fix-cli 0.6.1__tar.gz → 0.6.4__tar.gz

{fix_cli-0.6.1/fix_cli.egg-info → fix_cli-0.6.4}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.4
 Name: fix-cli
-Version: 0.6.1
+Version: 0.6.4
 Summary: AI-powered command fixer with contract-based dispute resolution
 Author-email: Karan Sharma <karans4@protonmail.com>
 License: AGPL-3.0-or-later
@@ -15,6 +15,7 @@ Requires-Dist: uvicorn>=0.20; extra == "server"
 Requires-Dist: starlette>=0.27; extra == "server"
 Requires-Dist: ed25519-blake2b>=1.4; extra == "server"
 Requires-Dist: requests>=2.28; extra == "server"
+Dynamic: license-file
 
 # fix
 

{fix_cli-0.6.1 → fix_cli-0.6.4}/agent.py

@@ -53,7 +53,9 @@ def build_agent_prompt(contract: dict, investigation_results: list[dict],
     parts.append("You are a fix agent. Your job is to diagnose and fix the problem described in this contract.")
     parts.append("You may decline (\"accepted\": false) before or after investigation, as long as you haven't accepted yet.\n")
     parts.append("## Contract\n")
+    parts.append('<user-content type="contract">')
     parts.append(json.dumps(contract, indent=2))
+    parts.append('</user-content>')
     parts.append("")
 
     if agent_memory:
@@ -75,7 +77,9 @@ def build_agent_prompt(contract: dict, investigation_results: list[dict],
         parts.append("## Investigation Results So Far\n")
         for i, r in enumerate(investigation_results, 1):
             parts.append(f"### Round {i}: `{r['command']}`")
+            parts.append(f'<user-content type="investigation_result">')
             parts.append(f"```\n{r['output']}\n```")
+            parts.append('</user-content>')
             parts.append("")
 
     parts.append("## Instructions\n")
@@ -406,12 +410,6 @@ class FixAgent:
                 return False, f"bounty {bounty} below minimum {self.min_bounty}"
             if bounty > self.max_bounty:
                 return False, f"bounty {bounty} above maximum {self.max_bounty}"
-        # Check min_bond requirement against our capabilities
-        terms = contract.get("terms", {})
-        min_bond = terms.get("min_bond", "0")
-        if min_bond and Decimal(min_bond) > Decimal("0"):
-            pass  # Agent can check their own balance here if needed
-
         match, reason = capabilities_match(self.capabilities, contract)
         if not match:
             return False, reason
@@ -492,13 +490,11 @@ async def _main():
         with open(key_path, "rb") as f:
             privkey = f.read(32)
     else:
-        from crypto import generate_ed25519_keypair, pubkey_to_fix_id
+        from crypto import generate_ed25519_keypair, pubkey_to_fix_id, save_ed25519_key
         privkey, pubkey = generate_ed25519_keypair()
         os.makedirs(os.path.dirname(key_path), exist_ok=True)
-        with open(key_path, "wb") as f:
-            f.write(privkey)
+        save_ed25519_key(key_path, privkey)
         print(f"Generated new agent identity: {pubkey_to_fix_id(pubkey)}")
-        print(f"Key saved to {key_path}")
 
     from crypto import ed25519_privkey_to_pubkey, pubkey_to_fix_id
     pubkey = ed25519_privkey_to_pubkey(privkey)

{fix_cli-0.6.1 → fix_cli-0.6.4}/contract.py

@@ -169,7 +169,7 @@ def build_contract(command, stderr, env_info, **kwargs):
 
     # Market mode: add escrow + terms
     if market:
-        bounty_str = str(bounty) if bounty else "0.05"
+        bounty_str = str(bounty) if bounty else "0.19"
         contract["escrow"] = {
             "bounty": bounty_str,
             "currency": "XNO",
@@ -178,8 +178,6 @@ def build_contract(command, stderr, env_info, **kwargs):
         }
         contract["terms"] = {
             "cancellation": {
-                "agent_fee": "0.002",
-                "principal_fee": "0.002",
                 "grace_period": 30,
             },
             "abandonment": {

{fix_cli-0.6.1 → fix_cli-0.6.4}/crypto.py

@@ -14,6 +14,7 @@ import hmac as hmac_mod
 import json
 import math
 import os
+import sqlite3
 import time as _time
 
 from cryptography.hazmat.primitives.asymmetric.ed25519 import (
@@ -96,8 +97,17 @@ def load_ed25519_key(path: str) -> bytes:
 
 
 def save_ed25519_key(path: str, key: bytes) -> None:
-    """Save a 32-byte raw Ed25519 private key to file (mode 0600)."""
-    fd = os.open(path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o600)
+    """Save a 32-byte raw Ed25519 private key to file (mode 0600).
+    Uses O_EXCL for new files to prevent symlink attacks.
+    Falls back to O_TRUNC for overwrites (existing file must be a regular file)."""
+    if os.path.exists(path):
+        # Overwrite: verify it's a regular file, not a symlink
+        if os.path.islink(path):
+            raise ValueError(f"Refusing to overwrite symlink: {path}")
+        fd = os.open(path, os.O_WRONLY | os.O_TRUNC, 0o600)
+    else:
+        # New file: O_EXCL prevents race conditions
+        fd = os.open(path, os.O_WRONLY | os.O_CREAT | os.O_EXCL, 0o600)
     try:
         os.write(fd, key)
     finally:
@@ -283,30 +293,69 @@ REQUEST_MAX_AGE = 300  # 5 minutes
 
 
 class ReplayGuard:
-    """Track seen signatures to prevent replay attacks. TTL matches REQUEST_MAX_AGE."""
+    """Track seen signatures to prevent replay attacks.
 
-    def __init__(self, ttl: int = REQUEST_MAX_AGE):
-        self._seen: dict[str, float] = {}  # sig_hex -> expiry_timestamp
+    Uses SQLite for persistence across restarts and multi-process safety.
+    Falls back to in-memory dict if no db_path provided.
+    """
+
+    def __init__(self, ttl: int = REQUEST_MAX_AGE + 30, db_path: str = ""):
         self._ttl = ttl
+        self._db = None
+        if db_path:
+            import sqlite3
+            self._db = sqlite3.connect(db_path, check_same_thread=False)
+            self._db.execute("PRAGMA journal_mode=WAL")
+            self._db.execute(
+                "CREATE TABLE IF NOT EXISTS replay_guard "
+                "(sig TEXT PRIMARY KEY, expires_at REAL)"
+            )
+            self._db.commit()
+        self._seen: dict[str, float] = {}
         self._check_count = 0
 
     def check_and_record(self, sig_hex: str) -> bool:
         """Return False if sig was already seen, True if new (and record it)."""
-        self._check_count += 1
-        if self._check_count % 100 == 0:
-            self._prune()
-
-        now = _time.time()
-        if sig_hex in self._seen:
-            if now < self._seen[sig_hex]:
-                return False  # still valid, replay detected
-            # expired entry, treat as new
-        self._seen[sig_hex] = now + self._ttl
-        return True
-
-    def _prune(self):
         now = _time.time()
-        self._seen = {k: v for k, v in self._seen.items() if v > now}
+        expires = now + self._ttl
+
+        if self._db:
+            # Periodic prune
+            self._check_count += 1
+            if self._check_count % 100 == 0:
+                self._db.execute("DELETE FROM replay_guard WHERE expires_at <= ?", (now,))
+                self._db.commit()
+            # Atomic check-and-insert
+            try:
+                self._db.execute(
+                    "INSERT INTO replay_guard (sig, expires_at) VALUES (?, ?)",
+                    (sig_hex, expires),
+                )
+                self._db.commit()
+                return True  # new signature
+            except sqlite3.IntegrityError:
+                # Unique constraint violation = already seen, or expired
+                row = self._db.execute(
+                    "SELECT expires_at FROM replay_guard WHERE sig = ?", (sig_hex,)
+                ).fetchone()
+                if row and row[0] > now:
+                    return False  # still valid, replay
+                # Expired, update
+                self._db.execute(
+                    "UPDATE replay_guard SET expires_at = ? WHERE sig = ?",
+                    (expires, sig_hex),
+                )
+                self._db.commit()
+                return True
+        else:
+            # In-memory fallback
+            self._check_count += 1
+            if self._check_count % 100 == 0:
+                self._seen = {k: v for k, v in self._seen.items() if v > now}
+            if sig_hex in self._seen and now < self._seen[sig_hex]:
+                return False
+            self._seen[sig_hex] = expires
+            return True
 
 
 def sign_request_ed25519(
@@ -352,9 +401,9 @@ def verify_request_ed25519(
     now = _time.time()
     age = now - ts
     if age < -30:  # allow 30s clock skew for future timestamps
-        return False, f"request timestamp is in the future (skew={int(-age)}s)"
+        return False, "request timestamp is in the future"
     if age > REQUEST_MAX_AGE:
-        return False, f"request expired (age={int(age)}s, max={REQUEST_MAX_AGE}s)"
+        return False, "request expired"
 
     # Decode pubkey
     try:

{fix_cli-0.6.1 → fix_cli-0.6.4}/fix.py

@@ -85,21 +85,20 @@ INVESTIGATE_WHITELIST = {
     # Directory listing
     "ls", "find", "tree", "du",
     # Search
-    "grep", "rg", "ag", "awk", "sed",
+    "grep", "rg", "ag",
     # Versions/info
     "which", "whereis", "type", "command", "uname", "arch", "lsb_release", "hostnamectl",
     # Package queries
     "dpkg", "apt", "apt-cache", "apt-file", "apt-list", "rpm", "pacman",
     "pip", "pip3", "npm", "gem", "cargo", "rustc",
     # Runtime versions
-    "python3", "python", "node", "gcc", "g++", "make", "cmake", "java", "go", "ruby",
+    "gcc", "g++", "make", "cmake",
     "clang", "clang++", "ld", "as", "nasm",
     # Environment
-    "env", "printenv", "echo", "id", "whoami", "pwd", "hostname",
+    "echo", "id", "whoami", "pwd", "hostname",
     # System info
     "lsmod", "lscpu", "free", "df", "mount", "ip", "ss", "ps",
-    # Logs (read-only)
-    "journalctl", "dmesg",
+    # (logs removed — system info leakage)
     # Misc
     "readlink", "realpath", "basename", "dirname", "diff", "cmp",
     "strings", "nm", "ldd", "objdump", "pkg-config", "test", "timeout",
@@ -134,6 +133,13 @@ def validate_investigate_command(cmd, root=None):
     if not cmd:
         return False, "empty command"
 
+    # Block ALL shell metacharacters — eliminates pipe injection, redirects,
+    # command chaining, and code execution via subshells in one check
+    SHELL_METACHARS = set('|;&$`()')
+    for ch in cmd:
+        if ch in SHELL_METACHARS:
+            return False, f"blocked: contains shell metacharacter '{ch}'"
+
     # Block command substitution: $(...), `...`, <(...)
     if re.search(r'\$\(', cmd):
         return False, "blocked: contains $() command substitution"
@@ -169,7 +175,7 @@ def validate_investigate_command(cmd, root=None):
         if first_word not in INVESTIGATE_WHITELIST:
             return False, f"'{first_word}' not in investigation whitelist"
         # Commands that run other commands — check their argument too
-        if first_word in ("timeout", "time", "nice", "ionice", "strace"):
+        if first_word in ("timeout", "time", "nice", "ionice"):
             parts = subcmd.split()
             # Skip flags and the timeout value to find the actual command
             i = 1
@@ -180,34 +186,18 @@ def validate_investigate_command(cmd, root=None):
                 if actual not in INVESTIGATE_WHITELIST:
                     return False, f"'{actual}' (via {first_word}) not in investigation whitelist"
 
-    # Block dangerous argument patterns for commands that can execute code
-    EXEC_CAPABLE = {"python3", "python", "node", "ruby", "java", "go"}
-    EXEC_FLAGS = {"-c", "-e", "--eval", "-exec", "--exec"}
+    # Block dangerous argument patterns for remaining whitelisted commands
     for subcmd in subcmds:
         subcmd = subcmd.strip()
         if not subcmd:
             continue
         parts = subcmd.split()
         first = os.path.basename(parts[0])
-        # Block interpreter execution flags
-        if first in EXEC_CAPABLE:
-            for p in parts[1:]:
-                if p in EXEC_FLAGS:
-                    return False, f"blocked: '{first} {p}' can execute arbitrary code"
         # Block find -exec
         if first == "find":
             for p in parts[1:]:
                 if p in ("-exec", "-execdir", "-ok", "-okdir", "-delete"):
                     return False, f"blocked: 'find {p}' can modify files"
-        # Block awk/sed system() calls
-        if first in ("awk", "gawk", "mawk", "nawk"):
-            cmd_lower = subcmd.lower()
-            if "system(" in cmd_lower or "getline" in cmd_lower:
-                return False, f"blocked: '{first}' with system()/getline can execute code"
-        if first == "sed":
-            for p in parts[1:]:
-                if p in ("-i", "--in-place"):
-                    return False, f"blocked: 'sed {p}' can modify files"
 
     # Root jail: check that all path arguments resolve inside root
     if root:
@@ -913,9 +903,11 @@ def _first_run_setup():
             backend_line = 'backend = "auto"'
             print(f"  {C_DIM}Unrecognized key prefix, saved as custom.{C_RESET}")
             print(f"  {C_DIM}Set FIX_API_URL and FIX_MODEL env vars for custom endpoints.{C_RESET}")
-        with open(keyfile, "w") as f:
-            f.write(key)
-        os.chmod(keyfile, 0o600)
+        fd = os.open(keyfile, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o600)
+        try:
+            os.write(fd, key.encode())
+        finally:
+            os.close(fd)
         with open(config_path, "w") as f:
             f.write(f'# fix global config -- {provider} API\n')
             f.write(f'{backend_line}\n')
@@ -2654,23 +2646,22 @@ def apply_fix(fix_cmd, original_cmd, verify_spec, safe_mode, cfg, contract=None)
             msg += " System unchanged."
         status(f"{C_YELLOW}\u2718{C_RESET}", msg)
         if contract and contract.get("escrow"):
-            cancel_fee = contract.get("terms", {}).get("cancellation", {}).get("agent_fee", "0.002")
             bounty = contract["escrow"]["bounty"]
             both_evil = "evil_agent" in judge_flags and "evil_principal" in judge_flags
             agent_evil = "evil_agent" in judge_flags
             principal_evil = "evil_principal" in judge_flags
             if both_evil:
                 status(f"{C_RED}${C_RESET}",
-                       f"Escrow: {bounty} + fees donated to charity (both parties flagged)")
+                       f"Escrow: {bounty} + bonds donated to charity (both parties flagged)")
             elif agent_evil:
                 status(f"{C_RED}${C_RESET}",
-                       f"Escrow: {bounty} returned to principal (agent flagged, forfeits cancellation fee)")
+                       f"Escrow: {bounty} returned to principal (agent flagged, bond to charity)")
             elif principal_evil:
                 status(f"{C_RED}${C_RESET}",
                        f"Escrow: {bounty} donated to charity (principal flagged)")
             else:
                 status(f"{C_DIM}${C_RESET}",
-                       f"Escrow: {bounty} returned to principal (agent pays {cancel_fee} cancellation fee)")
+                       f"Escrow: {bounty} returned to principal (minus platform fee)")
 
     return 0 if success else 1
 

{fix_cli-0.6.1 → fix_cli-0.6.4/fix_cli.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.4
 Name: fix-cli
-Version: 0.6.1
+Version: 0.6.4
 Summary: AI-powered command fixer with contract-based dispute resolution
 Author-email: Karan Sharma <karans4@protonmail.com>
 License: AGPL-3.0-or-later
@@ -15,6 +15,7 @@ Requires-Dist: uvicorn>=0.20; extra == "server"
 Requires-Dist: starlette>=0.27; extra == "server"
 Requires-Dist: ed25519-blake2b>=1.4; extra == "server"
 Requires-Dist: requests>=2.28; extra == "server"
+Dynamic: license-file
 
 # fix
 

{fix_cli-0.6.1 → fix_cli-0.6.4}/fix_cli.egg-info/SOURCES.txt

@@ -31,4 +31,5 @@ tests/test_judge.py
 tests/test_nano.py
 tests/test_nano_integration.py
 tests/test_scrubber.py
+tests/test_security.py
 tests/test_server.py

{fix_cli-0.6.1 → fix_cli-0.6.4}/protocol.py

@@ -11,11 +11,10 @@ from enum import Enum
 
 PROTOCOL_VERSION = 2
 
-DEFAULT_BOUNTY = "0.05"
+DEFAULT_BOUNTY = "0.19"
 DEFAULT_CURRENCY = "XNO"
 DEFAULT_CHAIN = "nano"
-DEFAULT_CANCEL_FEE = "0.005"
-MINIMUM_BOUNTY = "0.05"
+MINIMUM_BOUNTY = "0.19"
 GRACE_PERIOD_SECONDS = 30
 ABANDONMENT_TIMEOUT = 120
 MAX_INVESTIGATION_ROUNDS = 5
@@ -32,7 +31,9 @@ DEFAULT_REVIEW_WINDOW = 7200  # 2 hours
 # Judge defaults
 DEFAULT_JUDGE_FEE = "0.17"  # XNO -- each side stakes this as dispute bond
 DEFAULT_RULING_TIMEOUT = 60  # seconds judge has to rule
-DEFAULT_MIN_BOND = "0"  # XNO -- minimum bond to accept a contract (0 = judge fee only)
+# Inclusive bond: bounty + judge_fee. Both sides pay the same.
+MIN_BOUNTY_EXCESS = Decimal("0.02")  # Minimum bounty above judge_fee
+CANCEL_FEE_RATE = Decimal("0.20")    # 20% of excess bond (bounty) on cancellation
 
 # Tiered court system: escalating models and fees
 COURT_TIERS = [

{fix_cli-0.6.1 → fix_cli-0.6.4}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "fix-cli"
-version = "0.6.1"
+version = "0.6.4"
 description = "AI-powered command fixer with contract-based dispute resolution"
 readme = "README.md"
 license = {text = "AGPL-3.0-or-later"}