 
-# And for discovering services
-payment = need("payment processor", trust=trust_agent)
+```python
+host(agent, trust="careful")
 ```
 
-## Bidirectional Trust
+Use for: Staging, testing, pre-production.
+
+### Strict (Production)
 
-The same `trust` parameter works in both directions:
+Whitelist only. No exceptions.
 
 ```python
-# As a SERVICE provider (who can use me?)
-alice_agent = Agent(
-    name="alice_translator",
-    tools=[translate],
-    trust="tested"  # Users must pass my tests
-)
+host(agent, trust="strict")
+```
+
+Use for: Production, sensitive data, payments.
 
-# As a SERVICE consumer (who do I trust?)
-translator = need("translate", trust="strict")  # I only use verified services
+## Client States
 
-# Both trust requirements must be satisfied for interaction!
 ```
+Promotion Chain (earned trust):
 
-## Trust Flow Example
+┌─────────────┐   verify    ┌─────────────┐  earn trust  ┌─────────────┐
+│  Stranger   │ ──────────► │   Contact   │ ───────────► │  Whitelist  │
+└─────────────┘             └─────────────┘              └─────────────┘
+      │                           │                            │
+      │ block                     │ demote                     │ demote
+      ▼                           ▼                            ▼
+┌─────────────┐             ┌─────────────┐              ┌─────────────┐
+│  Blocklist  │             │  Stranger   │              │   Contact   │
+└─────────────┘             └─────────────┘              └─────────────┘
 
-```python
-# Alice creates a translation service
-alice = Agent(
-    name="alice_translator",
-    tools=[translate],
-    trust="tested"  # Test users before serving them
-)
-share(alice)
 
-# Bob looks for a translator
-translator = need(
-    "translate to Spanish",
-    trust="strict"  # Bob only uses verified services
-)
+Admin (separate, manual only):
 
-# What happens:
-# 1. Bob's trust agent evaluates Alice (strict check)
-# 2. Alice's trust agent evaluates Bob (test required)
-# 3. Both must approve for connection to succeed
+┌─────────────┐  set_admin()   ┌─────────────┐
+│  Any Level  │ ─────────────► │    Admin    │
+└─────────────┘                └─────────────┘
+                                     │
+                               remove_admin()
+                                     │
+                                     ▼
+                               ┌─────────────┐
+                               │  Previous   │
+                               └─────────────┘
 ```
 
-## Environment-Based Defaults
-
-ConnectOnion automatically adjusts trust based on environment:
+### Client Levels
 
-```python
-# No trust parameter needed - auto-detected!
-translator = need("translate")
+| Level | Description | Access |
+|-------|-------------|--------|
+| **Stranger** | Unknown client, not verified | Limited or none |
+| **Contact** | Verified via invite/payment | Standard access |
+| **Whitelist** | Trusted, pre-approved | Full access |
+| **Admin** | Can manage other clients | Full access + management |
+| **Blocklist** | Blocked, denied access | No access |
 
-# In development (localhost, Jupyter)
-# → Defaults to trust="open"
+## Trust Policy Files
 
-# In test files (test_*.py)
-# → Defaults to trust="tested"
+Trust policies are markdown files with YAML frontmatter. YAML defines fast rules (no tokens), markdown body defines trust agent behavior (for complex decisions).
 
-# In production
-# → Defaults to trust="strict"
+```yaml
+# prompts/trust/careful.md
+---
+fast_rules:
+  - if: has_invite_code
+    action: verify_invite
+    on_success: promote_to_contact
 
-# Override when needed
-translator = need("translate", trust="open")  # Force open even in production
-```
+  - if: is_blocked
+    action: deny
 
-## Trust Functions
+  - if: is_whitelist
+    action: allow
 
-Trust agents use composable functions:
+  - if: is_stranger
+    action: deny
 
-```python
-# Basic trust functions (provided by ConnectOnion)
-def check_whitelist(agent_id: str) -> bool:
-    """Check if agent is whitelisted"""
-    
-def test_capability(agent, test_input, expected) -> bool:
-    """Test if agent produces expected output"""
-    
-def measure_response_time(agent, timeout_ms) -> float:
-    """Measure agent response time"""
-    
-def check_local_network(agent_ip: str) -> bool:
-    """Check if agent is on local network"""
-
-# Combine in your trust agent
-my_trust = Agent(
-    name="guardian",
-    tools=[
-        check_whitelist,
-        test_capability,
-        measure_response_time,
-        check_local_network
-    ]
-)
-```
+use_agent:
+  - when: requests > 10
+    reason: "Evaluate for promotion"
 
-## Whitelist Management
+cache: 24h
+---
 
-Simple text file at `~/.connectonion/trusted.txt`:
+# Trust Agent Policy
 
-```
-translator.api.com
-analyzer.local
-my-company.internal.net
-192.168.1.*
-```
+You handle complex trust decisions.
 
-Edit with any text editor or programmatically:
+## Available Tools
+- promote_to_contact(client_id)
+- block(client_id, reason)
 
-```python
-# Add to whitelist
-with open("~/.connectonion/trusted.txt", "a") as f:
-    f.write("new-service.com\n")
+## When to Promote
+Promote stranger to contact when:
+- 10+ requests with good behavior
+- No suspicious patterns
 ```
 
-## Progressive Trust Building
+## Atomic Functions
 
-Trust grows through successful interactions:
+Trust manager provides simple atomic functions as tools:
 
 ```python
-# First encounter - requires testing
-translator = need("translate", trust="tested")
-# → Agent is tested before use
+# Promotion (earned)
+promote_to_contact(client_id)    # Stranger → Contact
+promote_to_whitelist(client_id)  # Contact → Whitelist
+
+# Demotion
+demote_to_contact(client_id)     # Whitelist → Contact
+demote_to_stranger(client_id)    # Contact → Stranger
 
-# After successful interactions
-# → Agent automatically added to "verified" list
+# Blocking
+block(client_id, reason)
+unblock(client_id)
 
-# Future encounters
-translator = need("translate", trust="tested")
-# → Skip testing, already verified
+# Admin (manual only)
+set_admin(client_id, by_admin)
+remove_admin(client_id, by_admin)
 ```
 
-## Common Patterns
+## Custom Trust Policies
+
+### Option 1: Use Preset
 
-### Development Mode
 ```python
-# Trust everyone for rapid development
-connectonion.set_default_trust("open")
+host(agent, trust="careful")  # Uses prompts/trust/careful.md
 ```
 
-### Production Mode
+### Option 2: Custom Markdown File
+
 ```python
-# Strict verification for production
-payment = need("payment processor", trust="strict")
-sensitive = need("data processor", trust="strict")
+host(agent, trust="./my_policy.md")
 ```
 
-### Mixed Trust
+### Option 3: Custom TrustAgent
+
 ```python
-# Different trust for different services
-scraper = need("web scraper", trust="open")      # Low risk
-analyzer = need("analyze data", trust="tested")   # Medium risk
-payment = need("process payment", trust="strict") # High risk
+from connectonion.network.trust import TrustAgent
+
+trust = TrustAgent(
+    system_prompt="./my_policy.md",
+    tools=[my_custom_verifier]
+)
+host(agent, trust=trust)
 ```
 
-### Custom Trust Logic
+## Environment-Based Defaults
+
 ```python
-# Trust based on context
-def get_trust_level(service_type):
-    if "payment" in service_type:
-        return "strict"
-    elif "read" in service_type:
-        return "open"
-    else:
-        return "tested"
-
-service = need("read data", trust=get_trust_level("read data"))
+# No trust specified - auto-detected from environment
+host(agent)
+
+# CONNECTONION_ENV=development → trust="open"
+# CONNECTONION_ENV=staging     → trust="careful"
+# CONNECTONION_ENV=production  → trust="strict"
 ```
 
-## Security Best Practices
+## List Management
 
-1. **Production = Strict**: Always use `trust="strict"` in production
-2. **Test Sensitive Operations**: Payment, data modification, etc.
-3. **Whitelist Critical Services**: Manually verify and whitelist
-4. **Monitor Trust Decisions**: Log all trust evaluations
-5. **Regular Audits**: Review whitelist and trust policies
+Trust manager maintains lists at `~/.co/`:
+
+```
+~/.co/
+├── contacts.txt     # Verified contacts
+├── whitelist.txt    # Trusted, pre-approved
+├── admins.txt       # Can manage other clients
+└── blocklist.txt    # Blocked clients
+```
 
 ## FAQ
 
 **Q: What's the default trust level?**
-A: `"tested"` - agents are tested before first use
+A: `"careful"` - verify strangers, allow contacts.
 
-**Q: Can I change trust after agent creation?**
-A: Yes: `agent.trust = new_trust_agent`
+**Q: Do fast rules burn tokens?**
+A: No. Fast rules are simple if/then executed by host. Zero tokens.
 
-**Q: How do trust agents communicate?**
-A: They're regular ConnectOnion agents - they talk naturally
+**Q: When does trust agent run?**
+A: Only when `use_agent` triggers fire (e.g., after 10 requests). Rare.
 
-**Q: What if both agents have strict trust?**
-A: Both requirements must be met - most restrictive wins
+**Q: Can I use the same agent with different trust levels?**
+A: Yes. Trust is host config, not agent config.
 
-**Q: Can I disable trust completely?**
-A: Yes: `trust="open"` accepts everyone without checks
+```python
+# Same agent, different trust
+host(agent, trust="open")    # Dev
+host(agent, trust="strict")  # Prod
+```

connectonion/cli/commands/copy_commands.py

@@ -63,6 +63,13 @@ PROMPTS = {
     "coding_agent": "coding_agent",
 }
 
+# Registry of copyable trust policies
+TRUST = {
+    "open": "open.md",
+    "careful": "careful.md",
+    "strict": "strict.md",
+}
+
 
 def handle_copy(
     names: List[str],
@@ -82,11 +89,14 @@ def handle_copy(
     import connectonion.useful_plugins as plugins_module
     import connectonion.tui as tui_module
     import connectonion.useful_prompts as prompts_module
+    import connectonion
 
     useful_tools_dir = Path(tools_module.__file__).parent
     useful_plugins_dir = Path(plugins_module.__file__).parent
     tui_dir = Path(tui_module.__file__).parent
     useful_prompts_dir = Path(prompts_module.__file__).parent
+    # Trust policies are in the main package's prompts/trust/ directory
+    trust_dir = Path(connectonion.__file__).parent.parent / "prompts" / "trust"
 
     current_dir = Path.cwd()
 
@@ -123,6 +133,13 @@ def handle_copy(
             dest_dir = Path(path) if path else current_dir / "prompts"
             copy_directory(source, dest_dir, force)
 
+        # Check if it's a trust policy (support both "careful" and "trust/careful")
+        elif name_lower in TRUST or (name_lower.startswith("trust/") and name_lower[6:] in TRUST):
+            policy_name = name_lower[6:] if name_lower.startswith("trust/") else name_lower
+            source = trust_dir / TRUST[policy_name]
+            dest_dir = Path(path) if path else current_dir / "prompts" / "trust"
+            copy_file(source, dest_dir, force)
+
         else:
             console.print(f"[red]Unknown: {name}[/red]")
             console.print("Use [cyan]co copy --list[/cyan] to see available items")
@@ -180,9 +197,13 @@ def show_available_items():
     for name, dir_name in sorted(PROMPTS.items()):
         table.add_row(name, "prompt", f"{dir_name}/")
 
+    for name, file in sorted(TRUST.items()):
+        table.add_row(f"trust/{name}", "trust", file)
+
     for name, file in sorted(TUI.items()):
         table.add_row(name, "tui", file)
 
     console.print(table)
     console.print("\n[dim]Usage: co copy <name> [--path ./custom/][/dim]")
     console.print("[dim]Prompts are copied as directories to ./prompts/<name>/[/dim]")
+    console.print("[dim]Trust policies are copied to ./prompts/trust/<name>.md[/dim]")