optropic 1.0.0__tar.gz

optropic-1.0.0/.gitignore

@@ -0,0 +1,58 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+node_modules/
+/.pnp
+.pnp.*
+.yarn/*
+!.yarn/patches
+!.yarn/plugins
+!.yarn/releases
+!.yarn/versions
+
+# testing
+coverage/
+.coverage
+htmlcov/
+
+# next.js
+.next/
+out/
+
+# production
+build/
+dist/
+
+# turbo
+.turbo/
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.pnpm-debug.log*
+
+# env files (can opt-in for committing if needed)
+.env*
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts
+crates/
+
+# Build outputs
+.next/
+dist/
+lib/
+
+# Test outputs
+playwright-report/
+test-results/
+.env*.local

optropic-1.0.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Virtrex GmbH
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

optropic-1.0.0/PKG-INFO

@@ -0,0 +1,221 @@
+Metadata-Version: 2.4
+Name: optropic
+Version: 1.0.0
+Summary: Official Python SDK for Optropic product authentication and verification
+Project-URL: Homepage, https://optropic.com
+Project-URL: Documentation, https://docs.optropic.com/sdk/python
+Project-URL: Repository, https://github.com/optropic/sdk-python
+Project-URL: Bug Tracker, https://github.com/optropic/sdk-python/issues
+Author-email: Virtrex GmbH <dev@optropic.com>
+License-Expression: MIT
+License-File: LICENSE
+Keywords: anti-counterfeit,authentication,optropic,product-verification,verification
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Classifier: Typing :: Typed
+Requires-Python: >=3.9
+Requires-Dist: httpx<1.0.0,>=0.24.0
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.21; extra == 'dev'
+Requires-Dist: pytest>=7.0; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# optropic
+
+Official Python SDK for Optropic product authentication.
+
+[![PyPI version](https://badge.fury.io/py/optropic.svg)](https://pypi.org/project/optropic/)
+[![Python](https://img.shields.io/pypi/pyversions/optropic.svg)](https://pypi.org/project/optropic/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+## Features
+
+- **Simple Authentication** - Single API key for all operations
+- **Type-Safe** - Full type annotations with `py.typed` support
+- **Fast Integration** - Copy-paste quickstart, production-ready
+- **Vertical Agnostic** - Same API for pharma, luxury, art, and more
+- **Error Transparency** - Clear error codes, actionable messages
+
+## Installation
+
+```bash
+pip install optropic
+```
+
+## Quick Start
+
+```python
+from optropic import OptropicClient
+
+# Initialize the client
+client = OptropicClient(api_key="op_live_xxxxxxxxxxxx")
+
+# Verify an asset
+result = client.verify("asset-id-or-short-id")
+
+if result.signature_valid:
+    print("Product is genuine!")
+    print(f"Security level: {result.security_level}")
+else:
+    print("Warning: verification failed")
+
+# Or use as a context manager
+with OptropicClient(api_key="op_live_xxxxxxxxxxxx") as client:
+    result = client.verify("asset-id-or-short-id")
+    print(result.status)
+```
+
+## API Reference
+
+### OptropicClient
+
+The main client class for all SDK operations.
+
+#### Constructor
+
+```python
+client = OptropicClient(
+    api_key="op_live_xxx",       # Required: Your API key
+    base_url="https://...",      # Optional: For self-hosted deployments
+    timeout=30.0,                # Optional: Request timeout in seconds (default: 30)
+)
+```
+
+### Methods
+
+#### verify(asset_id: str) -> VerifyResult
+
+Verify an asset by ID or short_id.
+
+```python
+result = client.verify("asset-id-or-short-id")
+
+# Result fields
+result.id                  # str: Asset ID
+result.status              # str: Verification status
+result.security_level      # str: 'signed', 'sealed', etc.
+result.signature_valid     # bool: Whether signature is valid
+result.verification_count  # int: Number of times verified
+result.last_verified_at    # str: ISO timestamp of last verification
+result.revocation_status   # str: 'active' or 'revoked'
+result.verification_mode   # str: 'online' or 'offline'
+result.provenance_valid    # Optional[bool]: Provenance chain validity
+result.evidence            # Optional[VerificationEvidence]: Detailed evidence
+```
+
+## Error Handling
+
+All errors extend `OptropicError` with clear error codes:
+
+```python
+from optropic import (
+    OptropicClient,
+    OptropicError,
+    AuthenticationError,
+    NotFoundError,
+)
+
+try:
+    result = client.verify("asset-id")
+except NotFoundError:
+    print("Asset not found in system.")
+except AuthenticationError:
+    print("Invalid API key.")
+except OptropicError as e:
+    print(f"Error {e.code}: {e}")
+    print(f"HTTP status: {e.status}")
+```
+
+### Error Types
+
+| Error | Code | Description |
+|-------|------|-------------|
+| `AuthenticationError` | `INVALID_API_KEY` | API key is invalid or missing |
+| `NotFoundError` | `NOT_FOUND` | Asset doesn't exist in the system |
+| `OptropicError` | varies | Base error for all other API errors |
+
+## Types
+
+All types are frozen dataclasses with full type annotations:
+
+```python
+from optropic import VerifyResult, VerificationEvidence
+```
+
+- `VerifyResult` - Result of verifying an asset
+- `VerificationEvidence` - Structured evidence from verification
+
+## Environment Variables
+
+Recommended setup for production:
+
+```bash
+# .env
+OPTROPIC_API_KEY=op_live_xxxxxxxxxxxx
+```
+
+```python
+import os
+from optropic import OptropicClient
+
+client = OptropicClient(api_key=os.environ["OPTROPIC_API_KEY"])
+```
+
+## Examples
+
+### Flask Backend
+
+```python
+from flask import Flask, request, jsonify
+from optropic import OptropicClient, NotFoundError
+
+app = Flask(__name__)
+client = OptropicClient(api_key=os.environ["OPTROPIC_API_KEY"])
+
+@app.route("/api/verify", methods=["POST"])
+def verify():
+    try:
+        result = client.verify(request.json["asset_id"])
+        return jsonify({
+            "status": result.status,
+            "signature_valid": result.signature_valid,
+            "security_level": result.security_level,
+        })
+    except NotFoundError:
+        return jsonify({"error": "Asset not found"}), 404
+```
+
+### Django View
+
+```python
+import os
+from django.http import JsonResponse
+from optropic import OptropicClient
+
+client = OptropicClient(api_key=os.environ["OPTROPIC_API_KEY"])
+
+def verify_asset(request, asset_id):
+    result = client.verify(asset_id)
+    return JsonResponse({
+        "status": result.status,
+        "signature_valid": result.signature_valid,
+    })
+```
+
+## Support
+
+- [Documentation](https://docs.optropic.com)
+- [Email Support](mailto:support@optropic.com)
+- [Issue Tracker](https://github.com/optropic/sdk-python/issues)
+
+## License
+
+MIT - [Virtrex GmbH](https://optropic.com)

optropic-1.0.0/README.md

@@ -0,0 +1,191 @@
+# optropic
+
+Official Python SDK for Optropic product authentication.
+
+[![PyPI version](https://badge.fury.io/py/optropic.svg)](https://pypi.org/project/optropic/)
+[![Python](https://img.shields.io/pypi/pyversions/optropic.svg)](https://pypi.org/project/optropic/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+## Features
+
+- **Simple Authentication** - Single API key for all operations
+- **Type-Safe** - Full type annotations with `py.typed` support
+- **Fast Integration** - Copy-paste quickstart, production-ready
+- **Vertical Agnostic** - Same API for pharma, luxury, art, and more
+- **Error Transparency** - Clear error codes, actionable messages
+
+## Installation
+
+```bash
+pip install optropic
+```
+
+## Quick Start
+
+```python
+from optropic import OptropicClient
+
+# Initialize the client
+client = OptropicClient(api_key="op_live_xxxxxxxxxxxx")
+
+# Verify an asset
+result = client.verify("asset-id-or-short-id")
+
+if result.signature_valid:
+    print("Product is genuine!")
+    print(f"Security level: {result.security_level}")
+else:
+    print("Warning: verification failed")
+
+# Or use as a context manager
+with OptropicClient(api_key="op_live_xxxxxxxxxxxx") as client:
+    result = client.verify("asset-id-or-short-id")
+    print(result.status)
+```
+
+## API Reference
+
+### OptropicClient
+
+The main client class for all SDK operations.
+
+#### Constructor
+
+```python
+client = OptropicClient(
+    api_key="op_live_xxx",       # Required: Your API key
+    base_url="https://...",      # Optional: For self-hosted deployments
+    timeout=30.0,                # Optional: Request timeout in seconds (default: 30)
+)
+```
+
+### Methods
+
+#### verify(asset_id: str) -> VerifyResult
+
+Verify an asset by ID or short_id.
+
+```python
+result = client.verify("asset-id-or-short-id")
+
+# Result fields
+result.id                  # str: Asset ID
+result.status              # str: Verification status
+result.security_level      # str: 'signed', 'sealed', etc.
+result.signature_valid     # bool: Whether signature is valid
+result.verification_count  # int: Number of times verified
+result.last_verified_at    # str: ISO timestamp of last verification
+result.revocation_status   # str: 'active' or 'revoked'
+result.verification_mode   # str: 'online' or 'offline'
+result.provenance_valid    # Optional[bool]: Provenance chain validity
+result.evidence            # Optional[VerificationEvidence]: Detailed evidence
+```
+
+## Error Handling
+
+All errors extend `OptropicError` with clear error codes:
+
+```python
+from optropic import (
+    OptropicClient,
+    OptropicError,
+    AuthenticationError,
+    NotFoundError,
+)
+
+try:
+    result = client.verify("asset-id")
+except NotFoundError:
+    print("Asset not found in system.")
+except AuthenticationError:
+    print("Invalid API key.")
+except OptropicError as e:
+    print(f"Error {e.code}: {e}")
+    print(f"HTTP status: {e.status}")
+```
+
+### Error Types
+
+| Error | Code | Description |
+|-------|------|-------------|
+| `AuthenticationError` | `INVALID_API_KEY` | API key is invalid or missing |
+| `NotFoundError` | `NOT_FOUND` | Asset doesn't exist in the system |
+| `OptropicError` | varies | Base error for all other API errors |
+
+## Types
+
+All types are frozen dataclasses with full type annotations:
+
+```python
+from optropic import VerifyResult, VerificationEvidence
+```
+
+- `VerifyResult` - Result of verifying an asset
+- `VerificationEvidence` - Structured evidence from verification
+
+## Environment Variables
+
+Recommended setup for production:
+
+```bash
+# .env
+OPTROPIC_API_KEY=op_live_xxxxxxxxxxxx
+```
+
+```python
+import os
+from optropic import OptropicClient
+
+client = OptropicClient(api_key=os.environ["OPTROPIC_API_KEY"])
+```
+
+## Examples
+
+### Flask Backend
+
+```python
+from flask import Flask, request, jsonify
+from optropic import OptropicClient, NotFoundError
+
+app = Flask(__name__)
+client = OptropicClient(api_key=os.environ["OPTROPIC_API_KEY"])
+
+@app.route("/api/verify", methods=["POST"])
+def verify():
+    try:
+        result = client.verify(request.json["asset_id"])
+        return jsonify({
+            "status": result.status,
+            "signature_valid": result.signature_valid,
+            "security_level": result.security_level,
+        })
+    except NotFoundError:
+        return jsonify({"error": "Asset not found"}), 404
+```
+
+### Django View
+
+```python
+import os
+from django.http import JsonResponse
+from optropic import OptropicClient
+
+client = OptropicClient(api_key=os.environ["OPTROPIC_API_KEY"])
+
+def verify_asset(request, asset_id):
+    result = client.verify(asset_id)
+    return JsonResponse({
+        "status": result.status,
+        "signature_valid": result.signature_valid,
+    })
+```
+
+## Support
+
+- [Documentation](https://docs.optropic.com)
+- [Email Support](mailto:support@optropic.com)
+- [Issue Tracker](https://github.com/optropic/sdk-python/issues)
+
+## License
+
+MIT - [Virtrex GmbH](https://optropic.com)

optropic-1.0.0/optropic/__init__.py

@@ -0,0 +1,17 @@
+"""Optropic Python SDK — asset verification and compliance."""
+
+from .client import OptropicClient
+from .types import VerifyResult, VerificationEvidence
+from .errors import OptropicError, AuthenticationError, NotFoundError
+
+__version__ = "1.0.0"
+
+__all__ = [
+    "OptropicClient",
+    "VerifyResult",
+    "VerificationEvidence",
+    "OptropicError",
+    "AuthenticationError",
+    "NotFoundError",
+    "__version__",
+]

optropic-1.0.0/optropic/client.py

@@ -0,0 +1,95 @@
+"""Optropic Python SDK client."""
+
+from __future__ import annotations
+
+import httpx
+
+from .types import VerifyResult, VerificationEvidence
+from .errors import OptropicError, AuthenticationError, NotFoundError
+
+DEFAULT_BASE_URL = "https://api.optropic.com"
+
+
+class OptropicClient:
+    """Client for the Optropic API.
+
+    Usage::
+
+        client = OptropicClient(api_key="op_live_xxx")
+        result = client.verify("asset-id-or-short-id")
+        print(result.signature_valid)
+    """
+
+    def __init__(
+        self,
+        api_key: str,
+        base_url: str = DEFAULT_BASE_URL,
+        timeout: float = 30.0,
+    ):
+        self._api_key = api_key
+        self._base_url = base_url.rstrip("/")
+        self._client = httpx.Client(
+            base_url=self._base_url,
+            headers={"x-api-key": api_key},
+            timeout=timeout,
+        )
+
+    def verify(self, asset_id: str) -> VerifyResult:
+        """Verify an asset by ID or short_id.
+
+        Args:
+            asset_id: UUID or short_id of the asset.
+
+        Returns:
+            VerifyResult with signature validity and revocation status.
+
+        Raises:
+            NotFoundError: If the asset does not exist.
+            AuthenticationError: If the API key is invalid.
+            OptropicError: For other API errors.
+        """
+        response = self._client.get(f"/v1/assets/{asset_id}/verify")
+        data = response.json()
+
+        if response.status_code == 404:
+            raise NotFoundError(data.get("message", "Asset not found"))
+        if response.status_code == 401:
+            raise AuthenticationError(data.get("message", "Unauthorized"))
+        if response.status_code >= 400:
+            raise OptropicError(
+                message=data.get("message", "Request failed"),
+                code=data.get("code", "UNKNOWN_ERROR"),
+                status=response.status_code,
+            )
+
+        evidence = VerificationEvidence(
+            signature_valid=data.get("signatureValid", False),
+            revocation_status=data.get("revocationStatus", "active"),
+            verification_mode=data.get("verificationMode", "online"),
+            provenance_valid=data.get("provenanceValid"),
+            security_level=data.get("securityLevel"),
+            verification_count=data.get("verificationCount"),
+        )
+
+        return VerifyResult(
+            id=data["id"],
+            status=data["status"],
+            security_level=data.get("securityLevel", "signed"),
+            signature_valid=data.get("signatureValid", False),
+            verification_count=data.get("verificationCount", 0),
+            last_verified_at=data.get("lastVerifiedAt", ""),
+            revocation_status=data.get("revocationStatus", "active"),
+            verification_mode=data.get("verificationMode", "online"),
+            provenance_valid=data.get("provenanceValid"),
+            evidence=evidence,
+        )
+
+    def close(self) -> None:
+        """Close the HTTP client."""
+        self._client.close()
+
+    def __enter__(self) -> "OptropicClient":
+        return self
+
+    def __exit__(self, *args: object) -> None:
+        self.close()

optropic-1.0.0/optropic/errors.py

@@ -0,0 +1,24 @@
+"""Error types for the Optropic Python SDK."""
+
+
+class OptropicError(Exception):
+    """Base error for all Optropic SDK errors."""
+
+    def __init__(self, message: str, code: str = "UNKNOWN_ERROR", status: int = 0):
+        super().__init__(message)
+        self.code = code
+        self.status = status
+
+
+class AuthenticationError(OptropicError):
+    """Raised when API key is invalid or missing."""
+
+    def __init__(self, message: str = "Invalid or missing API key"):
+        super().__init__(message, code="INVALID_API_KEY", status=401)
+
+
+class NotFoundError(OptropicError):
+    """Raised when a resource is not found."""
+
+    def __init__(self, message: str = "Resource not found"):
+        super().__init__(message, code="NOT_FOUND", status=404)

optropic-1.0.0/optropic/types.py

@@ -0,0 +1,73 @@
+"""Type definitions for the Optropic Python SDK."""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import Optional
+
+
+@dataclass(frozen=True)
+class VerificationEvidence:
+    """Structured evidence from an online verification."""
+
+    signature_valid: bool
+    revocation_status: str  # 'active' or 'revoked'
+    verification_mode: str  # 'online' or 'offline'
+    provenance_valid: Optional[bool] = None
+    security_level: Optional[str] = None
+    verification_count: Optional[int] = None
+
+
+@dataclass(frozen=True)
+class VerifyResult:
+    """Result of verifying an asset."""
+
+    id: str
+    status: str
+    security_level: str
+    signature_valid: bool
+    verification_count: int
+    last_verified_at: str
+    revocation_status: str
+    verification_mode: str
+    provenance_valid: Optional[bool] = None
+    evidence: Optional[VerificationEvidence] = None
+
+
+@dataclass(frozen=True)
+class RekorAnchor:
+    """Rekor transparency log anchor metadata."""
+
+    log_index: int
+    integrated_time: Optional[str] = None
+    entry_url: Optional[str] = None
+    verification_url: Optional[str] = None
+
+
+@dataclass(frozen=True)
+class MerkleRootRecord:
+    """Daily Merkle root with transparency log anchor status."""
+
+    id: str
+    root_hash: str
+    event_count: int
+    anchor_status: str  # 'pending', 'anchored', 'failed', 'skipped'
+    date: str
+    created_at: Optional[str] = None
+    rekor: Optional[RekorAnchor] = None
+
+
+@dataclass(frozen=True)
+class ComplianceAttestation:
+    """Daily compliance attestation record."""
+
+    id: str
+    attestation_date: str
+    total_events: int
+    chain_integrity_valid: bool
+    rekor_anchored: bool
+    signature_hex: str
+    attestation_hash: str
+    previous_attestation_hash: Optional[str] = None
+    tenant_id: Optional[str] = None
+    created_at: Optional[str] = None

optropic-1.0.0/pyproject.toml

@@ -0,0 +1,44 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "optropic"
+version = "1.0.0"
+description = "Official Python SDK for Optropic product authentication and verification"
+readme = "README.md"
+license = "MIT"
+requires-python = ">=3.9"
+authors = [{name = "Virtrex GmbH", email = "dev@optropic.com"}]
+keywords = ["optropic", "authentication", "anti-counterfeit", "product-verification", "verification"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Typing :: Typed",
+    "Topic :: Security",
+]
+dependencies = [
+    "httpx>=0.24.0,<1.0.0",
+]
+
+[project.urls]
+Homepage = "https://optropic.com"
+Documentation = "https://docs.optropic.com/sdk/python"
+Repository = "https://github.com/optropic/sdk-python"
+"Bug Tracker" = "https://github.com/optropic/sdk-python/issues"
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=7.0",
+    "pytest-asyncio>=0.21",
+]
+
+[tool.hatch.build.targets.wheel]
+packages = ["optropic"]