glacis 0.1.0__py3-none-any.whl

glacis/crypto.py

@@ -0,0 +1,121 @@
+"""
+RFC 8785 Canonical JSON and SHA-256 Hashing
+
+This module provides deterministic JSON serialization and hashing that produces
+identical output to the TypeScript and Rust implementations.
+
+The canonical JSON format follows RFC 8785:
+- Object keys are sorted lexicographically by Unicode code point
+- No whitespace between elements
+- Numbers without unnecessary precision
+- Recursive canonicalization of nested structures
+
+Example:
+    >>> from glacis.crypto import hash_payload
+    >>> hash1 = hash_payload({"b": 2, "a": 1})
+    >>> hash2 = hash_payload({"a": 1, "b": 2})
+    >>> assert hash1 == hash2  # Keys are sorted
+"""
+
+import hashlib
+import json
+from typing import Any
+
+
+def canonical_json(data: Any) -> str:
+    """
+    Serialize data to RFC 8785 canonical JSON.
+
+    This produces deterministic JSON that is identical across all runtimes
+    (Python, TypeScript, Rust).
+
+    Args:
+        data: Any JSON-serializable value
+
+    Returns:
+        Canonical JSON string
+
+    Raises:
+        ValueError: If data contains non-serializable values (NaN, Infinity)
+
+    Example:
+        >>> canonical_json({"b": 2, "a": 1})
+        '{"a":1,"b":2}'
+    """
+    return _canonicalize_value(data)
+
+
+def _canonicalize_value(value: Any) -> str:
+    """Recursively canonicalize a value."""
+    if value is None:
+        return "null"
+
+    if isinstance(value, bool):
+        return "true" if value else "false"
+
+    if isinstance(value, (int, float)):
+        # Check for non-finite numbers (not valid in JSON)
+        if isinstance(value, float):
+            if value != value:  # NaN check
+                raise ValueError("Cannot canonicalize NaN")
+            if value == float("inf") or value == float("-inf"):
+                raise ValueError("Cannot canonicalize Infinity")
+
+        # Use Python's default number serialization
+        # For integers, this produces no decimal point
+        # For floats, this matches JavaScript's behavior
+        return json.dumps(value)
+
+    if isinstance(value, str):
+        # Use json.dumps for proper string escaping
+        return json.dumps(value)
+
+    if isinstance(value, (list, tuple)):
+        elements = [_canonicalize_value(item) for item in value]
+        return "[" + ",".join(elements) + "]"
+
+    if isinstance(value, dict):
+        # Sort keys lexicographically by Unicode code point (RFC 8785)
+        sorted_keys = sorted(value.keys())
+        pairs = []
+        for key in sorted_keys:
+            # Skip None values (like undefined in JavaScript)
+            if value[key] is not None or key in value:
+                pairs.append(f"{json.dumps(key)}:{_canonicalize_value(value[key])}")
+        return "{" + ",".join(pairs) + "}"
+
+    raise ValueError(f"Cannot canonicalize value of type: {type(value).__name__}")
+
+
+def hash_payload(data: Any) -> str:
+    """
+    Hash data using RFC 8785 canonical JSON + SHA-256.
+
+    This is the primary hashing function for the transparency log.
+    Produces identical hashes across Python, TypeScript, and Rust runtimes.
+
+    Args:
+        data: Any JSON-serializable value
+
+    Returns:
+        Hex-encoded SHA-256 hash (64 characters)
+
+    Example:
+        >>> hash_payload({"b": 2, "a": 1})
+        'a1b2c3...'  # 64 hex characters
+    """
+    canonical = canonical_json(data)
+    return hashlib.sha256(canonical.encode("utf-8")).hexdigest()
+
+
+def hash_bytes(data: bytes) -> str:
+    """
+    Hash raw bytes using SHA-256.
+
+    Args:
+        data: Raw bytes to hash
+
+    Returns:
+        Hex-encoded SHA-256 hash (64 characters)
+    """
+    return hashlib.sha256(data).hexdigest()

glacis/integrations/__init__.py

@@ -0,0 +1,12 @@
+"""
+GLACIS integrations for popular AI providers.
+
+These integrations provide drop-in wrappers that automatically attest
+all API calls to the GLACIS transparency log.
+
+Available integrations:
+- OpenAI: `from glacis.integrations.openai import attested_openai`
+- Anthropic: `from glacis.integrations.anthropic import attested_anthropic`
+"""
+
+__all__ = []

glacis/integrations/anthropic.py

@@ -0,0 +1,222 @@
+"""
+GLACIS integration for Anthropic.
+
+Provides an attested Anthropic client wrapper that automatically logs all
+messages to the GLACIS transparency log.
+
+Example:
+    >>> from glacis.integrations.anthropic import attested_anthropic
+    >>> client = attested_anthropic(glacis_api_key="glsk_live_xxx", anthropic_api_key="sk-xxx")
+    >>> response = client.messages.create(
+    ...     model="claude-3-opus-20240229",
+    ...     messages=[{"role": "user", "content": "Hello!"}]
+    ... )
+    # Response is automatically attested to GLACIS
+"""
+
+from typing import TYPE_CHECKING, Any, Optional
+
+if TYPE_CHECKING:
+    from anthropic import Anthropic
+
+
+def attested_anthropic(
+    glacis_api_key: str,
+    anthropic_api_key: Optional[str] = None,
+    glacis_base_url: str = "https://api.glacis.dev",
+    service_id: str = "anthropic",
+    debug: bool = False,
+    **anthropic_kwargs: Any,
+) -> "Anthropic":
+    """
+    Create an attested Anthropic client.
+
+    All messages are automatically attested to the GLACIS transparency log.
+    The input (messages) and output (response) are hashed locally - the actual
+    content never leaves your infrastructure.
+
+    Args:
+        glacis_api_key: GLACIS API key
+        anthropic_api_key: Anthropic API key (default: from ANTHROPIC_API_KEY env var)
+        glacis_base_url: GLACIS API base URL
+        service_id: Service identifier for attestations
+        debug: Enable debug logging
+        **anthropic_kwargs: Additional arguments passed to Anthropic client
+
+    Returns:
+        Wrapped Anthropic client
+
+    Example:
+        >>> client = attested_anthropic(
+        ...     glacis_api_key="glsk_live_xxx",
+        ...     anthropic_api_key="sk-xxx"
+        ... )
+        >>> response = client.messages.create(
+        ...     model="claude-3-opus-20240229",
+        ...     max_tokens=1024,
+        ...     messages=[{"role": "user", "content": "Hello!"}]
+        ... )
+    """
+    try:
+        from anthropic import Anthropic
+    except ImportError:
+        raise ImportError(
+            "Anthropic integration requires the 'anthropic' package. "
+            "Install it with: pip install glacis[anthropic]"
+        )
+
+    from glacis import Glacis
+
+    glacis = Glacis(
+        api_key=glacis_api_key,
+        base_url=glacis_base_url,
+        debug=debug,
+    )
+
+    # Create the Anthropic client
+    client_kwargs: dict[str, Any] = {**anthropic_kwargs}
+    if anthropic_api_key:
+        client_kwargs["api_key"] = anthropic_api_key
+
+    client = Anthropic(**client_kwargs)
+
+    # Wrap the messages create method
+    original_create = client.messages.create
+
+    def attested_create(*args: Any, **kwargs: Any) -> Any:
+        # Extract input
+        messages = kwargs.get("messages", [])
+        model = kwargs.get("model", "unknown")
+        system = kwargs.get("system")
+
+        # Make the API call
+        response = original_create(*args, **kwargs)
+
+        # Attest the interaction
+        try:
+            input_data: dict[str, Any] = {
+                "model": model,
+                "messages": messages,
+            }
+            if system:
+                input_data["system"] = system
+
+            glacis.attest(
+                service_id=service_id,
+                operation_type="completion",
+                input=input_data,
+                output={
+                    "model": response.model,
+                    "content": [
+                        {
+                            "type": block.type,
+                            "text": getattr(block, "text", None),
+                        }
+                        for block in response.content
+                    ],
+                    "stop_reason": response.stop_reason,
+                    "usage": {
+                        "input_tokens": response.usage.input_tokens,
+                        "output_tokens": response.usage.output_tokens,
+                    },
+                },
+                metadata={"provider": "anthropic", "model": model},
+            )
+        except Exception as e:
+            if debug:
+                print(f"[glacis] Attestation failed: {e}")
+
+        return response
+
+    # Replace the create method
+    client.messages.create = attested_create  # type: ignore
+
+    return client
+
+
+def attested_async_anthropic(
+    glacis_api_key: str,
+    anthropic_api_key: Optional[str] = None,
+    glacis_base_url: str = "https://api.glacis.dev",
+    service_id: str = "anthropic",
+    debug: bool = False,
+    **anthropic_kwargs: Any,
+) -> Any:
+    """
+    Create an attested async Anthropic client.
+
+    Same as `attested_anthropic` but for async usage.
+
+    Example:
+        >>> client = attested_async_anthropic(glacis_api_key="glsk_live_xxx")
+        >>> response = await client.messages.create(...)
+    """
+    try:
+        from anthropic import AsyncAnthropic
+    except ImportError:
+        raise ImportError(
+            "Anthropic integration requires the 'anthropic' package. "
+            "Install it with: pip install glacis[anthropic]"
+        )
+
+    from glacis import AsyncGlacis
+
+    glacis = AsyncGlacis(
+        api_key=glacis_api_key,
+        base_url=glacis_base_url,
+        debug=debug,
+    )
+
+    client_kwargs: dict[str, Any] = {**anthropic_kwargs}
+    if anthropic_api_key:
+        client_kwargs["api_key"] = anthropic_api_key
+
+    client = AsyncAnthropic(**client_kwargs)
+
+    original_create = client.messages.create
+
+    async def attested_create(*args: Any, **kwargs: Any) -> Any:
+        messages = kwargs.get("messages", [])
+        model = kwargs.get("model", "unknown")
+        system = kwargs.get("system")
+
+        response = await original_create(*args, **kwargs)
+
+        try:
+            input_data: dict[str, Any] = {
+                "model": model,
+                "messages": messages,
+            }
+            if system:
+                input_data["system"] = system
+
+            await glacis.attest(
+                service_id=service_id,
+                operation_type="completion",
+                input=input_data,
+                output={
+                    "model": response.model,
+                    "content": [
+                        {
+                            "type": block.type,
+                            "text": getattr(block, "text", None),
+                        }
+                        for block in response.content
+                    ],
+                    "stop_reason": response.stop_reason,
+                    "usage": {
+                        "input_tokens": response.usage.input_tokens,
+                        "output_tokens": response.usage.output_tokens,
+                    },
+                },
+                metadata={"provider": "anthropic", "model": model},
+            )
+        except Exception as e:
+            if debug:
+                print(f"[glacis] Attestation failed: {e}")
+
+        return response
+
+    client.messages.create = attested_create  # type: ignore
+
+    return client

glacis/integrations/openai.py

@@ -0,0 +1,208 @@
+"""
+GLACIS integration for OpenAI.
+
+Provides an attested OpenAI client wrapper that automatically logs all
+completions to the GLACIS transparency log. Supports both online (server-witnessed)
+and offline (locally-signed) modes.
+
+Example (online):
+    >>> from glacis.integrations.openai import attested_openai
+    >>> client = attested_openai(glacis_api_key="glsk_live_xxx", openai_api_key="sk-xxx")
+    >>> response = client.chat.completions.create(
+    ...     model="gpt-4",
+    ...     messages=[{"role": "user", "content": "Hello!"}]
+    ... )
+    # Response is automatically attested to GLACIS
+
+Example (offline):
+    >>> client = attested_openai(openai_api_key="sk-xxx", offline=True, signing_seed=seed)
+    >>> response = client.chat.completions.create(
+    ...     model="gpt-4o",
+    ...     messages=[{"role": "user", "content": "Hello!"}],
+    ... )
+    >>> receipt = get_last_receipt()
+"""
+
+from __future__ import annotations
+
+import threading
+from typing import TYPE_CHECKING, Any, Optional, Union
+
+if TYPE_CHECKING:
+    from openai import OpenAI
+
+    from glacis.models import AttestReceipt, OfflineAttestReceipt
+
+
+# Thread-local storage for the last receipt
+_thread_local = threading.local()
+
+
+def get_last_receipt() -> Optional[Union["AttestReceipt", "OfflineAttestReceipt"]]:
+    """
+    Get the last attestation receipt from the current thread.
+
+    Returns:
+        The last AttestReceipt or OfflineAttestReceipt, or None if no attestation
+        has been made in this thread.
+    """
+    return getattr(_thread_local, "last_receipt", None)
+
+
+def attested_openai(
+    glacis_api_key: Optional[str] = None,
+    openai_api_key: Optional[str] = None,
+    glacis_base_url: str = "https://api.glacis.dev",
+    service_id: str = "openai",
+    debug: bool = False,
+    offline: bool = False,
+    signing_seed: Optional[bytes] = None,
+    **openai_kwargs: Any,
+) -> "OpenAI":
+    """
+    Create an attested OpenAI client.
+
+    All chat completions are automatically attested. Supports both online and offline modes.
+    Note: Streaming is not currently supported.
+
+    Args:
+        glacis_api_key: GLACIS API key (required for online mode)
+        openai_api_key: OpenAI API key (default: from OPENAI_API_KEY env var)
+        glacis_base_url: GLACIS API base URL
+        service_id: Service identifier for attestations
+        debug: Enable debug logging
+        offline: Enable offline mode (local signing, no server)
+        signing_seed: 32-byte Ed25519 signing seed (required for offline mode)
+        **openai_kwargs: Additional arguments passed to OpenAI client
+
+    Returns:
+        Wrapped OpenAI client
+
+    Example (online):
+        >>> client = attested_openai(
+        ...     glacis_api_key="glsk_live_xxx",
+        ...     openai_api_key="sk-xxx"
+        ... )
+        >>> response = client.chat.completions.create(
+        ...     model="gpt-4",
+        ...     messages=[{"role": "user", "content": "Hello!"}]
+        ... )
+
+    Example (offline):
+        >>> import os
+        >>> seed = os.urandom(32)
+        >>> client = attested_openai(
+        ...     openai_api_key="sk-xxx",
+        ...     offline=True,
+        ...     signing_seed=seed,
+        ... )
+        >>> response = client.chat.completions.create(
+        ...     model="gpt-4o",
+        ...     messages=[{"role": "user", "content": "Hello!"}],
+        ... )
+        >>> receipt = get_last_receipt()
+        >>> assert receipt.witness_status == "UNVERIFIED"
+    """
+    try:
+        from openai import OpenAI
+    except ImportError:
+        raise ImportError(
+            "OpenAI integration requires the 'openai' package. "
+            "Install it with: pip install glacis[openai]"
+        )
+
+    from glacis import Glacis
+
+    # Create Glacis client (online or offline)
+    if offline:
+        if not signing_seed:
+            raise ValueError("signing_seed is required for offline mode")
+        glacis = Glacis(
+            mode="offline",
+            signing_seed=signing_seed,
+            debug=debug,
+        )
+    else:
+        if not glacis_api_key:
+            raise ValueError("glacis_api_key is required for online mode")
+        glacis = Glacis(
+            api_key=glacis_api_key,
+            base_url=glacis_base_url,
+            debug=debug,
+        )
+
+    # Create the OpenAI client
+    client_kwargs: dict[str, Any] = {**openai_kwargs}
+    if openai_api_key:
+        client_kwargs["api_key"] = openai_api_key
+
+    client = OpenAI(**client_kwargs)
+
+    # Wrap the chat completions create method
+    original_create = client.chat.completions.create
+
+    def attested_create(*args: Any, **kwargs: Any) -> Any:
+        # Check for streaming - not supported
+        if kwargs.get("stream", False):
+            raise NotImplementedError(
+                "Streaming is not currently supported with attested_openai. "
+                "Use stream=False for now."
+            )
+
+        # Extract input
+        messages = kwargs.get("messages", [])
+        model = kwargs.get("model", "unknown")
+
+        # Make the API call
+        response = original_create(*args, **kwargs)
+
+        # Attest the response
+        try:
+            receipt = glacis.attest(
+                service_id=service_id,
+                operation_type="completion",
+                input={
+                    "model": model,
+                    "messages": messages,
+                },
+                output={
+                    "model": response.model,
+                    "choices": [
+                        {
+                            "message": {
+                                "role": c.message.role,
+                                "content": c.message.content,
+                            },
+                            "finish_reason": c.finish_reason,
+                        }
+                        for c in response.choices
+                    ],
+                    "usage": {
+                        "prompt_tokens": (
+                            response.usage.prompt_tokens if response.usage else 0
+                        ),
+                        "completion_tokens": (
+                            response.usage.completion_tokens if response.usage else 0
+                        ),
+                        "total_tokens": (
+                            response.usage.total_tokens if response.usage else 0
+                        ),
+                    }
+                    if response.usage
+                    else None,
+                },
+                metadata={"provider": "openai", "model": model},
+            )
+            _thread_local.last_receipt = receipt
+            if debug:
+                print(f"[glacis] Attestation created: {receipt.attestation_id}")
+        except Exception as e:
+            if debug:
+                print(f"[glacis] Attestation failed: {e}")
+
+        return response
+
+    # Replace the create method
+    client.chat.completions.create = attested_create  # type: ignore
+
+    return client