rezabarkhordary commited on
Commit
0b8099f
·
verified ·
1 Parent(s): c8dab8c

Create sovereign_external_verifier.py

Browse files
Files changed (1) hide show
  1. sovereign_external_verifier.py +279 -0
sovereign_external_verifier.py ADDED
@@ -0,0 +1,279 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+
2
+ # sovereign_external_verifier.py
3
+ from __future__ import annotations
4
+
5
+ import argparse
6
+ import json
7
+ from pathlib import Path
8
+ from typing import Any, Dict, List, Optional
9
+
10
+ from sovereign_crypto_seal import SovereignCryptoSeal
11
+
12
+
13
+ def _load_json(path: str) -> Dict[str, Any]:
14
+ p = Path(path)
15
+ if not p.exists():
16
+ raise FileNotFoundError(f"File not found: {path}")
17
+ data = json.loads(p.read_text(encoding="utf-8"))
18
+ if not isinstance(data, dict):
19
+ raise ValueError(f"JSON root must be an object: {path}")
20
+ return data
21
+
22
+
23
+ class SovereignExternalVerifier:
24
+ """
25
+ Independent verifier for Sovereign artifacts.
26
+
27
+ Supports verification of:
28
+ - runtime result bundles
29
+ - benchmark bundles
30
+ - technical identity bundles
31
+ - evidence manifest bundles
32
+ """
33
+
34
+ def __init__(self, sealer: Optional[SovereignCryptoSeal] = None) -> None:
35
+ self.sealer = sealer or SovereignCryptoSeal()
36
+
37
+ # ------------------------------------------------------------------
38
+ # Core verify helpers
39
+ # ------------------------------------------------------------------
40
+ def verify_runtime_result_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
41
+ seal = bundle.get("crypto_seal")
42
+ if not isinstance(seal, dict):
43
+ return {
44
+ "ok": False,
45
+ "artifact_type": "runtime_result",
46
+ "verified": False,
47
+ "error": "missing_runtime_crypto_seal",
48
+ }
49
+
50
+ obj = dict(bundle)
51
+ obj.pop("crypto_seal", None)
52
+ obj.pop("sealed", None)
53
+
54
+ verified = self.sealer.verify_object(obj, seal)
55
+
56
+ return {
57
+ "ok": bool(verified.get("ok")),
58
+ "artifact_type": "runtime_result",
59
+ "verified": bool(verified.get("verified")),
60
+ "verification": verified,
61
+ }
62
+
63
+ def verify_benchmark_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
64
+ seal = bundle.get("crypto_seal")
65
+ report = bundle.get("report")
66
+
67
+ if not isinstance(seal, dict):
68
+ return {
69
+ "ok": False,
70
+ "artifact_type": "benchmark_bundle",
71
+ "verified": False,
72
+ "error": "missing_benchmark_crypto_seal",
73
+ }
74
+
75
+ if not isinstance(report, dict):
76
+ return {
77
+ "ok": False,
78
+ "artifact_type": "benchmark_bundle",
79
+ "verified": False,
80
+ "error": "missing_benchmark_report",
81
+ }
82
+
83
+ verified = self.sealer.verify_object(report, seal)
84
+
85
+ return {
86
+ "ok": bool(verified.get("ok")),
87
+ "artifact_type": "benchmark_bundle",
88
+ "verified": bool(verified.get("verified")),
89
+ "verification": verified,
90
+ }
91
+
92
+ def verify_manifest_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
93
+ manifest_bundle = bundle.get("manifest_bundle")
94
+ if not isinstance(manifest_bundle, dict):
95
+ return {
96
+ "ok": False,
97
+ "artifact_type": "manifest_bundle",
98
+ "verified": False,
99
+ "error": "missing_manifest_bundle",
100
+ }
101
+
102
+ manifest = manifest_bundle.get("manifest")
103
+ seal = manifest_bundle.get("seal")
104
+
105
+ if not isinstance(manifest, dict):
106
+ return {
107
+ "ok": False,
108
+ "artifact_type": "manifest_bundle",
109
+ "verified": False,
110
+ "error": "missing_manifest_object",
111
+ }
112
+
113
+ if not isinstance(seal, dict):
114
+ return {
115
+ "ok": False,
116
+ "artifact_type": "manifest_bundle",
117
+ "verified": False,
118
+ "error": "missing_manifest_seal",
119
+ }
120
+
121
+ verified = self.sealer.verify_object(manifest, seal)
122
+
123
+ return {
124
+ "ok": bool(verified.get("ok")),
125
+ "artifact_type": "manifest_bundle",
126
+ "verified": bool(verified.get("verified")),
127
+ "verification": verified,
128
+ }
129
+
130
+ def verify_technical_identity_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
131
+ identity = bundle.get("technical_identity")
132
+ if not isinstance(identity, dict):
133
+ return {
134
+ "ok": False,
135
+ "artifact_type": "technical_identity_bundle",
136
+ "verified": False,
137
+ "error": "missing_technical_identity",
138
+ }
139
+
140
+ seal = identity.get("crypto_seal")
141
+ if not isinstance(seal, dict):
142
+ return {
143
+ "ok": False,
144
+ "artifact_type": "technical_identity_bundle",
145
+ "verified": False,
146
+ "error": "missing_technical_identity_seal",
147
+ }
148
+
149
+ identity_obj = dict(identity)
150
+ identity_obj.pop("crypto_seal", None)
151
+ identity_obj.pop("sealed", None)
152
+
153
+ identity_verification = self.sealer.verify_object(identity_obj, seal)
154
+
155
+ nested_checks: List[Dict[str, Any]] = []
156
+
157
+ runtime_result = bundle.get("runtime_result")
158
+ if isinstance(runtime_result, dict):
159
+ nested_checks.append(self.verify_runtime_result_bundle(runtime_result))
160
+
161
+ benchmark_bundle = bundle.get("benchmark_bundle")
162
+ if isinstance(benchmark_bundle, dict):
163
+ nested_checks.append(self.verify_benchmark_bundle(benchmark_bundle))
164
+
165
+ manifest_bundle = bundle.get("manifest_bundle")
166
+ if isinstance(manifest_bundle, dict):
167
+ nested_checks.append(self.verify_manifest_bundle({"manifest_bundle": manifest_bundle}))
168
+
169
+ all_nested_ok = all(bool(x.get("verified")) for x in nested_checks) if nested_checks else True
170
+
171
+ return {
172
+ "ok": bool(identity_verification.get("ok")) and all_nested_ok,
173
+ "artifact_type": "technical_identity_bundle",
174
+ "verified": bool(identity_verification.get("verified")) and all_nested_ok,
175
+ "technical_identity_verification": identity_verification,
176
+ "nested_verifications": nested_checks,
177
+ }
178
+
179
+ # ------------------------------------------------------------------
180
+ # Auto-detect
181
+ # ------------------------------------------------------------------
182
+ def verify_auto(self, obj: Dict[str, Any]) -> Dict[str, Any]:
183
+ if "technical_identity" in obj:
184
+ return self.verify_technical_identity_bundle(obj)
185
+
186
+ if "report" in obj and "crypto_seal" in obj:
187
+ return self.verify_benchmark_bundle(obj)
188
+
189
+ if "manifest_bundle" in obj:
190
+ return self.verify_manifest_bundle(obj)
191
+
192
+ if "crypto_seal" in obj:
193
+ return self.verify_runtime_result_bundle(obj)
194
+
195
+ return {
196
+ "ok": False,
197
+ "verified": False,
198
+ "artifact_type": "unknown",
199
+ "error": "could_not_detect_artifact_type",
200
+ }
201
+
202
+ def verify_file(self, path: str) -> Dict[str, Any]:
203
+ obj = _load_json(path)
204
+ result = self.verify_auto(obj)
205
+ result["source_file"] = path
206
+ return result
207
+
208
+ # ------------------------------------------------------------------
209
+ # Human-readable summary
210
+ # ------------------------------------------------------------------
211
+ def summarize(self, result: Dict[str, Any]) -> Dict[str, Any]:
212
+ artifact_type = result.get("artifact_type", "unknown")
213
+ verified = bool(result.get("verified", False))
214
+
215
+ summary = {
216
+ "artifact_type": artifact_type,
217
+ "verified": verified,
218
+ "status": "VALID" if verified else "INVALID",
219
+ }
220
+
221
+ if result.get("source_file"):
222
+ summary["source_file"] = result["source_file"]
223
+
224
+ if artifact_type == "technical_identity_bundle":
225
+ tiv = result.get("technical_identity_verification", {}) or {}
226
+ nested = result.get("nested_verifications", []) or []
227
+ summary["technical_identity_verified"] = bool(tiv.get("verified", False))
228
+ summary["nested_verified_count"] = sum(1 for x in nested if x.get("verified"))
229
+ summary["nested_total"] = len(nested)
230
+
231
+ verification = result.get("verification", {}) or {}
232
+ if isinstance(verification, dict):
233
+ if verification.get("object_digest"):
234
+ summary["object_digest"] = verification["object_digest"]
235
+ if verification.get("seal_digest"):
236
+ summary["seal_digest"] = verification["seal_digest"]
237
+
238
+ return summary
239
+
240
+
241
+ VERIFIER = SovereignExternalVerifier()
242
+
243
+
244
+ def verify_artifact_file(path: str) -> Dict[str, Any]:
245
+ return VERIFIER.verify_file(path)
246
+
247
+
248
+ def summarize_verification(result: Dict[str, Any]) -> Dict[str, Any]:
249
+ return VERIFIER.summarize(result)
250
+
251
+
252
+ def _build_arg_parser() -> argparse.ArgumentParser:
253
+ parser = argparse.ArgumentParser(
254
+ description="Independent verifier for Sovereign bank-grade artifacts."
255
+ )
256
+ parser.add_argument(
257
+ "--file",
258
+ required=True,
259
+ help="Path to JSON artifact file to verify.",
260
+ )
261
+ parser.add_argument(
262
+ "--summary-only",
263
+ action="store_true",
264
+ help="Print only compact summary instead of full verification result.",
265
+ )
266
+ return parser
267
+
268
+
269
+ if __name__ == "__main__":
270
+ parser = _build_arg_parser()
271
+ args = parser.parse_args()
272
+
273
+ verification = verify_artifact_file(args.file)
274
+
275
+ if args.summary_only:
276
+ print(json.dumps(summarize_verification(verification), ensure_ascii=False, indent=2))
277
+ else:
278
+ print(json.dumps(verification, ensure_ascii=False, indent=2))
279
+