glacis 0.1.3__py3-none-any.whl → 0.2.0__py3-none-any.whl

glacis-0.2.0.dist-info/METADATA

@@ -0,0 +1,275 @@
+Metadata-Version: 2.4
+Name: glacis
+Version: 0.2.0
+Summary: GLACIS SDK for Python - AI Compliance Attestation
+Project-URL: Homepage, https://glacis.io
+Project-URL: Documentation, https://docs.glacis.io/sdk/python
+Project-URL: Repository, https://github.com/Glacis-io/glacis-python
+Project-URL: Issues, https://github.com/Glacis-io/glacis-python/issues
+Author-email: GLACIS <sdk@glacis.io>
+License-Expression: Apache-2.0
+License-File: LICENSE
+Keywords: ai,attestation,compliance,logging,transparency
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: Apache Software License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security :: Cryptography
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.9
+Requires-Dist: httpx>=0.25.0
+Requires-Dist: pydantic>=2.0.0
+Requires-Dist: pynacl>=1.5.0
+Provides-Extra: all
+Requires-Dist: anthropic>=0.18.0; extra == 'all'
+Requires-Dist: mypy>=1.0.0; extra == 'all'
+Requires-Dist: openai>=1.0.0; extra == 'all'
+Requires-Dist: presidio-analyzer>=2.2.0; extra == 'all'
+Requires-Dist: presidio-anonymizer>=2.2.0; extra == 'all'
+Requires-Dist: pytest-asyncio>=0.21.0; extra == 'all'
+Requires-Dist: pytest-httpx>=0.22.0; extra == 'all'
+Requires-Dist: pytest>=7.0.0; extra == 'all'
+Requires-Dist: pyyaml>=6.0.0; extra == 'all'
+Requires-Dist: ruff>=0.1.0; extra == 'all'
+Requires-Dist: spacy>=3.5.0; extra == 'all'
+Requires-Dist: torch>=2.0.0; extra == 'all'
+Requires-Dist: transformers>=4.35.0; extra == 'all'
+Provides-Extra: anthropic
+Requires-Dist: anthropic>=0.18.0; extra == 'anthropic'
+Provides-Extra: controls
+Requires-Dist: presidio-analyzer>=2.2.0; extra == 'controls'
+Requires-Dist: presidio-anonymizer>=2.2.0; extra == 'controls'
+Requires-Dist: pyyaml>=6.0.0; extra == 'controls'
+Requires-Dist: spacy>=3.5.0; extra == 'controls'
+Requires-Dist: torch>=2.0.0; extra == 'controls'
+Requires-Dist: transformers>=4.35.0; extra == 'controls'
+Provides-Extra: dev
+Requires-Dist: mypy>=1.0.0; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.21.0; extra == 'dev'
+Requires-Dist: pytest-httpx>=0.22.0; extra == 'dev'
+Requires-Dist: pytest>=7.0.0; extra == 'dev'
+Requires-Dist: ruff>=0.1.0; extra == 'dev'
+Provides-Extra: jailbreak
+Requires-Dist: pyyaml>=6.0.0; extra == 'jailbreak'
+Requires-Dist: torch>=2.0.0; extra == 'jailbreak'
+Requires-Dist: transformers>=4.35.0; extra == 'jailbreak'
+Provides-Extra: openai
+Requires-Dist: openai>=1.0.0; extra == 'openai'
+Provides-Extra: redaction
+Requires-Dist: presidio-analyzer>=2.2.0; extra == 'redaction'
+Requires-Dist: presidio-anonymizer>=2.2.0; extra == 'redaction'
+Requires-Dist: pyyaml>=6.0.0; extra == 'redaction'
+Requires-Dist: spacy>=3.5.0; extra == 'redaction'
+Description-Content-Type: text/markdown
+
+<p align="center">
+  <img src="assets/glacis-logo.png" alt="Glacis" width="200">
+</p>
+
+# Glacis Python SDK
+
+**Tamper-proof audit logs for AI systems - without exposing sensitive data.**
+
+## The Problem
+
+You need to prove what your AI did for compliance, audits, or legal discovery. But sending prompts and responses to a logging service exposes sensitive data (PII, PHI, trade secrets).
+
+## The Solution
+
+Glacis creates cryptographic proofs of AI operations. Your data stays local - only a SHA-256 hash is sent for witnessing.
+
+```
+Your Infrastructure              Glacis Log
+┌─────────────────────┐         ┌─────────────────────┐
+│ "Pt. Frodo Baggins  │         │ 7a3f8b2c...         │
+│  has diabetes"      │  ──→    │ (64-char hash)      │
+│                     │         │ + timestamp         │
+│ (data stays here)   │         │ + Merkle proof      │
+└─────────────────────┘         └─────────────────────┘
+```
+
+Later, you can prove the hash matches your local records without revealing the data itself.
+
+## Installation
+
+```bash
+pip install glacis[openai]      # For OpenAI
+pip install glacis[anthropic]   # For Anthropic
+pip install glacis[controls]    # Add PII redaction + jailbreak detection
+pip install glacis[all]         # Everything
+```
+
+## Quick Start
+
+### Option 1: Drop-in Wrapper (Recommended)
+
+Replace your OpenAI/Anthropic client with a wrapped version. Every API call is automatically attested.
+
+```python
+import os
+from glacis.integrations.openai import attested_openai, get_last_receipt
+
+# Create wrapped client (offline mode - no Glacis account needed)
+client = attested_openai(
+    openai_api_key="sk-...",
+    offline=True,
+    signing_seed=os.urandom(32),
+)
+
+# Use exactly like the normal OpenAI client
+response = client.chat.completions.create(
+    model="gpt-4",
+    messages=[{"role": "user", "content": "Hello!"}]
+)
+
+# Get the attestation receipt
+receipt = get_last_receipt()
+print(f"Attestation ID: {receipt.attestation_id}")
+```
+
+Works the same for Anthropic:
+
+```python
+from glacis.integrations.anthropic import attested_anthropic, get_last_receipt
+
+client = attested_anthropic(
+    anthropic_api_key="sk-ant-...",
+    offline=True,
+    signing_seed=os.urandom(32),
+)
+```
+
+### Option 2: Direct API
+
+For custom attestations (non-OpenAI/Anthropic, or manual control):
+
+```python
+import os
+from glacis import Glacis
+
+glacis = Glacis(mode="offline", signing_seed=os.urandom(32))
+
+receipt = glacis.attest(
+    service_id="my-ai-app",
+    operation_type="inference",
+    input={"prompt": "Summarize this..."},
+    output={"response": "The document..."},
+)
+```
+
+## Adding PII Redaction
+
+Automatically detect and redact sensitive data before it's hashed:
+
+```python
+client = attested_openai(
+    openai_api_key="sk-...",
+    offline=True,
+    signing_seed=os.urandom(32),
+    redaction="fast",  # Regex-based, or "full" for ML models
+)
+
+response = client.chat.completions.create(
+    model="gpt-4",
+    messages=[{"role": "user", "content": "My SSN is 123-45-6789"}]
+)
+
+# The attestation hash is computed on: "My SSN is [US_SSN]"
+# Original text still sent to OpenAI, but redacted version is attested
+```
+
+## Configuration File
+
+For persistent settings, create `glacis.yaml`:
+
+```yaml
+attestation:
+  offline: true
+  service_id: my-ai-service
+
+controls:
+  pii_phi:
+    enabled: true
+    mode: fast          # "fast" (regex) or "full" (Presidio NER)
+
+  jailbreak:
+    enabled: true
+    threshold: 0.5      # Block prompt injection attempts
+    action: block       # "warn" or "block"
+```
+
+Then:
+
+```python
+client = attested_openai(
+    openai_api_key="sk-...",
+    config_path="glacis.yaml",
+)
+```
+
+## Retrieving Evidence
+
+Full payloads are stored locally for audits:
+
+```python
+from glacis.integrations.openai import get_last_receipt, get_evidence
+
+receipt = get_last_receipt()
+evidence = get_evidence(receipt.attestation_id)
+
+print(evidence["input"])                  # Original input
+print(evidence["output"])                 # Original output
+print(evidence["control_plane_results"])  # PII/jailbreak results
+```
+
+Evidence is stored in `~/.glacis/receipts.db` (SQLite).
+
+## Online vs Offline Mode
+
+| Feature | Offline | Online |
+|---------|---------|--------|
+| Requires Glacis account | No | Yes |
+| Signing | Local Ed25519 | Glacis witness |
+| Third-party verifiable | No | Yes (Merkle proofs) |
+| Use case | Development, air-gapped | Production, audits |
+
+To use online mode:
+
+```python
+client = attested_openai(
+    openai_api_key="sk-...",
+    glacis_api_key="glsk_live_...",  # Get at glacis.io
+)
+```
+
+## What Gets Sent to Glacis?
+
+| Data | Sent? |
+|------|-------|
+| Your prompts | No (hash only) |
+| Model responses | No (hash only) |
+| API keys | No |
+| service_id, operation_type | Yes |
+| Timestamps | Yes |
+
+## CLI
+
+Verify a receipt:
+
+```bash
+python -m glacis verify receipt.json
+```
+
+## Security
+
+- **Hashing**: SHA-256 with RFC 8785 canonical JSON (cross-runtime compatible)
+- **Signing**: Ed25519 via PyNaCl (libsodium)
+- **Online mode**: Merkle tree inclusion proofs (RFC 6962)
+
+## License
+
+Apache 2.0

glacis-0.2.0.dist-info/RECORD

@@ -0,0 +1,21 @@
+glacis/__init__.py,sha256=c56NUPfPCDk2kh9wuSiQvREvnJ3lZGk889zOUNIZt4c,3925
+glacis/__main__.py,sha256=jnL1RezHA3aCK9Vx3JziwEZF5Wxl34fyoGmB9i4_gVs,141
+glacis/client.py,sha256=dpMmaQCQ8u6QYCwY_dEyM69AI1j7xpwS6ljq4xDTOVM,29075
+glacis/config.py,sha256=tjaPgXpIkoURkVPEsRb7ELjrZf53b5IXaqho57bXo_o,4034
+glacis/crypto.py,sha256=Pq6b99DvWGtqaC-rpoDgRAZz87ygZ0lJqKDU9n-sBZg,5924
+glacis/models.py,sha256=jb-vU2r90zxEnMzmN_BgJdnN6kd3cMgbAMOPANUo79I,17265
+glacis/storage.py,sha256=2wPa4zX9ef_yoKRY_qyQm6Fj4lgkIJ4kzbK5ZZQbSNk,21428
+glacis/streaming.py,sha256=hAmR4XHQixLia6awnFfCaA9hZOtCq2b-pOzgaMd3YzQ,11260
+glacis/verify.py,sha256=e2Hr9cYrqt3gdsY7Qx69wYjAL_eoXaxZHJDuft7lNMA,4886
+glacis/controls/__init__.py,sha256=gs4avL8EAKgKwr2ocPzIl2TfEr1PeUpHi44GaCwQtWk,7737
+glacis/controls/base.py,sha256=AiLZQcH5KkXk1yQPOPB-hd0-Q8NCqX0rVoZSdq_NBOo,3321
+glacis/controls/jailbreak.py,sha256=hXPAYcN2-qnmQMZBs5QOtk7IhErNp2oKbDoU361IOss,7740
+glacis/controls/pii.py,sha256=K9_ZY4UMUiN6WTac-BvTaCyO3MhOc1oH9k5BGmq_Vrw,27833
+glacis/integrations/__init__.py,sha256=reRDe-JaxHP3TrskPjdS5mxr1uCcVSKj-Vb5-ussl8o,1965
+glacis/integrations/anthropic.py,sha256=rFf7cQuXq3Bs5ZkaPZcZltjd5EjGVCx2EeKmy287Jsg,10568
+glacis/integrations/base.py,sha256=SAB_cIK_D8hEyClOx53Qe9p0Um0KtP9Ua4gZ23FBD-o,14784
+glacis/integrations/openai.py,sha256=jtfo0RlVbEhDZfsSiGliJLcgFL2hziS2n8JukT-a4e0,8441
+glacis-0.2.0.dist-info/METADATA,sha256=UiHN1EXWrzgUxriHL9U5F7A6XmlUbMq_6u8dQuSQ5KU,8290
+glacis-0.2.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+glacis-0.2.0.dist-info/licenses/LICENSE,sha256=B7g2sM9vz4NF1poTFNMil2cnkwMFel1qUnimyvYW1sw,10766
+glacis-0.2.0.dist-info/RECORD,,