halyn 0.4.2__tar.gz → 1.0.0__tar.gz

halyn-1.0.0/LICENSE

@@ -0,0 +1,4 @@
+Copyright (c) 2026 Elmadani SALKA. All rights reserved.
+
+This software is source-available for evaluation and non-commercial use.
+For commercial licensing, contact: contact@halyn.dev

halyn-1.0.0/PKG-INFO

@@ -0,0 +1,108 @@
+Metadata-Version: 2.4
+Name: halyn
+Version: 1.0.0
+Summary: Halyn — Enforceable safety for AI agents. Shield rules, audit chain, dashboard.
+Author-email: Elmadani SALKA <contact@halyn.dev>
+License: Proprietary
+Project-URL: Homepage, https://github.com/ElmadaniS/halyn
+Project-URL: Repository, https://github.com/ElmadaniS/halyn
+Project-URL: Issues, https://github.com/ElmadaniS/halyn/issues
+Keywords: ai,browser,robotics,iot,mcp,nrp,llm,infrastructure,devops
+Classifier: Development Status :: 3 - Alpha
+Classifier: Programming Language :: Python :: 3
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: System :: Systems Administration
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: nrprotocol>=0.1.0
+Requires-Dist: aiohttp>=3.9
+Provides-Extra: enterprise
+Requires-Dist: grpcio>=1.60; extra == "enterprise"
+Requires-Dist: psycopg2-binary; extra == "enterprise"
+Requires-Dist: redis; extra == "enterprise"
+Provides-Extra: robotics
+Requires-Dist: rclpy; extra == "robotics"
+Requires-Dist: unitree-sdk2py; extra == "robotics"
+Provides-Extra: iot
+Requires-Dist: paho-mqtt; extra == "iot"
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
+Requires-Dist: pytest-asyncio; extra == "dev"
+Requires-Dist: mypy; extra == "dev"
+Requires-Dist: ruff; extra == "dev"
+Dynamic: license-file
+
+<div align="center">
+
+# Halyn
+
+**AI agents act in the world. Halyn makes sure they can't break it.**
+
+[![PyPI](https://img.shields.io/pypi/v/halyn?style=flat-square&color=0a6e3f)](https://pypi.org/project/halyn/)
+[![Python](https://img.shields.io/badge/python-3.10+-0a6e3f?style=flat-square)](https://pypi.org/project/halyn/)
+
+The safety layer for AI agents · Shield rules · Audit chain · Built-in dashboard
+
+[Website](https://halyn.dev) · [Quick Start](#quick-start) · [Dashboard](#dashboard) · [Shield Rules](#shield-rules)
+
+</div>
+
+---
+
+## The Problem
+
+AI agents are acting in the real world — deleting files, restarting servers, controlling robots. Claude has 22 MCP tools. GPT has computer use.
+
+But who stops them from breaking things?
+
+Today the answer is: the prompt says "be careful." That's like telling a car "don't crash" instead of installing brakes.
+
+**Halyn is the brakes.**
+
+## Quick Start
+
+```bash
+pip install halyn
+halyn-mcp --port 8935
+# Open http://localhost:8935 → see the dashboard
+```
+
+30 seconds. Zero code. Working dashboard.
+
+## Dashboard
+
+Built-in web UI. Type commands, see shields, watch the audit chain update in real-time.
+
+## Shield Rules
+
+Constraints enforced at protocol level. The AI has **no power** to override them.
+
+```python
+from halyn import ControlPlane, SSHDriver
+
+cp = ControlPlane()
+cp.connect(SSHDriver("192.168.1.10", "admin"))
+cp.shield("deny * delete *")    # no deletions — ever
+
+cp.act("restart nginx")   # ✓ allowed
+cp.act("rm -rf /etc")     # ✗ blocked — always
+```
+
+Not guidelines. **Physics.**
+
+## Audit Chain
+
+Every action recorded in SHA-256 hash chain. Tamper-evident, append-only.
+
+## 12 Drivers
+
+SSH, HTTP, WebSocket, Serial, MQTT, OPC-UA, ROS2, DDS, Docker, Browser, Unitree, Socket.
+
+## Built on NRP
+
+Halyn implements [NRP](https://nrprotocol.dev) — 6 rules that no AI can break.
+
+---
+
+[halyn.dev](https://halyn.dev) · [nrprotocol.dev](https://nrprotocol.dev) · [PyPI](https://pypi.org/project/halyn/) · [contact@halyn.dev](mailto:contact@halyn.dev)

halyn-1.0.0/README.md

@@ -0,0 +1,73 @@
+<div align="center">
+
+# Halyn
+
+**AI agents act in the world. Halyn makes sure they can't break it.**
+
+[![PyPI](https://img.shields.io/pypi/v/halyn?style=flat-square&color=0a6e3f)](https://pypi.org/project/halyn/)
+[![Python](https://img.shields.io/badge/python-3.10+-0a6e3f?style=flat-square)](https://pypi.org/project/halyn/)
+
+The safety layer for AI agents · Shield rules · Audit chain · Built-in dashboard
+
+[Website](https://halyn.dev) · [Quick Start](#quick-start) · [Dashboard](#dashboard) · [Shield Rules](#shield-rules)
+
+</div>
+
+---
+
+## The Problem
+
+AI agents are acting in the real world — deleting files, restarting servers, controlling robots. Claude has 22 MCP tools. GPT has computer use.
+
+But who stops them from breaking things?
+
+Today the answer is: the prompt says "be careful." That's like telling a car "don't crash" instead of installing brakes.
+
+**Halyn is the brakes.**
+
+## Quick Start
+
+```bash
+pip install halyn
+halyn-mcp --port 8935
+# Open http://localhost:8935 → see the dashboard
+```
+
+30 seconds. Zero code. Working dashboard.
+
+## Dashboard
+
+Built-in web UI. Type commands, see shields, watch the audit chain update in real-time.
+
+## Shield Rules
+
+Constraints enforced at protocol level. The AI has **no power** to override them.
+
+```python
+from halyn import ControlPlane, SSHDriver
+
+cp = ControlPlane()
+cp.connect(SSHDriver("192.168.1.10", "admin"))
+cp.shield("deny * delete *")    # no deletions — ever
+
+cp.act("restart nginx")   # ✓ allowed
+cp.act("rm -rf /etc")     # ✗ blocked — always
+```
+
+Not guidelines. **Physics.**
+
+## Audit Chain
+
+Every action recorded in SHA-256 hash chain. Tamper-evident, append-only.
+
+## 12 Drivers
+
+SSH, HTTP, WebSocket, Serial, MQTT, OPC-UA, ROS2, DDS, Docker, Browser, Unitree, Socket.
+
+## Built on NRP
+
+Halyn implements [NRP](https://nrprotocol.dev) — 6 rules that no AI can break.
+
+---
+
+[halyn.dev](https://halyn.dev) · [nrprotocol.dev](https://nrprotocol.dev) · [PyPI](https://pypi.org/project/halyn/) · [contact@halyn.dev](mailto:contact@halyn.dev)

{halyn-0.4.2 → halyn-1.0.0}/pyproject.toml

@@ -1,16 +1,15 @@
 [project]
 name = "halyn"
-version = "0.4.2"
-description = "Halyn — NRP control plane with domain-scoped authorization."
+version = "1.0.0"
+description = "Halyn — Enforceable safety for AI agents. Shield rules, audit chain, dashboard."
 requires-python = ">=3.10"
-license = {text = "MIT"}
+license = {text = "Proprietary"}
 authors = [{name = "Elmadani SALKA", email = "contact@halyn.dev"}]
 readme = "README.md"
 keywords = ["ai", "browser", "robotics", "iot", "mcp", "nrp", "llm", "infrastructure", "devops"]
 classifiers = [
     "Development Status :: 3 - Alpha",
-    "License :: OSI Approved :: MIT License",
-    "Programming Language :: Python :: 3",
+        "Programming Language :: Python :: 3",
     "Topic :: Scientific/Engineering :: Artificial Intelligence",
     "Topic :: System :: Systems Administration",
 ]

{halyn-0.4.2 → halyn-1.0.0}/src/halyn/__init__.py

@@ -2,7 +2,7 @@
 # Licensed under the MIT License. See LICENSE file.
 """Halyn — Connect any device to any AI."""
 
-__version__ = "0.4.2"
+__version__ = "1.0.0"
 __author__ = "Elmadani SALKA"
 __license__ = "MIT"
 

{halyn-0.4.2 → halyn-1.0.0}/src/halyn/control_plane.py

@@ -320,6 +320,99 @@ class ControlPlane:
 
     # ─── Internal ───────────────────────────────
 
+
+    # ═══════════════════════════════════════════════════
+    #  Convenience API — synchronous, for scripts & REPLs
+    # ═══════════════════════════════════════════════════
+
+    def shield(self, rule: str) -> None:
+        """Add an enforceable shield rule.
+        
+        Example:
+            cp.shield("deny * delete *")
+            cp.shield("deny * rm *")
+            cp.shield("deny production reboot")
+        """
+        if not hasattr(self, '_shields'):
+            self._shields = []
+        rule = rule.strip()
+        if not rule:
+            raise ValueError("Shield rule cannot be empty")
+        parts = rule.lower().split()
+        if len(parts) < 3 or parts[0] != "deny":
+            raise ValueError(f"Invalid shield rule: {rule!r}. Format: 'deny <scope> <action> [condition]'")
+        self._shields.append(rule)
+
+    def connect(self, driver) -> None:
+        """Connect a device driver to the control plane.
+        
+        Example:
+            cp.connect(SSHDriver("192.168.1.10", "admin"))
+        """
+        if not hasattr(self, '_drivers'):
+            self._drivers = []
+        self._drivers.append(driver)
+
+    def act(self, command: str, node: str = "*") -> dict:
+        """Execute an action, checked against shield rules.
+        
+        Returns dict with result. Raises if blocked.
+        
+        Example:
+            cp.act("restart nginx")        # ✓ allowed
+            cp.act("rm -rf /etc")          # ✗ blocked
+        """
+        from halyn.shield import check_shields
+        shields = getattr(self, '_shields', [])
+        blocked = check_shields(shields, node, command)
+        if blocked:
+            return {"blocked": True, "reason": f"Shield rule: {blocked}", "command": command}
+        
+        # If we have connected drivers, try to execute
+        drivers = getattr(self, '_drivers', [])
+        if drivers:
+            for drv in drivers:
+                if hasattr(drv, 'execute'):
+                    try:
+                        import asyncio
+                        loop = asyncio.new_event_loop()
+                        result = loop.run_until_complete(drv.execute(command))
+                        loop.close()
+                        return {"ok": True, "command": command, "result": str(result)}
+                    except Exception as e:
+                        return {"ok": True, "command": command, "note": str(e)}
+        
+        return {"ok": True, "command": command, "note": "demo mode — connect a device to execute for real"}
+
+    def observe(self, node: str = "*") -> dict:
+        """Read the current state of connected devices.
+        
+        Example:
+            state = cp.observe()
+            print(state)  # {"cpu": 23.4, "mem": 67.2, ...}
+        """
+        drivers = getattr(self, '_drivers', [])
+        if drivers:
+            results = {}
+            for drv in drivers:
+                if hasattr(drv, 'observe'):
+                    try:
+                        import asyncio
+                        loop = asyncio.new_event_loop()
+                        state = loop.run_until_complete(drv.observe())
+                        loop.close()
+                        results.update(state if isinstance(state, dict) else {"state": state})
+                    except Exception as e:
+                        results["error"] = str(e)
+            return results
+        return {"status": "demo", "note": "No devices connected. Use cp.connect(driver) to add devices."}
+
+    @property
+    def shields(self) -> list[str]:
+        """List all active shield rules."""
+        return list(getattr(self, '_shields', []))
+
+
     async def _connect_from_config(self, node_cfg: dict[str, Any]) -> None:
         """Connect a node from YAML config."""
         nrp_id = node_cfg.get("id", "")

{halyn-0.4.2 → halyn-1.0.0}/src/halyn/drivers/browser.py

@@ -13,6 +13,16 @@ class BrowserDriver(NRPDriver):
     def __init__(self, cdp_url: str = "http://localhost:9222") -> None:
         self.cdp_url = cdp_url
 
+    def manifest(self) -> NRPManifest:
+        """Declare this driver's capabilities."""
+        return NRPManifest(
+            nrp_id=NRPId.create("local", "browser", "default"),
+            driver="BrowserDriver",
+            channels=[],
+            actions=[],
+            shields=[],
+        )
+
     @property
     def kind(self) -> str: return "browser"
 

{halyn-0.4.2 → halyn-1.0.0}/src/halyn/drivers/docker.py

@@ -13,6 +13,16 @@ class DockerDriver(NRPDriver):
     def __init__(self, host: str = "unix:///var/run/docker.sock") -> None:
         self.host = host
 
+    def manifest(self) -> NRPManifest:
+        """Declare this driver's capabilities."""
+        return NRPManifest(
+            nrp_id=NRPId.create("local", "docker", "default"),
+            driver="DockerDriver",
+            channels=[],
+            actions=[],
+            shields=[],
+        )
+
     @property
     def kind(self) -> str: return "docker"
 

{halyn-0.4.2 → halyn-1.0.0}/src/halyn/drivers/mqtt.py

@@ -28,6 +28,16 @@ class MQTTDriver(NRPDriver):
         self._client: Any = None
         self._last_messages: dict[str, Any] = {}
 
+    def manifest(self) -> NRPManifest:
+        """Declare this driver's capabilities."""
+        return NRPManifest(
+            nrp_id=NRPId.create("local", "mqtt", "default"),
+            driver="MQTTDriver",
+            channels=[],
+            actions=[],
+            shields=[],
+        )
+
     @property
     def kind(self) -> str:
         return "mqtt"

{halyn-0.4.2 → halyn-1.0.0}/src/halyn/drivers/opcua.py

@@ -17,6 +17,16 @@ class OPCUADriver(NRPDriver):
         self.node_ids = node_ids or []
         self._client: Any = None
 
+    def manifest(self) -> NRPManifest:
+        """Declare this driver's capabilities."""
+        return NRPManifest(
+            nrp_id=NRPId.create("local", "opcua", "default"),
+            driver="OPCUADriver",
+            channels=[],
+            actions=[],
+            shields=[],
+        )
+
     @property
     def kind(self) -> str: return "opcua"
 

{halyn-0.4.2 → halyn-1.0.0}/src/halyn/drivers/ros2.py

@@ -37,6 +37,16 @@ class ROS2Driver(NRPDriver):
         self._ros_node: Any = None
         self._latest: dict[str, Any] = {}
 
+    def manifest(self) -> NRPManifest:
+        """Declare this driver's capabilities."""
+        return NRPManifest(
+            nrp_id=NRPId.create("local", "ros2", "default"),
+            driver="ROS2Driver",
+            channels=[],
+            actions=[],
+            shields=[],
+        )
+
     @property
     def kind(self) -> str:
         return "ros2"

{halyn-0.4.2 → halyn-1.0.0}/src/halyn/drivers/unitree.py

@@ -16,6 +16,16 @@ class UnitreeDriver(NRPDriver):
         self.model = model
         self._sdk: Any = None
 
+    def manifest(self) -> NRPManifest:
+        """Declare this driver's capabilities."""
+        return NRPManifest(
+            nrp_id=NRPId.create("local", "unitree", "default"),
+            driver="UnitreeDriver",
+            channels=[],
+            actions=[],
+            shields=[],
+        )
+
     @property
     def kind(self) -> str: return "unitree"
 

halyn-1.0.0/src/halyn/shield.py

@@ -0,0 +1,113 @@
+# Copyright (c) 2026 Elmadani SALKA. All rights reserved.
+"""
+Halyn Shield Engine — Enforceable safety rules.
+
+Shield rules are constraints that AI agents physically cannot bypass.
+They are enforced by the protocol, not by the AI.
+
+Hardened against:
+  - Case variations (DELETE, Delete, dElEtE)
+  - Unicode tricks (fullwidth characters ＤＥＬ)
+  - Obfuscation (d.e.l.e.t.e, d-e-l-e-t-e)
+  - Synonyms (delete=rm=remove=unlink=shred=erase=destroy=wipe=purge=truncate)
+"""
+
+from __future__ import annotations
+
+import re
+import unicodedata
+from typing import Optional
+
+
+# Semantic groups: words that mean the same dangerous action
+SYNONYMS: dict[str, set[str]] = {
+    "delete": {"delete", "rm", "remove", "unlink", "shred", "erase", "destroy",
+               "wipe", "purge", "truncate", "del", "rmdir", "rmtree"},
+    "drop": {"drop", "truncate", "destroy"},
+    "kill": {"kill", "terminate", "abort", "sigkill", "sigterm"},
+    "reboot": {"reboot", "restart", "shutdown", "poweroff", "halt", "init 0",
+               "init 6", "systemctl reboot", "systemctl poweroff"},
+    "format": {"format", "mkfs", "fdisk", "dd if=/dev/zero"},
+    "chmod": {"chmod 777", "chmod 666", "chmod a+rwx"},
+}
+
+# Build reverse lookup: word → canonical group
+_WORD_TO_GROUP: dict[str, str] = {}
+for group, words in SYNONYMS.items():
+    for w in words:
+        _WORD_TO_GROUP[w] = group
+
+
+def normalize_command(command: str) -> str:
+    """Normalize a command for shield matching.
+    
+    1. Unicode NFKD normalization (fullwidth → ASCII)
+    2. Strip non-alphanumeric separators used for obfuscation
+    3. Lowercase
+    """
+    # NFKD: fullwidth ＤＥＬ → DEL, accented → base
+    norm = unicodedata.normalize("NFKD", command)
+    # Keep only ASCII
+    norm = norm.encode("ascii", "ignore").decode("ascii")
+    # Lowercase
+    norm = norm.lower()
+    # Remove common obfuscation: brackets, dots between letters
+    # But keep spaces and slashes (meaningful in commands)
+    norm = re.sub(r'[\[\]\(\)\{\}]', '', norm)
+    return norm
+
+
+def expand_synonyms(action_word: str) -> set[str]:
+    """Get all synonyms for a given action word."""
+    action_lower = action_word.lower()
+    group = _WORD_TO_GROUP.get(action_lower)
+    if group:
+        return SYNONYMS[group]
+    return {action_lower}
+
+
+def check_shields(shields: list[str], node: str, command: str) -> Optional[str]:
+    """Check if a command is blocked by any shield rule.
+    
+    Returns the blocking rule string, or None if allowed.
+    
+    Rule format: "deny <scope> <action> [condition]"
+      scope: "*" or specific node name
+      action: "*" or word (with synonym expansion)
+      condition: optional additional match
+    """
+    cmd_normalized = normalize_command(command)
+    
+    for rule in shields:
+        parts = rule.lower().split()
+        if len(parts) < 3 or parts[0] != "deny":
+            continue
+        
+        scope = parts[1]
+        action = parts[2]
+        condition = " ".join(parts[3:]) if len(parts) > 3 else ""
+        
+        # Check scope
+        if scope != "*" and scope != node.lower():
+            continue
+        
+        # Check action with synonym expansion
+        if action == "*":
+            # Wildcard action: check condition
+            if not condition or condition == "*":
+                return rule  # deny everything
+            cond_words = expand_synonyms(condition)
+            if any(w in cmd_normalized for w in cond_words):
+                return rule
+        else:
+            # Specific action: expand synonyms
+            action_words = expand_synonyms(action)
+            if any(w in cmd_normalized for w in action_words):
+                # Check condition if present
+                if not condition or condition == "*":
+                    return rule
+                cond_words = expand_synonyms(condition)
+                if any(w in cmd_normalized for w in cond_words):
+                    return rule
+    
+    return None

halyn-1.0.0/src/halyn.egg-info/PKG-INFO

@@ -0,0 +1,108 @@
+Metadata-Version: 2.4
+Name: halyn
+Version: 1.0.0
+Summary: Halyn — Enforceable safety for AI agents. Shield rules, audit chain, dashboard.
+Author-email: Elmadani SALKA <contact@halyn.dev>
+License: Proprietary
+Project-URL: Homepage, https://github.com/ElmadaniS/halyn
+Project-URL: Repository, https://github.com/ElmadaniS/halyn
+Project-URL: Issues, https://github.com/ElmadaniS/halyn/issues
+Keywords: ai,browser,robotics,iot,mcp,nrp,llm,infrastructure,devops
+Classifier: Development Status :: 3 - Alpha
+Classifier: Programming Language :: Python :: 3
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: System :: Systems Administration
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: nrprotocol>=0.1.0
+Requires-Dist: aiohttp>=3.9
+Provides-Extra: enterprise
+Requires-Dist: grpcio>=1.60; extra == "enterprise"
+Requires-Dist: psycopg2-binary; extra == "enterprise"
+Requires-Dist: redis; extra == "enterprise"
+Provides-Extra: robotics
+Requires-Dist: rclpy; extra == "robotics"
+Requires-Dist: unitree-sdk2py; extra == "robotics"
+Provides-Extra: iot
+Requires-Dist: paho-mqtt; extra == "iot"
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
+Requires-Dist: pytest-asyncio; extra == "dev"
+Requires-Dist: mypy; extra == "dev"
+Requires-Dist: ruff; extra == "dev"
+Dynamic: license-file
+
+<div align="center">
+
+# Halyn
+
+**AI agents act in the world. Halyn makes sure they can't break it.**
+
+[![PyPI](https://img.shields.io/pypi/v/halyn?style=flat-square&color=0a6e3f)](https://pypi.org/project/halyn/)
+[![Python](https://img.shields.io/badge/python-3.10+-0a6e3f?style=flat-square)](https://pypi.org/project/halyn/)
+
+The safety layer for AI agents · Shield rules · Audit chain · Built-in dashboard
+
+[Website](https://halyn.dev) · [Quick Start](#quick-start) · [Dashboard](#dashboard) · [Shield Rules](#shield-rules)
+
+</div>
+
+---
+
+## The Problem
+
+AI agents are acting in the real world — deleting files, restarting servers, controlling robots. Claude has 22 MCP tools. GPT has computer use.
+
+But who stops them from breaking things?
+
+Today the answer is: the prompt says "be careful." That's like telling a car "don't crash" instead of installing brakes.
+
+**Halyn is the brakes.**
+
+## Quick Start
+
+```bash
+pip install halyn
+halyn-mcp --port 8935
+# Open http://localhost:8935 → see the dashboard
+```
+
+30 seconds. Zero code. Working dashboard.
+
+## Dashboard
+
+Built-in web UI. Type commands, see shields, watch the audit chain update in real-time.
+
+## Shield Rules
+
+Constraints enforced at protocol level. The AI has **no power** to override them.
+
+```python
+from halyn import ControlPlane, SSHDriver
+
+cp = ControlPlane()
+cp.connect(SSHDriver("192.168.1.10", "admin"))
+cp.shield("deny * delete *")    # no deletions — ever
+
+cp.act("restart nginx")   # ✓ allowed
+cp.act("rm -rf /etc")     # ✗ blocked — always
+```
+
+Not guidelines. **Physics.**
+
+## Audit Chain
+
+Every action recorded in SHA-256 hash chain. Tamper-evident, append-only.
+
+## 12 Drivers
+
+SSH, HTTP, WebSocket, Serial, MQTT, OPC-UA, ROS2, DDS, Docker, Browser, Unitree, Socket.
+
+## Built on NRP
+
+Halyn implements [NRP](https://nrprotocol.dev) — 6 rules that no AI can break.
+
+---
+
+[halyn.dev](https://halyn.dev) · [nrprotocol.dev](https://nrprotocol.dev) · [PyPI](https://pypi.org/project/halyn/) · [contact@halyn.dev](mailto:contact@halyn.dev)

{halyn-0.4.2 → halyn-1.0.0}/src/halyn.egg-info/SOURCES.txt

@@ -21,6 +21,7 @@ src/halyn/nrp_bridge.py
 src/halyn/py.typed
 src/halyn/sanitizer.py
 src/halyn/server.py
+src/halyn/shield.py
 src/halyn/types.py
 src/halyn/watchdog.py
 src/halyn.egg-info/PKG-INFO