patchr 0.1.0__py3-none-any.whl

picux/verification/__init__.py

@@ -0,0 +1,5 @@
+"""Verification and rollout gates."""
+
+from .rollout import RolloutGate, RolloutReport, RolloutVerifier
+
+__all__ = ["RolloutGate", "RolloutReport", "RolloutVerifier"]

picux/verification/rollout.py

@@ -0,0 +1,183 @@
+from __future__ import annotations
+
+from dataclasses import dataclass
+from datetime import datetime, timezone
+from typing import Any
+
+from picux.api import PicuxApiService
+from picux.config import PicuxSettings
+from picux.core import Domain, ProtocolTask, ProtocolTaskStatus
+from picux.domains.pay import PayDomain
+from picux.security import validateProductionReady
+from picux.storage import Keyspace, PicuxPostgresStore
+
+
+@dataclass(frozen=True)
+class RolloutGate:
+    name: str
+    ok: bool
+    detail: dict[str, Any]
+
+    def toMap(self) -> dict[str, Any]:
+        return {"name": self.name, "ok": self.ok, "detail": self.detail}
+
+
+@dataclass(frozen=True)
+class RolloutReport:
+    ok: bool
+    gates: tuple[RolloutGate, ...]
+
+    def toMap(self) -> dict[str, Any]:
+        return {"ok": self.ok, "gates": [gate.toMap() for gate in self.gates]}
+
+
+class RolloutVerifier:
+    """Runs deterministic rollout gates that do not require live providers."""
+
+    def __init__(self, *, service: PicuxApiService | None = None, store: PicuxPostgresStore | None = None) -> None:
+        self.service = service or PicuxApiService(pay=PayDomain(verifier=self._verifier, clock=self._clock))
+        self.store = store or PicuxPostgresStore("", ensure=False)
+
+    def verify(self, *, settings: PicuxSettings | None = None) -> RolloutReport:
+        settings = settings or PicuxSettings.fromEnv({"PICUX_ENV": "local"})
+        gates = (
+            self.apiContractGate(),
+            self.externalIntegrationGate(),
+            self.postgresDurableGate(),
+            self.redisNamespaceGate(),
+            self.productionFailClosedGate(settings),
+            self.endToEndContractGate(),
+        )
+        return RolloutReport(ok=all(gate.ok for gate in gates), gates=gates)
+
+    def apiContractGate(self) -> RolloutGate:
+        checks = [
+            self.service.handle("GET", "/healthz")[0] == 200,
+            self.service.handle("GET", "/runtime")[0] == 200,
+            self.service.handle("POST", "/v1/tasks", {"goal": "find vendor arbitrage"})[1].get("ok") is True,
+            self.service.handle("GET", "/v1/signals/community/entities")[1].get("ok") is True,
+        ]
+        return RolloutGate("apiContract", all(checks), {"checks": checks})
+
+    def externalIntegrationGate(self) -> RolloutGate:
+        status, result = self.service.handle(
+            "POST",
+            "/v1/tasks",
+            {"userId": "external_1", "channel": "external", "goal": "settle mandate after proof"},
+        )
+        ok = status == 200 and result.get("ok") is True and result["task"]["channel"] == "external"
+        return RolloutGate("externalIntegration", ok, {"status": status, "task": result.get("task", {})})
+
+    def postgresDurableGate(self) -> RolloutGate:
+        task = ProtocolTask(
+            taskId="task_rollout_probe",
+            userId="user_rollout",
+            domain=Domain.HUNT,
+            status=ProtocolTaskStatus.PENDING,
+            channel="verification",
+        )
+        result = self.store.durableWriteReadCheck(task)
+        ok = bool(result.get("ok") or result.get("skipped"))
+        return RolloutGate("postgresDurable", ok, result)
+
+    def redisNamespaceGate(self) -> RolloutGate:
+        plan = Keyspace().migrationReadPlan("task", "task_rollout_probe")
+        readKeys = plan["readKeys"]
+        ok = plan["writeKey"] == "picux:v1:task:task_rollout_probe" and readKeys[0] == plan["writeKey"]
+        return RolloutGate("redisNamespaceMigration", ok, plan)
+
+    def productionFailClosedGate(self, settings: PicuxSettings) -> RolloutGate:
+        readiness = validateProductionReady(settings)
+        if settings.prod:
+            ok = not readiness.ok and bool(readiness.issues)
+        else:
+            prodSettings = PicuxSettings.fromEnv({"PICUX_ENV": "production"})
+            prodReadiness = validateProductionReady(prodSettings)
+            ok = not prodReadiness.ok and bool(prodReadiness.issues)
+            readiness = prodReadiness
+        return RolloutGate("productionFailClosed", ok, readiness.toMap())
+
+    def endToEndContractGate(self) -> RolloutGate:
+        signalStatus, signal = self.service.handle(
+            "POST",
+            "/v1/signals/community/launch-task",
+            {
+                "userId": "external_1",
+                "targetDomain": "resolve",
+                "approved": True,
+                "signal": {
+                    "source": {"platform": "reddit", "community": "agents"},
+                    "text": "Picux Protocol request needs resolve proof before settlement",
+                    "query": "Picux Protocol",
+                },
+            },
+        )
+        task = signal.get("task", {})
+        resolveStatus, resolved = self.service.handle(
+            "POST",
+            f"/v1/tasks/{task.get('taskId', '')}/resolve",
+            {"text": "Duplicate charge and overcharge $20 were found", "provider": "vendorA"},
+        )
+        mandate = self._mandate()
+        verifyStatus, verified = self.service.handle("POST", "/v1/mandates/mandate_rollout/verify", mandate)
+        settleStatus, settled = self.service.handle(
+            "POST",
+            "/v1/pay/settle",
+            {
+                "mandate": mandate,
+                "request": {
+                    "taskId": task.get("taskId", ""),
+                    "vendorId": "vendorA",
+                    "amount": {"amount": 80, "currency": "USD"},
+                    "pov": {"povId": "pov_rollout", "rules": ["inventoryVerified", "priceArbitrage20"]},
+                },
+            },
+        )
+        receiptId = str(settled.get("receipt", {}).get("receiptId", "") or "")
+        receiptStatus, receipt = self.service.handle("GET", f"/v1/receipts/{receiptId}")
+        ok = all(
+            (
+                signalStatus == 200,
+                resolveStatus == 200,
+                verifyStatus == 200,
+                settleStatus == 200,
+                receiptStatus == 200,
+                signal.get("ok") is True,
+                resolved.get("ok") is True,
+                verified.get("ok") is True,
+                settled.get("ok") is True,
+                settled.get("receipt", {}).get("status") == "settled",
+                receipt.get("receipt", {}).get("receiptId") == receiptId,
+            )
+        )
+        return RolloutGate(
+            "endToEndContract",
+            ok,
+            {
+                "taskId": task.get("taskId", ""),
+                "receiptId": receiptId,
+                "statuses": [signalStatus, resolveStatus, verifyStatus, settleStatus, receiptStatus],
+            },
+        )
+
+    @staticmethod
+    def _clock() -> datetime:
+        return datetime(2026, 5, 9, 12, 0, tzinfo=timezone.utc)
+
+    @staticmethod
+    def _verifier(payload: dict[str, Any], signature: str, publicKey: str) -> bool:
+        return payload.get("mandateId") == "mandate_rollout" and signature == "rolloutSig" and publicKey == "rolloutPub"
+
+    @staticmethod
+    def _mandate() -> dict[str, Any]:
+        return {
+            "mandateId": "mandate_rollout",
+            "issuer": {"entityId": "tenant_rollout", "publicKey": "rolloutPub"},
+            "validUntil": "2099-01-01T00:00:00Z",
+            "constraints": {
+                "maxSpend": {"amount": 100.0, "currency": "USD"},
+                "allowedVendors": ["vendorA"],
+                "resolveRules": ["inventoryVerified", "priceArbitrage20"],
+            },
+            "signature": "rolloutSig",
+        }

picux/workflows/__init__.py

@@ -0,0 +1,5 @@
+"""Use-case-first workflow template packaging."""
+
+from .templates import getWorkflowTemplate, workflowTemplates
+
+__all__ = ["getWorkflowTemplate", "workflowTemplates"]

picux/workflows/templates.py

@@ -0,0 +1,74 @@
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import Any
+
+
+@dataclass(frozen=True)
+class WorkflowTemplate:
+    templateId: str
+    name: str
+    domain: str
+    entryPoint: str
+    tagline: str
+    inputHints: tuple[str, ...]
+    outputs: tuple[str, ...]
+    proof: str
+
+    def toMap(self) -> dict[str, Any]:
+        return {
+            "templateId": self.templateId,
+            "name": self.name,
+            "domain": self.domain,
+            "entryPoint": self.entryPoint,
+            "tagline": self.tagline,
+            "inputHints": list(self.inputHints),
+            "outputs": list(self.outputs),
+            "proof": self.proof,
+        }
+
+
+TEMPLATES: tuple[WorkflowTemplate, ...] = (
+    WorkflowTemplate(
+        "findBestFit",
+        "Find my best-fit options",
+        "hunt",
+        "/v1/hunt/discover",
+        "Unify fragmented discovery, rank options, and suggest the next best action.",
+        ("criteria", "offers", "sources"),
+        ("rankedOptions", "selectedOption", "nextBestAction", "proofCard"),
+        "Source-bound HUNT proof card backed by a proof pack.",
+    ),
+    WorkflowTemplate(
+        "auditDisputedClaim",
+        "Audit this disputed claim",
+        "resolve",
+        "/v1/workflows/templates/auditDisputedClaim/run",
+        "Turn a messy claim, dispute, audit trail, or migration-trust case into a reviewable evidence map.",
+        ("claim", "documents", "agentClaims", "counterparty", "profile"),
+        ("evidenceMap", "typedEvidence", "sourceClasses", "fraudIndicators", "caseOpsTimeline", "nextAction", "proofCard"),
+        "Resolve proof card with evidence status, confidence, open questions, and escalation guidance.",
+    ),
+    WorkflowTemplate(
+        "coordinateHumanProcess",
+        "Coordinate this human process end-to-end",
+        "proxy",
+        "/v1/proxy/missions",
+        "Coordinate people, messages, documents, status, and verified follow-through.",
+        ("task", "actors", "documents", "channels", "proofReq"),
+        ("mission", "route", "status", "humanProof", "proofCard"),
+        "Proxy proof card backed by mission state and human completion proof.",
+    ),
+)
+
+
+def workflowTemplates() -> dict[str, Any]:
+    return {"ok": True, "templates": [item.toMap() for item in TEMPLATES], "count": len(TEMPLATES)}
+
+
+def getWorkflowTemplate(templateId: str) -> dict[str, Any]:
+    requested = str(templateId or "")
+    match = next((item for item in TEMPLATES if item.templateId == requested), None)
+    if not match:
+        return {"ok": False, "error": "workflowTemplateNotFound", "templateId": requested}
+    return {"ok": True, "template": match.toMap()}