AI-Sovereign-sentinel / sovereign_external_verifier_v3.py
rezabarkhordary's picture
Create sovereign_external_verifier_v3.py
9def8b0 verified
Raw
History Blame
15.3 kB
# sovereign_external_verifier_v3.py
from __future__ import annotations
import argparse
import json
from pathlib import Path
from typing import Any, Dict, List, Optional
from sovereign_crypto_seal import SovereignCryptoSeal
def _load_json(path: str) -> Dict[str, Any]:
p = Path(path)
if not p.exists():
raise FileNotFoundError(f"File not found: {path}")
data = json.loads(p.read_text(encoding="utf-8"))
if not isinstance(data, dict):
raise ValueError(f"JSON root must be an object: {path}")
return data
class SovereignExternalVerifierV3:
"""
Extended independent verifier for Sovereign artifacts.
Supported artifact families:
- runtime result bundles
- benchmark bundles
- validation report bundles
- validation manifest bundles
- capacity report bundles
- capacity manifest bundles
- generic manifest bundles
- technical identity bundles with nested verification
"""
def __init__(self, sealer: Optional[SovereignCryptoSeal] = None) -> None:
self.sealer = sealer or SovereignCryptoSeal()
# ------------------------------------------------------------------
# Core verification helper
# ------------------------------------------------------------------
def _verify_object_with_seal(
self,
*,
artifact_type: str,
obj: Dict[str, Any],
seal: Dict[str, Any],
) -> Dict[str, Any]:
verified = self.sealer.verify_object(obj, seal)
return {
"ok": bool(verified.get("ok")),
"artifact_type": artifact_type,
"verified": bool(verified.get("verified")),
"verification": verified,
}
# ------------------------------------------------------------------
# Runtime result
# ------------------------------------------------------------------
def verify_runtime_result_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
seal = bundle.get("crypto_seal")
if not isinstance(seal, dict):
return {
"ok": False,
"artifact_type": "runtime_result",
"verified": False,
"error": "missing_runtime_crypto_seal",
}
obj = dict(bundle)
obj.pop("crypto_seal", None)
obj.pop("sealed", None)
return self._verify_object_with_seal(
artifact_type="runtime_result",
obj=obj,
seal=seal,
)
# ------------------------------------------------------------------
# Benchmark
# ------------------------------------------------------------------
def verify_benchmark_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
seal = bundle.get("crypto_seal")
report = bundle.get("report")
if not isinstance(seal, dict):
return {
"ok": False,
"artifact_type": "benchmark_bundle",
"verified": False,
"error": "missing_benchmark_crypto_seal",
}
if not isinstance(report, dict):
return {
"ok": False,
"artifact_type": "benchmark_bundle",
"verified": False,
"error": "missing_benchmark_report",
}
return self._verify_object_with_seal(
artifact_type="benchmark_bundle",
obj=report,
seal=seal,
)
# ------------------------------------------------------------------
# Validation report
# ------------------------------------------------------------------
def verify_validation_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
seal = bundle.get("crypto_seal")
report = bundle.get("report")
if not isinstance(seal, dict):
return {
"ok": False,
"artifact_type": "validation_report_bundle",
"verified": False,
"error": "missing_validation_crypto_seal",
}
if not isinstance(report, dict):
return {
"ok": False,
"artifact_type": "validation_report_bundle",
"verified": False,
"error": "missing_validation_report",
}
return self._verify_object_with_seal(
artifact_type="validation_report_bundle",
obj=report,
seal=seal,
)
# ------------------------------------------------------------------
# Capacity report
# ------------------------------------------------------------------
def verify_capacity_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
seal = bundle.get("crypto_seal")
report = bundle.get("report")
if not isinstance(seal, dict):
return {
"ok": False,
"artifact_type": "capacity_report_bundle",
"verified": False,
"error": "missing_capacity_crypto_seal",
}
if not isinstance(report, dict):
return {
"ok": False,
"artifact_type": "capacity_report_bundle",
"verified": False,
"error": "missing_capacity_report",
}
return self._verify_object_with_seal(
artifact_type="capacity_report_bundle",
obj=report,
seal=seal,
)
# ------------------------------------------------------------------
# Generic manifest bundle
# ------------------------------------------------------------------
def verify_manifest_bundle(
self,
bundle: Dict[str, Any],
artifact_type: str = "manifest_bundle",
) -> Dict[str, Any]:
manifest_bundle = bundle.get("manifest_bundle")
if not isinstance(manifest_bundle, dict):
return {
"ok": False,
"artifact_type": artifact_type,
"verified": False,
"error": "missing_manifest_bundle",
}
manifest = manifest_bundle.get("manifest")
seal = manifest_bundle.get("seal")
if not isinstance(manifest, dict):
return {
"ok": False,
"artifact_type": artifact_type,
"verified": False,
"error": "missing_manifest_object",
}
if not isinstance(seal, dict):
return {
"ok": False,
"artifact_type": artifact_type,
"verified": False,
"error": "missing_manifest_seal",
}
return self._verify_object_with_seal(
artifact_type=artifact_type,
obj=manifest,
seal=seal,
)
def verify_validation_manifest_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
return self.verify_manifest_bundle(
bundle=bundle,
artifact_type="validation_manifest_bundle",
)
def verify_capacity_manifest_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
return self.verify_manifest_bundle(
bundle=bundle,
artifact_type="capacity_manifest_bundle",
)
# ------------------------------------------------------------------
# Technical identity bundle with nested checks
# ------------------------------------------------------------------
def verify_technical_identity_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
identity = bundle.get("technical_identity")
if not isinstance(identity, dict):
return {
"ok": False,
"artifact_type": "technical_identity_bundle",
"verified": False,
"error": "missing_technical_identity",
}
seal = identity.get("crypto_seal")
if not isinstance(seal, dict):
return {
"ok": False,
"artifact_type": "technical_identity_bundle",
"verified": False,
"error": "missing_technical_identity_seal",
}
identity_obj = dict(identity)
identity_obj.pop("crypto_seal", None)
identity_obj.pop("sealed", None)
identity_verification = self._verify_object_with_seal(
artifact_type="technical_identity",
obj=identity_obj,
seal=seal,
)
nested_checks: List[Dict[str, Any]] = []
runtime_result = bundle.get("runtime_result")
if isinstance(runtime_result, dict):
nested_checks.append(self.verify_runtime_result_bundle(runtime_result))
benchmark_bundle = bundle.get("benchmark_bundle")
if isinstance(benchmark_bundle, dict):
nested_checks.append(self.verify_benchmark_bundle(benchmark_bundle))
manifest_bundle = bundle.get("manifest_bundle")
if isinstance(manifest_bundle, dict):
nested_checks.append(self.verify_manifest_bundle({"manifest_bundle": manifest_bundle}))
validation_bundle = bundle.get("validation_bundle")
if isinstance(validation_bundle, dict):
if "report" in validation_bundle and "crypto_seal" in validation_bundle:
nested_checks.append(self.verify_validation_report_bundle(validation_bundle))
elif "manifest_bundle" in validation_bundle:
nested_checks.append(self.verify_validation_manifest_bundle(validation_bundle))
capacity_bundle = bundle.get("capacity_bundle")
if isinstance(capacity_bundle, dict):
if "report" in capacity_bundle and "crypto_seal" in capacity_bundle:
nested_checks.append(self.verify_capacity_report_bundle(capacity_bundle))
elif "manifest_bundle" in capacity_bundle:
nested_checks.append(self.verify_capacity_manifest_bundle(capacity_bundle))
all_nested_ok = all(bool(x.get("verified")) for x in nested_checks) if nested_checks else True
return {
"ok": bool(identity_verification.get("ok")) and all_nested_ok,
"artifact_type": "technical_identity_bundle",
"verified": bool(identity_verification.get("verified")) and all_nested_ok,
"technical_identity_verification": identity_verification,
"nested_verifications": nested_checks,
}
# ------------------------------------------------------------------
# Auto-detect
# ------------------------------------------------------------------
def verify_auto(self, obj: Dict[str, Any]) -> Dict[str, Any]:
# technical identity bundle
if "technical_identity" in obj:
return self.verify_technical_identity_bundle(obj)
# report bundles with seal
if "report" in obj and "crypto_seal" in obj:
report = obj.get("report")
if isinstance(report, dict):
suite_name = str(report.get("suite_name", "")).lower()
benchmark_name = str(report.get("benchmark_name", "")).lower()
probe_name = str(report.get("probe_name", "")).lower()
if "false positive" in suite_name or "validation" in suite_name:
return self.verify_validation_report_bundle(obj)
if "benchmark" in benchmark_name:
return self.verify_benchmark_bundle(obj)
if "capacity" in probe_name:
return self.verify_capacity_report_bundle(obj)
# manifest bundles
if "manifest_bundle" in obj:
manifest_bundle = obj.get("manifest_bundle") or {}
manifest = manifest_bundle.get("manifest") if isinstance(manifest_bundle, dict) else {}
manifest_type = ""
if isinstance(manifest, dict):
manifest_type = str(manifest.get("manifest_type", "")).lower()
if "validation" in manifest_type:
return self.verify_validation_manifest_bundle(obj)
if "capacity" in manifest_type:
return self.verify_capacity_manifest_bundle(obj)
return self.verify_manifest_bundle(obj)
# runtime result bundle fallback
if "crypto_seal" in obj:
return self.verify_runtime_result_bundle(obj)
return {
"ok": False,
"verified": False,
"artifact_type": "unknown",
"error": "could_not_detect_artifact_type",
}
def verify_file(self, path: str) -> Dict[str, Any]:
obj = _load_json(path)
result = self.verify_auto(obj)
result["source_file"] = path
return result
# ------------------------------------------------------------------
# Human-readable summary
# ------------------------------------------------------------------
def summarize(self, result: Dict[str, Any]) -> Dict[str, Any]:
artifact_type = result.get("artifact_type", "unknown")
verified = bool(result.get("verified", False))
summary = {
"artifact_type": artifact_type,
"verified": verified,
"status": "VALID" if verified else "INVALID",
}
if result.get("source_file"):
summary["source_file"] = result["source_file"]
verification = result.get("verification", {}) or {}
if isinstance(verification, dict):
if verification.get("object_digest"):
summary["object_digest"] = verification["object_digest"]
if verification.get("seal_digest"):
summary["seal_digest"] = verification["seal_digest"]
if artifact_type == "technical_identity_bundle":
tiv = result.get("technical_identity_verification", {}) or {}
nested = result.get("nested_verifications", []) or []
summary["technical_identity_verified"] = bool(
(tiv.get("verification") or {}).get("verified", tiv.get("verified", False))
)
summary["nested_verified_count"] = sum(1 for x in nested if x.get("verified"))
summary["nested_total"] = len(nested)
return summary
VERIFIER = SovereignExternalVerifierV3()
def verify_artifact_file_v3(path: str) -> Dict[str, Any]:
return VERIFIER.verify_file(path)
def summarize_verification_v3(result: Dict[str, Any]) -> Dict[str, Any]:
return VERIFIER.summarize(result)
def _build_arg_parser() -> argparse.ArgumentParser:
parser = argparse.ArgumentParser(
description="Extended independent verifier v3 for Sovereign bank-grade artifacts."
)
parser.add_argument(
"--file",
required=True,
help="Path to JSON artifact file to verify.",
)
parser.add_argument(
"--summary-only",
action="store_true",
help="Print only compact summary instead of full verification result.",
)
return parser
if __name__ == "__main__":
parser = _build_arg_parser()
args = parser.parse_args()
verification = verify_artifact_file_v3(args.file)
if args.summary_only:
print(json.dumps(summarize_verification_v3(verification), ensure_ascii=False, indent=2))
else:
print(json.dumps(verification, ensure_ascii=False, indent=2))