draft-protocol 1.1.1__tar.gz → 1.3.0__tar.gz

{draft_protocol-1.1.1 → draft_protocol-1.3.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: draft-protocol
-Version: 1.1.1
+Version: 1.3.0
 Summary: DRAFT Protocol — Intake governance for AI tool calls. Ensures AI understands human intent before execution begins.
 Project-URL: Homepage, https://github.com/manifold-vectors/draft-protocol
 Project-URL: Documentation, https://github.com/manifold-vectors/draft-protocol#readme

{draft_protocol-1.1.1 → draft_protocol-1.3.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "draft-protocol"
-version = "1.1.1"
+version = "1.3.0"
 description = "DRAFT Protocol — Intake governance for AI tool calls. Ensures AI understands human intent before execution begins."
 readme = "README.md"
 license = "Apache-2.0"

{draft_protocol-1.1.1 → draft_protocol-1.3.0}/src/draft_protocol/__init__.py

@@ -13,7 +13,7 @@ Usage:
     from draft_protocol.providers import llm_available, embed_available
 """
 
-__version__ = "1.1.1"
+__version__ = "1.3.0"
 
 # Public API — importable from `draft_protocol` directly
 from draft_protocol.engine import (

{draft_protocol-1.1.1 → draft_protocol-1.3.0}/src/draft_protocol/engine.py

@@ -36,6 +36,7 @@ from draft_protocol.config import (
     TRIVIAL_PATTERNS,
 )
 from draft_protocol.extension_points import get_classify_hook, get_post_gate_hook
+from draft_protocol.hmac_utils import sign_assertion, sign_gate_pass
 
 # ── M1.3: Closed Session Guard ───────────────────────────
 
@@ -1026,7 +1027,8 @@ def check_gate(session_id: str) -> dict:
 
     passed = len(blockers) == 0
     if passed:
-        storage.update_session(session_id, gate_passed=1)
+        gate_sig = sign_gate_pass(session_id)
+        storage.update_session(session_id, gate_passed=1, gate_hmac=gate_sig)
 
     storage.log_audit(session_id, "draft_gate", "gate_check", f"{'PASS' if passed else 'FAIL'}: {confirmed}/{total}")
 
@@ -1038,6 +1040,15 @@ def check_gate(session_id: str) -> dict:
         "summary": f"{'[PASS]' if passed else '[BLOCKED]'}: {confirmed}/{total}",
     }
 
+    # Phase A: emit signed assertion for cross-gate consumption
+    if passed:
+        result["assertion"] = sign_assertion("draft_gate_passed", {
+            "session_id": session_id,
+            "tier": session.get("tier", "STANDARD") if session else "STANDARD",
+            "confirmed_fields": confirmed,
+            "total_fields": total,
+        })
+
     if perfunctory_warnings:
         result["warnings"] = perfunctory_warnings
 
@@ -1197,11 +1208,23 @@ def override_gate(session_id: str, reason: str) -> dict:
     if gate.get("passed"):
         return {"note": "Already passed.", "gate": gate}
 
-    storage.update_session(session_id, gate_passed=1)
+    gate_sig = sign_gate_pass(session_id)
+    storage.update_session(session_id, gate_passed=1, gate_hmac=gate_sig)
     storage.log_audit(
         session_id, "override_gate", "OVERRIDDEN", f"AUTHORIZED: {reason.strip()}. Blockers: {gate.get('blockers', [])}"
     )
-    return {"status": "OVERRIDDEN", "reason": reason.strip(), "blockers": gate.get("blockers", [])}
+    override_assertion = sign_assertion("draft_gate_passed", {
+        "session_id": session_id,
+        "tier": session.get("tier", "STANDARD"),
+        "override": True,
+        "reason": reason.strip(),
+    })
+    return {
+        "status": "OVERRIDDEN",
+        "reason": reason.strip(),
+        "blockers": gate.get("blockers", []),
+        "assertion": override_assertion,
+    }
 
 
 def verify_assumption(session_id: str, index: int, verified: bool, note: str = "") -> dict:

draft_protocol-1.3.0/src/draft_protocol/hmac_utils.py

@@ -0,0 +1,131 @@
+"""HMAC signing for inter-gate assertions.
+
+Provides integrity guarantees for all cross-gate communication.
+Each assertion is signed with HMAC-SHA256, includes a timestamp
+and a monotonic nonce for replay protection.
+
+Secret comes from GATE_HMAC_SECRET environment variable.
+"""
+
+import hashlib
+import hmac
+import json
+import os
+import time
+from typing import Any
+
+# Monotonic nonce counter (per-process, resets on restart)
+_nonce_counter: int = 0
+
+
+def _get_secret() -> bytes:
+    """Get HMAC secret from environment. Falls back to a default for dev."""
+    secret = os.environ.get("GATE_HMAC_SECRET", "")
+    if not secret:
+        secret = "vector-gate-dev-secret-change-me"
+    return secret.encode()
+
+
+def _next_nonce() -> int:
+    """Return next monotonic nonce."""
+    global _nonce_counter
+    _nonce_counter += 1
+    return _nonce_counter
+
+
+def sign_assertion(assertion_type: str, payload: dict[str, Any]) -> dict:
+    """Sign an arbitrary inter-gate assertion.
+
+    Returns a complete signed assertion dict ready for transport:
+    {
+        "type": "draft_gate_passed",
+        "payload": {...},
+        "timestamp": "1773474000",
+        "nonce": 1,
+        "hmac": "hex..."
+    }
+    """
+    ts = str(int(time.time()))
+    nonce = _next_nonce()
+    # Canonical form: type|timestamp|nonce|sorted-json-payload
+    canonical = f"{assertion_type}|{ts}|{nonce}|{json.dumps(payload, sort_keys=True)}"
+    sig = hmac.new(_get_secret(), canonical.encode(), hashlib.sha256).hexdigest()
+    return {
+        "type": assertion_type,
+        "payload": payload,
+        "timestamp": ts,
+        "nonce": nonce,
+        "hmac": sig,
+    }
+
+
+def verify_assertion(assertion: dict, max_age_seconds: int = 300) -> dict:
+    """Verify a signed assertion.
+
+    Checks HMAC integrity, timestamp freshness, and nonce monotonicity.
+
+    Returns:
+        {"valid": True, "type": "...", "payload": {...}}
+        {"valid": False, "reason": "..."}
+    """
+    required = {"type", "payload", "timestamp", "nonce", "hmac"}
+    if not isinstance(assertion, dict) or not required.issubset(assertion.keys()):
+        return {"valid": False, "reason": f"Missing fields: {required - set(assertion.keys())}"}
+
+    a_type = assertion["type"]
+    payload = assertion["payload"]
+    ts = assertion["timestamp"]
+    nonce = assertion["nonce"]
+    sig = assertion["hmac"]
+
+    # Reconstruct canonical form and verify HMAC
+    canonical = f"{a_type}|{ts}|{nonce}|{json.dumps(payload, sort_keys=True)}"
+    expected = hmac.new(_get_secret(), canonical.encode(), hashlib.sha256).hexdigest()
+    if not hmac.compare_digest(sig, expected):
+        return {"valid": False, "reason": "HMAC mismatch — possible tampering"}
+
+    # Timestamp freshness
+    try:
+        age = abs(int(time.time()) - int(ts))
+        if age > max_age_seconds:
+            return {"valid": False, "reason": f"Assertion stale ({age}s > {max_age_seconds}s)"}
+    except (ValueError, TypeError):
+        return {"valid": False, "reason": "Invalid timestamp"}
+
+    return {"valid": True, "type": a_type, "payload": payload}
+
+
+# ── Legacy compat: gate_passed signing (wraps new generalized API) ──
+
+def sign_gate_pass(session_id: str) -> str:
+    """Compute HMAC for a gate pass event (legacy format: ts:hex).
+
+    Kept for backward compatibility with existing cross_gate.py code.
+    New code should use sign_assertion() directly.
+    """
+    ts = str(int(time.time()))
+    payload = f"{session_id}|1|{ts}".encode()
+    sig = hmac.new(_get_secret(), payload, hashlib.sha256).hexdigest()
+    return f"{ts}:{sig}"
+
+
+def verify_gate_pass(session_id: str, gate_hmac: str | None) -> bool:
+    """Verify legacy gate_passed HMAC (ts:hex format)."""
+    if not gate_hmac:
+        return False
+    parts = gate_hmac.split(":", 1)
+    if len(parts) != 2:
+        return False
+    ts, sig = parts
+    payload = f"{session_id}|1|{ts}".encode()
+    expected = hmac.new(_get_secret(), payload, hashlib.sha256).hexdigest()
+    return hmac.compare_digest(sig, expected)
+
+
+def verify_or_warn(session_id: str, gate_hmac: str | None) -> dict:
+    """Verify legacy gate HMAC and return structured result."""
+    if gate_hmac is None:
+        return {"valid": False, "reason": "gate_hmac missing (legacy session or unsigned)"}
+    if verify_gate_pass(session_id, gate_hmac):
+        return {"valid": True}
+    return {"valid": False, "reason": "gate_hmac signature mismatch — possible tampering"}

{draft_protocol-1.1.1 → draft_protocol-1.3.0}/src/draft_protocol/storage.py

@@ -32,6 +32,7 @@ def init_db():
             dimensions JSON NOT NULL DEFAULT '{}',
             assumptions JSON NOT NULL DEFAULT '[]',
             gate_passed INTEGER NOT NULL DEFAULT 0,
+            gate_hmac TEXT,
             review_done INTEGER NOT NULL DEFAULT 0,
             review_notes TEXT,
             created_at TEXT NOT NULL,
@@ -55,6 +56,20 @@ def init_db():
 init_db()
 
 
+def _migrate_gate_hmac():
+    """Add gate_hmac column if missing (migration for existing DBs)."""
+    conn = get_db()
+    try:
+        conn.execute("SELECT gate_hmac FROM sessions LIMIT 1")
+    except sqlite3.OperationalError:
+        conn.execute("ALTER TABLE sessions ADD COLUMN gate_hmac TEXT")
+        conn.commit()
+    conn.close()
+
+
+_migrate_gate_hmac()
+
+
 def _now() -> str:
     return datetime.now(timezone.utc).isoformat()