halyn 2.0.0__tar.gz → 2.1.0__tar.gz

halyn-2.1.0/LICENSE

@@ -0,0 +1,58 @@
+Business Source License 1.1
+
+Licensor:             Elmadani SALKA
+Licensed Work:        Halyn
+                      The Licensed Work is (c) 2026 Elmadani SALKA
+Change Date:          2029-03-25
+Change License:       MIT License
+
+Additional Use Grant: You may use the Licensed Work for non-commercial purposes,
+                      research, education, and personal projects free of charge.
+                      Commercial use requires a separate commercial license.
+                      Contact: contact@halyn.dev
+
+---
+
+The Business Source License (this document, or the "License") is not an Open
+Source license. However, the Licensed Work will eventually be made available
+under an Open Source License, as stated in this License.
+
+License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
+"Business Source License" is a trademark of MariaDB Corporation Ab.
+
+Parameters
+
+Licensor:             Elmadani SALKA
+Licensed Work:        Halyn — Enforceable safety for AI agents
+Change Date:          2029-03-25
+Change License:       MIT License
+
+For information about alternative licensing arrangements, contact:
+contact@halyn.dev · https://halyn.dev
+
+---
+
+1. Grant of Rights
+
+The Licensor hereby grants you the right to copy, modify, create derivative
+works, redistribute, and make non-production use of the Licensed Work.
+
+The Licensor may make an Additional Use Grant, above, permitting limited
+production use.
+
+2. Change Date
+
+After the Change Date, the Grant of Rights is governed by the Change License.
+
+3. No Other Rights
+
+The License does not grant you any right in any trademark or logo of Licensor.
+
+4. Disclaimer of Warranty
+
+UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE EXTENT
+POSSIBLE, THE LICENSOR OFFERS THE LICENSED WORK AS-IS AND AS-AVAILABLE, AND
+MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE LICENSED WORK,
+WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHER.
+
+Full BSL 1.1 text: https://mariadb.com/bsl11/

halyn-2.1.0/PKG-INFO

@@ -0,0 +1,234 @@
+Metadata-Version: 2.4
+Name: halyn
+Version: 2.1.0
+Summary: Halyn — The governance layer for AI agents. Every action intercepted. Every decision auditable.
+Author-email: Elmadani SALKA <contact@halyn.dev>
+License: BSL-1.1
+Project-URL: Homepage, https://halyn.dev
+Project-URL: Repository, https://github.com/halyndev/halyn
+Project-URL: Issues, https://github.com/halyndev/halyn/issues
+Project-URL: Documentation, https://halyn.dev/docs
+Project-URL: Changelog, https://github.com/halyndev/halyn/blob/main/CHANGELOG.md
+Keywords: ai,agents,governance,accountability,audit,mcp,security,aap,nrp,iot,robotics
+Classifier: Development Status :: 4 - Beta
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: Security
+Classifier: Topic :: System :: Systems Administration
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: aiohttp>=3.9
+Provides-Extra: iot
+Requires-Dist: paho-mqtt; extra == "iot"
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
+Requires-Dist: pytest-asyncio; extra == "dev"
+Requires-Dist: mypy; extra == "dev"
+Requires-Dist: ruff; extra == "dev"
+Dynamic: license-file
+
+<div align="center">
+
+# Halyn
+
+**The governance layer for AI agents.**
+
+[![PyPI](https://img.shields.io/pypi/v/halyn?style=flat-square&color=20c754)](https://pypi.org/project/halyn/)
+[![Python 3.10+](https://img.shields.io/badge/Python-3.10+-20c754?style=flat-square)](https://python.org)
+[![License: BSL-1.1](https://img.shields.io/badge/License-BSL--1.1-orange?style=flat-square)](LICENSE)
+[![Website](https://img.shields.io/badge/Website-halyn.dev-20c754?style=flat-square)](https://halyn.dev)
+
+Every action intercepted. Every decision auditable. The AI cannot bypass it.
+
+[Website](https://halyn.dev) · [Why Halyn](#why-halyn) · [Install](#install) · [Architecture](#architecture) · [Protocols](#protocols)
+
+</div>
+
+---
+
+## Why Halyn
+
+AI agents — Claude, GPT, Gemini, local models — act on your machine. They read files, send emails, control browsers, call APIs. With no independent proof of what happened.
+
+**Halyn is the independent layer that sits between any AI agent and your system.**
+
+```
+Claude / GPT / Gemini / Ollama / Any agent
+                │
+                ▼
+    ┌─────────────────────────────┐
+    │       HALYN LAYER           │  ← runs locally, out of agent reach
+    │                             │
+    │  • Identity   — who is acting?          │
+    │  • Consent    — was it approved?        │
+    │  • Audit      — SHA-256 chain proof     │
+    │  • Shield     — what can it NOT do?     │
+    │  • Watchdog   — integrity monitoring    │
+    └─────────────────────────────┘
+                │
+                ▼
+        Your machine · Your files · Your system
+```
+
+Every action produces a cryptographic proof stored locally. Not in the cloud. Not at Anthropic. On your machine.
+
+---
+
+## Install
+
+```bash
+pip install halyn
+halyn serve
+```
+
+Opens the dashboard at `http://localhost:7420`. Nothing leaves your machine.
+
+```bash
+# Or with curl
+curl -fsSL https://halyn.dev/install | bash
+```
+
+The install script tells you exactly what it will do before doing anything.
+
+---
+
+## Quick Start
+
+```python
+from halyn import ControlPlane
+
+# Start the governance layer
+gov = ControlPlane()
+gov.serve()  # dashboard at localhost:7420
+
+# Register an agent
+agent = gov.register_agent(
+    name="claude-cowork",
+    provider="anthropic",
+    autonomy_level=2,  # executor — reversible actions only
+)
+
+# Every agent action is intercepted and recorded
+result = agent.act("read_file", "/docs/contract.pdf")
+print(result.proof)    # sha256:a3f2e1...
+print(result.allowed)  # True
+```
+
+---
+
+## Architecture
+
+Halyn intercepts at three independent layers simultaneously:
+
+### Layer 1 — API Proxy
+All LLM API calls (Claude, GPT, Gemini) pass through a local proxy on `127.0.0.1`.  
+Intent is read before transmission. Shield rules apply before the request reaches the provider.  
+Implemented via `iptables REDIRECT` — kernel-level, not a library hook.
+
+### Layer 2 — Filesystem Hooks
+`inotify` (Linux) / `FSEvents` (macOS) / `ReadDirectoryChanges` (Windows).  
+Every file access by an agent process is captured before execution, at the VFS layer.  
+LD_PRELOAD cannot bypass this — inotify fires in kernel space regardless.
+
+### Layer 3 — Process Isolation + eBPF
+Halyn runs as a separate system user. Agents cannot read or write its audit database.  
+On Linux ≥5.8: eBPF programs are pinned to `/sys/fs/bpf/halyn/` and monitor all syscalls.  
+Audit chain is SHA-256 with chained hashes, AES-256 encrypted at rest.
+
+### Layer 4 — Browser Guard (optional)
+Chrome Enterprise Policy extension intercepts all CDP calls, DOM mutations, XHR, and fetch.  
+Deployed via `/etc/opt/chrome/policies/managed/halyn.json` — the agent cannot uninstall it.
+
+---
+
+## Autonomy Levels
+
+| Level | Name | What the agent can do |
+|-------|------|-----------------------|
+| 0 | Observer | Read-only access. No mutations. |
+| 1 | Assistant | Suggests actions. Human executes. |
+| 2 | Executor | Executes reversible actions. |
+| 3 | Delegated | Executes with post-hoc audit. |
+| 4 | Autonomous | Full autonomy. Use with extreme caution. |
+
+---
+
+## Supported Agents
+
+| Agent | Type | Integration |
+|-------|------|-------------|
+| Claude (Anthropic) | Cloud | Proxy + MCP |
+| GPT-4o / o3 (OpenAI) | Cloud | Proxy |
+| Gemini (Google) | Cloud | Proxy |
+| Ollama | Local | Direct |
+| LM Studio | Local | Direct |
+| Jan.ai | Local | Direct |
+| OpenClaw | Agentic | Interceptor |
+| Any MCP agent | Any | MCP server |
+
+---
+
+## Protocols
+
+Halyn implements two open protocols:
+
+### AAP — Agent Accountability Protocol
+The accountability layer MCP and A2A don't have.  
+Four primitives: **Identity**, **Provenance**, **Authorization**, **Audit**.  
+Spec: [github.com/halyndev/aap](https://github.com/halyndev/aap) · License: MIT
+
+### NRP — Node Reach Protocol
+Safety standard for agents in physical and connected systems.  
+Six rules: **Manifest**, **Observe**, **Act**, **Shield**, **Audit**, **Consent**.  
+Spec: [github.com/halyndev/nrprotocol](https://github.com/halyndev/nrprotocol) · License: MIT
+
+---
+
+## Dashboard
+
+The local dashboard at `http://localhost:7420` provides:
+
+- **Live feed** — every agent action in real time, in plain language
+- **Agents** — who is active, at what autonomy level, how to pause or stop
+- **Audit chain** — cryptographic proof of every action since install
+- **Rules** — configure what each agent can and cannot do
+- **Protocols** — connected devices and integrations
+- **Insights** — patterns, blocked actions, anomalies
+
+The dashboard process runs under a separate system user. Agents cannot kill, read, or modify it.
+
+---
+
+## Security Honest Statement
+
+Halyn does not claim bypassing is impossible.  
+Halyn claims: **every bypass attempt leaves a proven trace you see first.**
+
+Known limitations are documented in [SECURITY.md](SECURITY.md).  
+Report vulnerabilities to contact@halyn.dev — we respond within 24 hours.
+
+---
+
+## Contributing
+
+See [CONTRIBUTING.md](CONTRIBUTING.md).
+
+---
+
+## License
+
+**[BSL-1.1](LICENSE)** — Business Source License 1.1
+
+- **Free** for personal use, research, and education
+- **Commercial use** requires a license — [contact@halyn.dev](mailto:contact@halyn.dev)
+- **Change date:** 2029-03-25 → becomes MIT automatically
+
+Protocol specs ([AAP](https://github.com/halyndev/aap), [NRP](https://github.com/halyndev/nrprotocol)) are MIT and always will be.
+
+---
+
+**Author:** Elmadani SALKA · [contact@halyn.dev](mailto:contact@halyn.dev) · [halyn.dev](https://halyn.dev)

halyn-2.1.0/README.md

@@ -0,0 +1,201 @@
+<div align="center">
+
+# Halyn
+
+**The governance layer for AI agents.**
+
+[![PyPI](https://img.shields.io/pypi/v/halyn?style=flat-square&color=20c754)](https://pypi.org/project/halyn/)
+[![Python 3.10+](https://img.shields.io/badge/Python-3.10+-20c754?style=flat-square)](https://python.org)
+[![License: BSL-1.1](https://img.shields.io/badge/License-BSL--1.1-orange?style=flat-square)](LICENSE)
+[![Website](https://img.shields.io/badge/Website-halyn.dev-20c754?style=flat-square)](https://halyn.dev)
+
+Every action intercepted. Every decision auditable. The AI cannot bypass it.
+
+[Website](https://halyn.dev) · [Why Halyn](#why-halyn) · [Install](#install) · [Architecture](#architecture) · [Protocols](#protocols)
+
+</div>
+
+---
+
+## Why Halyn
+
+AI agents — Claude, GPT, Gemini, local models — act on your machine. They read files, send emails, control browsers, call APIs. With no independent proof of what happened.
+
+**Halyn is the independent layer that sits between any AI agent and your system.**
+
+```
+Claude / GPT / Gemini / Ollama / Any agent
+                │
+                ▼
+    ┌─────────────────────────────┐
+    │       HALYN LAYER           │  ← runs locally, out of agent reach
+    │                             │
+    │  • Identity   — who is acting?          │
+    │  • Consent    — was it approved?        │
+    │  • Audit      — SHA-256 chain proof     │
+    │  • Shield     — what can it NOT do?     │
+    │  • Watchdog   — integrity monitoring    │
+    └─────────────────────────────┘
+                │
+                ▼
+        Your machine · Your files · Your system
+```
+
+Every action produces a cryptographic proof stored locally. Not in the cloud. Not at Anthropic. On your machine.
+
+---
+
+## Install
+
+```bash
+pip install halyn
+halyn serve
+```
+
+Opens the dashboard at `http://localhost:7420`. Nothing leaves your machine.
+
+```bash
+# Or with curl
+curl -fsSL https://halyn.dev/install | bash
+```
+
+The install script tells you exactly what it will do before doing anything.
+
+---
+
+## Quick Start
+
+```python
+from halyn import ControlPlane
+
+# Start the governance layer
+gov = ControlPlane()
+gov.serve()  # dashboard at localhost:7420
+
+# Register an agent
+agent = gov.register_agent(
+    name="claude-cowork",
+    provider="anthropic",
+    autonomy_level=2,  # executor — reversible actions only
+)
+
+# Every agent action is intercepted and recorded
+result = agent.act("read_file", "/docs/contract.pdf")
+print(result.proof)    # sha256:a3f2e1...
+print(result.allowed)  # True
+```
+
+---
+
+## Architecture
+
+Halyn intercepts at three independent layers simultaneously:
+
+### Layer 1 — API Proxy
+All LLM API calls (Claude, GPT, Gemini) pass through a local proxy on `127.0.0.1`.  
+Intent is read before transmission. Shield rules apply before the request reaches the provider.  
+Implemented via `iptables REDIRECT` — kernel-level, not a library hook.
+
+### Layer 2 — Filesystem Hooks
+`inotify` (Linux) / `FSEvents` (macOS) / `ReadDirectoryChanges` (Windows).  
+Every file access by an agent process is captured before execution, at the VFS layer.  
+LD_PRELOAD cannot bypass this — inotify fires in kernel space regardless.
+
+### Layer 3 — Process Isolation + eBPF
+Halyn runs as a separate system user. Agents cannot read or write its audit database.  
+On Linux ≥5.8: eBPF programs are pinned to `/sys/fs/bpf/halyn/` and monitor all syscalls.  
+Audit chain is SHA-256 with chained hashes, AES-256 encrypted at rest.
+
+### Layer 4 — Browser Guard (optional)
+Chrome Enterprise Policy extension intercepts all CDP calls, DOM mutations, XHR, and fetch.  
+Deployed via `/etc/opt/chrome/policies/managed/halyn.json` — the agent cannot uninstall it.
+
+---
+
+## Autonomy Levels
+
+| Level | Name | What the agent can do |
+|-------|------|-----------------------|
+| 0 | Observer | Read-only access. No mutations. |
+| 1 | Assistant | Suggests actions. Human executes. |
+| 2 | Executor | Executes reversible actions. |
+| 3 | Delegated | Executes with post-hoc audit. |
+| 4 | Autonomous | Full autonomy. Use with extreme caution. |
+
+---
+
+## Supported Agents
+
+| Agent | Type | Integration |
+|-------|------|-------------|
+| Claude (Anthropic) | Cloud | Proxy + MCP |
+| GPT-4o / o3 (OpenAI) | Cloud | Proxy |
+| Gemini (Google) | Cloud | Proxy |
+| Ollama | Local | Direct |
+| LM Studio | Local | Direct |
+| Jan.ai | Local | Direct |
+| OpenClaw | Agentic | Interceptor |
+| Any MCP agent | Any | MCP server |
+
+---
+
+## Protocols
+
+Halyn implements two open protocols:
+
+### AAP — Agent Accountability Protocol
+The accountability layer MCP and A2A don't have.  
+Four primitives: **Identity**, **Provenance**, **Authorization**, **Audit**.  
+Spec: [github.com/halyndev/aap](https://github.com/halyndev/aap) · License: MIT
+
+### NRP — Node Reach Protocol
+Safety standard for agents in physical and connected systems.  
+Six rules: **Manifest**, **Observe**, **Act**, **Shield**, **Audit**, **Consent**.  
+Spec: [github.com/halyndev/nrprotocol](https://github.com/halyndev/nrprotocol) · License: MIT
+
+---
+
+## Dashboard
+
+The local dashboard at `http://localhost:7420` provides:
+
+- **Live feed** — every agent action in real time, in plain language
+- **Agents** — who is active, at what autonomy level, how to pause or stop
+- **Audit chain** — cryptographic proof of every action since install
+- **Rules** — configure what each agent can and cannot do
+- **Protocols** — connected devices and integrations
+- **Insights** — patterns, blocked actions, anomalies
+
+The dashboard process runs under a separate system user. Agents cannot kill, read, or modify it.
+
+---
+
+## Security Honest Statement
+
+Halyn does not claim bypassing is impossible.  
+Halyn claims: **every bypass attempt leaves a proven trace you see first.**
+
+Known limitations are documented in [SECURITY.md](SECURITY.md).  
+Report vulnerabilities to contact@halyn.dev — we respond within 24 hours.
+
+---
+
+## Contributing
+
+See [CONTRIBUTING.md](CONTRIBUTING.md).
+
+---
+
+## License
+
+**[BSL-1.1](LICENSE)** — Business Source License 1.1
+
+- **Free** for personal use, research, and education
+- **Commercial use** requires a license — [contact@halyn.dev](mailto:contact@halyn.dev)
+- **Change date:** 2029-03-25 → becomes MIT automatically
+
+Protocol specs ([AAP](https://github.com/halyndev/aap), [NRP](https://github.com/halyndev/nrprotocol)) are MIT and always will be.
+
+---
+
+**Author:** Elmadani SALKA · [contact@halyn.dev](mailto:contact@halyn.dev) · [halyn.dev](https://halyn.dev)

halyn-2.1.0/pyproject.toml

@@ -0,0 +1,56 @@
+[project]
+name = "halyn"
+version = "2.1.0"
+description = "Halyn — The governance layer for AI agents. Every action intercepted. Every decision auditable."
+requires-python = ">=3.10"
+license = {text = "BSL-1.1"}
+authors = [{name = "Elmadani SALKA", email = "contact@halyn.dev"}]
+readme = "README.md"
+keywords = [
+  "ai", "agents", "governance", "accountability", "audit",
+  "mcp", "security", "aap", "nrp", "iot", "robotics"
+]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: Scientific/Engineering :: Artificial Intelligence",
+    "Topic :: Security",
+    "Topic :: System :: Systems Administration",
+]
+dependencies = [
+    "aiohttp>=3.9",
+]
+
+[project.optional-dependencies]
+iot     = ["paho-mqtt"]
+dev     = ["pytest", "pytest-asyncio", "mypy", "ruff"]
+
+[project.urls]
+Homepage      = "https://halyn.dev"
+Repository    = "https://github.com/halyndev/halyn"
+Issues        = "https://github.com/halyndev/halyn/issues"
+Documentation = "https://halyn.dev/docs"
+Changelog     = "https://github.com/halyndev/halyn/blob/main/CHANGELOG.md"
+
+[project.scripts]
+halyn = "halyn.cli:main"
+
+[tool.setuptools.packages.find]
+where = ["src"]
+
+[tool.setuptools.package-data]
+halyn = ["py.typed"]
+
+[build-system]
+requires = ["setuptools>=68", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[tool.ruff]
+line-length = 100
+target-version = "py310"
+
+[tool.pytest.ini_options]
+asyncio_mode = "auto"

halyn-2.1.0/src/halyn/__init__.py

@@ -0,0 +1,30 @@
+# Copyright (c) 2026 Elmadani SALKA
+# Licensed under BSL-1.1. See LICENSE file.
+# Commercial use requires a license — contact@halyn.dev
+
+"""
+Halyn — The governance layer for AI agents.
+
+Every action intercepted. Every decision auditable.
+The AI cannot bypass it.
+"""
+
+__version__ = "2.1.0"
+__author__ = "Elmadani SALKA"
+__license__ = "BSL-1.1"
+__email__ = "contact@halyn.dev"
+__url__ = "https://halyn.dev"
+
+
+def _try(module, cls):
+    try:
+        mod = __import__(module, fromlist=[cls])
+        return getattr(mod, cls)
+    except (ImportError, AttributeError):
+        return None
+
+
+# Core exports
+ControlPlane = _try("halyn.control_plane", "ControlPlane")
+AuditChain = _try("halyn.audit", "AuditChain")
+Shield = _try("halyn.shield", "Shield")

halyn-2.1.0/src/halyn/__main__.py

@@ -0,0 +1,6 @@
+# Copyright (c) 2026 Elmadani SALKA
+# Licensed under BSL-1.1. See LICENSE file.
+# Commercial use requires a license — contact@halyn.dev
+
+from .cli import main
+main()