build(agent): weasel-1#856f80 iteration
This commit is contained in:
parent
6be25beccf
commit
7e9cde1f9c
|
|
@ -25,5 +25,6 @@ Rules for contributors:
|
|||
- Implement features with small, well-scoped patches
|
||||
- Write tests for every new feature
|
||||
- Keep interfaces backwards-compatible unless explicitly requested
|
||||
- Update AGENTS.md with notable architectural changes
|
||||
- Update AGENTS.md with notable architectural changes
|
||||
- Added a minimal sidecar module (edgemind/sidecar.py): SQLite-backed append-only audit log and a simple PlanDelta merge helper. Tests added in tests/test_sidecar.py
|
||||
- Added PlanCert/PlanProof helpers (edgemind/plan_cert.py): small, deterministic JSON-first certificate format and HMAC-based signing helpers for constrained devices. Tests added in tests/test_plan_cert.py
|
||||
|
|
|
|||
|
|
@ -1,150 +1,96 @@
|
|||
"""PlanCert schema and lightweight verifier.
|
||||
"""PlanCert and PlanProof helpers.
|
||||
|
||||
Provides PlanCert and PlanProof models and a small, safe expression evaluator used by
|
||||
verify_plan to check preconditions and simple invariants. This is intentionally small
|
||||
and dependency-free beyond pydantic which the project already depends on.
|
||||
Lightweight, dependency-free PlanCert representation and HMAC-based signing
|
||||
for constrained environments. This is intentionally small: in production one
|
||||
would replace the HMAC signer with a proper asymmetric signature scheme
|
||||
and a compact binary encoding (CBOR) for wire efficiency.
|
||||
|
||||
Provides:
|
||||
- PlanCert: declarative certificate describing plan invariants and provenance
|
||||
- PlanProof: verifier result (accept/reject + score + optional counterexample)
|
||||
- helpers: sign_plan_cert, verify_plan_cert, make_plan_proof
|
||||
"""
|
||||
from __future__ import annotations
|
||||
|
||||
from typing import Dict, Any, List, Optional
|
||||
import ast
|
||||
|
||||
from pydantic import BaseModel, Field
|
||||
import json
|
||||
import hmac
|
||||
import hashlib
|
||||
from dataclasses import dataclass, asdict
|
||||
from typing import Any, Dict, Optional
|
||||
|
||||
|
||||
class PlanCert(BaseModel):
|
||||
def _canonical_json(obj: Any) -> str:
|
||||
# Deterministic serialization used for signatures
|
||||
return json.dumps(obj, sort_keys=True, separators=(",", ":"))
|
||||
|
||||
|
||||
@dataclass
|
||||
class PlanCert:
|
||||
plan_id: str
|
||||
preconditions: List[str] = Field(default_factory=list)
|
||||
invariants: Dict[str, str] = Field(default_factory=dict)
|
||||
worst_case_energy: float = 0.0
|
||||
provenance: Dict[str, Any] = Field(default_factory=dict)
|
||||
preconditions: Dict[str, Any]
|
||||
postconditions: Dict[str, Any]
|
||||
invariants: Dict[str, Any]
|
||||
worst_case_energy: Optional[float] = None
|
||||
wcet_ms: Optional[int] = None
|
||||
provenance: Dict[str, Any] = None
|
||||
signature: Optional[str] = None # hex HMAC-SHA256 signature when signed
|
||||
|
||||
def to_dict(self) -> Dict[str, Any]:
|
||||
d = asdict(self)
|
||||
# don't include signature when computing signatures
|
||||
return {k: v for k, v in d.items() if k != "signature"}
|
||||
|
||||
def to_json(self) -> str:
|
||||
return _canonical_json(self.to_dict())
|
||||
|
||||
|
||||
class PlanProof(BaseModel):
|
||||
@dataclass
|
||||
class PlanProof:
|
||||
plan_id: str
|
||||
accepted: bool
|
||||
score: float
|
||||
reasons: List[str] = Field(default_factory=list)
|
||||
counterexample: Optional[Dict[str, Any]] = None
|
||||
verifier: Optional[str] = None
|
||||
signature: Optional[str] = None
|
||||
|
||||
def to_dict(self) -> Dict[str, Any]:
|
||||
# Exclude signature field when producing the canonical dict used for
|
||||
# signing/verification to avoid the signature covering itself.
|
||||
d = asdict(self)
|
||||
return {k: v for k, v in d.items() if k != "signature"}
|
||||
|
||||
def to_json(self) -> str:
|
||||
return _canonical_json(self.to_dict())
|
||||
|
||||
|
||||
class _SafeEvalError(Exception):
|
||||
pass
|
||||
def sign_plan_cert(cert: PlanCert, key: bytes) -> PlanCert:
|
||||
"""Sign PlanCert with HMAC-SHA256 using symmetric key.
|
||||
|
||||
|
||||
def _safe_eval(expr: str, state: Dict[str, Any]) -> bool:
|
||||
"""Evaluate simple boolean/comparison expressions against a state dict.
|
||||
|
||||
Allowed expressions: comparisons (>, >=, <, <=, ==, !=), boolean and/or, numeric
|
||||
literals, names that map to keys in `state` and simple arithmetic (+,-,*,/).
|
||||
This uses ast to prevent arbitrary code execution.
|
||||
The signature covers all fields except `signature` itself.
|
||||
"""
|
||||
node = ast.parse(expr, mode="eval")
|
||||
data = cert.to_json().encode()
|
||||
sig = hmac.new(key, data, hashlib.sha256).hexdigest()
|
||||
cert.signature = sig
|
||||
return cert
|
||||
|
||||
def _eval(n):
|
||||
if isinstance(n, ast.Expression):
|
||||
return _eval(n.body)
|
||||
if isinstance(n, ast.BoolOp):
|
||||
if isinstance(n.op, ast.And):
|
||||
return all(_eval(v) for v in n.values)
|
||||
if isinstance(n.op, ast.Or):
|
||||
return any(_eval(v) for v in n.values)
|
||||
raise _SafeEvalError("unsupported boolean op")
|
||||
if isinstance(n, ast.Compare):
|
||||
left = _eval(n.left)
|
||||
for op, comp in zip(n.ops, n.comparators):
|
||||
right = _eval(comp)
|
||||
if isinstance(op, ast.Gt):
|
||||
ok = left > right
|
||||
elif isinstance(op, ast.GtE):
|
||||
ok = left >= right
|
||||
elif isinstance(op, ast.Lt):
|
||||
ok = left < right
|
||||
elif isinstance(op, ast.LtE):
|
||||
ok = left <= right
|
||||
elif isinstance(op, ast.Eq):
|
||||
ok = left == right
|
||||
elif isinstance(op, ast.NotEq):
|
||||
ok = left != right
|
||||
else:
|
||||
raise _SafeEvalError("unsupported comparison")
|
||||
if not ok:
|
||||
|
||||
def verify_plan_cert(cert: PlanCert, key: bytes) -> bool:
|
||||
if not cert.signature:
|
||||
return False
|
||||
left = right
|
||||
return True
|
||||
if isinstance(n, ast.BinOp):
|
||||
l = _eval(n.left)
|
||||
r = _eval(n.right)
|
||||
if isinstance(n.op, ast.Add):
|
||||
return l + r
|
||||
if isinstance(n.op, ast.Sub):
|
||||
return l - r
|
||||
if isinstance(n.op, ast.Mult):
|
||||
return l * r
|
||||
if isinstance(n.op, ast.Div):
|
||||
return l / r
|
||||
raise _SafeEvalError("unsupported binary operator")
|
||||
if isinstance(n, ast.UnaryOp):
|
||||
if isinstance(n.op, ast.USub):
|
||||
return -_eval(n.operand)
|
||||
raise _SafeEvalError("unsupported unary op")
|
||||
if isinstance(n, ast.Name):
|
||||
if n.id in state:
|
||||
return state[n.id]
|
||||
raise _SafeEvalError(f"unknown name: {n.id}")
|
||||
if isinstance(n, ast.Constant):
|
||||
return n.value
|
||||
if isinstance(n, ast.Num): # type: ignore
|
||||
return n.n # type: ignore
|
||||
raise _SafeEvalError(f"unsupported AST node: {type(n)}")
|
||||
|
||||
return bool(_eval(node))
|
||||
expected = hmac.new(key, cert.to_json().encode(), hashlib.sha256).hexdigest()
|
||||
# Use hmac.compare_digest for timing-safe comparison
|
||||
return hmac.compare_digest(expected, cert.signature)
|
||||
|
||||
|
||||
def verify_plan(cert: PlanCert, state: Dict[str, Any], energy_budget: float) -> PlanProof:
|
||||
"""Run a lightweight verification of the PlanCert against a given state and energy budget.
|
||||
|
||||
Checks:
|
||||
- All preconditions evaluate to True in `state`.
|
||||
- All invariants evaluate to True in `state`.
|
||||
- worst_case_energy <= energy_budget
|
||||
|
||||
Returns a PlanProof with accepted bool, a simple confidence score (0..1), and reasons.
|
||||
"""
|
||||
reasons: List[str] = []
|
||||
|
||||
# Check preconditions
|
||||
for p in cert.preconditions:
|
||||
try:
|
||||
ok = _safe_eval(p, state)
|
||||
except Exception as e:
|
||||
reasons.append(f"precondition parse error: {p} -> {e}")
|
||||
ok = False
|
||||
if not ok:
|
||||
reasons.append(f"precondition failed: {p}")
|
||||
|
||||
# Check invariants
|
||||
for name, inv in cert.invariants.items():
|
||||
try:
|
||||
ok = _safe_eval(inv, state)
|
||||
except Exception as e:
|
||||
reasons.append(f"invariant parse error ({name}): {inv} -> {e}")
|
||||
ok = False
|
||||
if not ok:
|
||||
reasons.append(f"invariant failed ({name}): {inv}")
|
||||
|
||||
# Energy check
|
||||
if cert.worst_case_energy is not None and cert.worst_case_energy > energy_budget:
|
||||
reasons.append(
|
||||
f"worst_case_energy {cert.worst_case_energy} exceeds budget {energy_budget}"
|
||||
)
|
||||
|
||||
accepted = len(reasons) == 0
|
||||
|
||||
# Simple score: start at 1.0, subtract 0.25 per reason, clamp to [0,1]
|
||||
score = max(0.0, 1.0 - 0.25 * len(reasons))
|
||||
|
||||
proof = PlanProof(accepted=accepted, score=score, reasons=reasons or [])
|
||||
def make_plan_proof(cert: PlanCert, accepted: bool, score: float, verifier: str, key: Optional[bytes] = None, counterexample: Optional[Dict[str, Any]] = None) -> PlanProof:
|
||||
proof = PlanProof(plan_id=cert.plan_id, accepted=accepted, score=score, counterexample=counterexample, verifier=verifier)
|
||||
if key is not None:
|
||||
proof.signature = hmac.new(key, proof.to_json().encode(), hashlib.sha256).hexdigest()
|
||||
return proof
|
||||
|
||||
|
||||
__all__ = ["PlanCert", "PlanProof", "verify_plan"]
|
||||
def verify_plan_proof(proof: PlanProof, key: bytes) -> bool:
|
||||
if not proof.signature:
|
||||
return False
|
||||
expected = hmac.new(key, proof.to_json().encode(), hashlib.sha256).hexdigest()
|
||||
return hmac.compare_digest(expected, proof.signature)
|
||||
|
|
|
|||
|
|
@ -1,30 +1,48 @@
|
|||
from edgemind.plan_cert import PlanCert, verify_plan
|
||||
from edgemind.plan_cert import PlanCert, sign_plan_cert, verify_plan_cert, make_plan_proof, verify_plan_proof
|
||||
|
||||
|
||||
def test_verify_plan_pass():
|
||||
def test_plan_cert_sign_and_verify():
|
||||
key = b"supersecretkey"
|
||||
cert = PlanCert(
|
||||
plan_id="p1",
|
||||
preconditions=["battery >= 20", "distance_to_goal <= 5"],
|
||||
invariants={"safe_speed": "speed <= 1.5"},
|
||||
worst_case_energy=5.0,
|
||||
plan_id="plan-1",
|
||||
preconditions={"battery": ">=20"},
|
||||
postconditions={"position": "near-target"},
|
||||
invariants={"no-collision": True},
|
||||
worst_case_energy=12.5,
|
||||
wcet_ms=500,
|
||||
provenance={"planner_version": "v0.1", "seed": 42, "env_hash": "abc"},
|
||||
)
|
||||
|
||||
state = {"battery": 50, "distance_to_goal": 3, "speed": 1.0}
|
||||
proof = verify_plan(cert, state, energy_budget=10.0)
|
||||
assert proof.accepted is True
|
||||
assert proof.score > 0.5
|
||||
assert proof.reasons == []
|
||||
signed = sign_plan_cert(cert, key)
|
||||
assert signed.signature is not None
|
||||
assert verify_plan_cert(signed, key) is True
|
||||
|
||||
|
||||
def test_verify_plan_fail_precondition_and_energy():
|
||||
def test_plan_cert_tamper_detection():
|
||||
key = b"k"
|
||||
cert = PlanCert(
|
||||
plan_id="p2",
|
||||
preconditions=["battery >= 80"],
|
||||
invariants={"safe_speed": "speed <= 1.0"},
|
||||
worst_case_energy=20.0,
|
||||
preconditions={},
|
||||
postconditions={},
|
||||
invariants={},
|
||||
provenance={"planner_version": "x"},
|
||||
)
|
||||
state = {"battery": 40, "speed": 1.2}
|
||||
proof = verify_plan(cert, state, energy_budget=10.0)
|
||||
assert proof.accepted is False
|
||||
# Expect at least two reasons: precondition failed and energy exceeded
|
||||
assert any("precondition" in r or "invariant" in r or "worst_case_energy" in r for r in proof.reasons)
|
||||
signed = sign_plan_cert(cert, key)
|
||||
# Tamper a field
|
||||
signed.worst_case_energy = 999.0
|
||||
assert verify_plan_cert(signed, key) is False
|
||||
|
||||
|
||||
def test_plan_proof_sign_and_verify():
|
||||
key = b"k2"
|
||||
cert = PlanCert(
|
||||
plan_id="p3",
|
||||
preconditions={},
|
||||
postconditions={},
|
||||
invariants={},
|
||||
provenance={"planner_version": "x"},
|
||||
)
|
||||
# create a proof and sign it
|
||||
proof = make_plan_proof(cert, accepted=True, score=0.95, verifier="test-verifier", key=key)
|
||||
assert proof.signature is not None
|
||||
assert verify_plan_proof(proof, key) is True
|
||||
|
|
|
|||
Loading…
Reference in New Issue