rezabarkhordary commited on
Commit
1fa57f1
·
verified ·
1 Parent(s): 8ba2ab5

Create sovereign_external_verifier_v2.py

Browse files
Files changed (1) hide show
  1. sovereign_external_verifier_v2.py +364 -0
sovereign_external_verifier_v2.py ADDED
@@ -0,0 +1,364 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ # sovereign_external_verifier_v2.py
2
+ from __future__ import annotations
3
+
4
+ import argparse
5
+ import json
6
+ from pathlib import Path
7
+ from typing import Any, Dict, List, Optional
8
+
9
+ from sovereign_crypto_seal import SovereignCryptoSeal
10
+
11
+
12
+ def _load_json(path: str) -> Dict[str, Any]:
13
+ p = Path(path)
14
+ if not p.exists():
15
+ raise FileNotFoundError(f"File not found: {path}")
16
+ data = json.loads(p.read_text(encoding="utf-8"))
17
+ if not isinstance(data, dict):
18
+ raise ValueError(f"JSON root must be an object: {path}")
19
+ return data
20
+
21
+
22
+ class SovereignExternalVerifierV2:
23
+ """
24
+ Extended independent verifier for Sovereign artifacts.
25
+
26
+ Supported artifact families:
27
+ - runtime result bundles
28
+ - benchmark bundles
29
+ - validation report bundles
30
+ - manifest bundles
31
+ - validation manifest bundles
32
+ - technical identity bundles with nested verification
33
+ """
34
+
35
+ def __init__(self, sealer: Optional[SovereignCryptoSeal] = None) -> None:
36
+ self.sealer = sealer or SovereignCryptoSeal()
37
+
38
+ # ------------------------------------------------------------------
39
+ # Base verify helpers
40
+ # ------------------------------------------------------------------
41
+ def _verify_object_with_seal(
42
+ self,
43
+ *,
44
+ artifact_type: str,
45
+ obj: Dict[str, Any],
46
+ seal: Dict[str, Any],
47
+ ) -> Dict[str, Any]:
48
+ verified = self.sealer.verify_object(obj, seal)
49
+ return {
50
+ "ok": bool(verified.get("ok")),
51
+ "artifact_type": artifact_type,
52
+ "verified": bool(verified.get("verified")),
53
+ "verification": verified,
54
+ }
55
+
56
+ # ------------------------------------------------------------------
57
+ # Runtime result
58
+ # ------------------------------------------------------------------
59
+ def verify_runtime_result_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
60
+ seal = bundle.get("crypto_seal")
61
+ if not isinstance(seal, dict):
62
+ return {
63
+ "ok": False,
64
+ "artifact_type": "runtime_result",
65
+ "verified": False,
66
+ "error": "missing_runtime_crypto_seal",
67
+ }
68
+
69
+ obj = dict(bundle)
70
+ obj.pop("crypto_seal", None)
71
+ obj.pop("sealed", None)
72
+
73
+ return self._verify_object_with_seal(
74
+ artifact_type="runtime_result",
75
+ obj=obj,
76
+ seal=seal,
77
+ )
78
+
79
+ # ------------------------------------------------------------------
80
+ # Benchmark
81
+ # ------------------------------------------------------------------
82
+ def verify_benchmark_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
83
+ seal = bundle.get("crypto_seal")
84
+ report = bundle.get("report")
85
+
86
+ if not isinstance(seal, dict):
87
+ return {
88
+ "ok": False,
89
+ "artifact_type": "benchmark_bundle",
90
+ "verified": False,
91
+ "error": "missing_benchmark_crypto_seal",
92
+ }
93
+
94
+ if not isinstance(report, dict):
95
+ return {
96
+ "ok": False,
97
+ "artifact_type": "benchmark_bundle",
98
+ "verified": False,
99
+ "error": "missing_benchmark_report",
100
+ }
101
+
102
+ return self._verify_object_with_seal(
103
+ artifact_type="benchmark_bundle",
104
+ obj=report,
105
+ seal=seal,
106
+ )
107
+
108
+ # ------------------------------------------------------------------
109
+ # Validation report
110
+ # ------------------------------------------------------------------
111
+ def verify_validation_report_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
112
+ seal = bundle.get("crypto_seal")
113
+ report = bundle.get("report")
114
+
115
+ if not isinstance(seal, dict):
116
+ return {
117
+ "ok": False,
118
+ "artifact_type": "validation_report_bundle",
119
+ "verified": False,
120
+ "error": "missing_validation_crypto_seal",
121
+ }
122
+
123
+ if not isinstance(report, dict):
124
+ return {
125
+ "ok": False,
126
+ "artifact_type": "validation_report_bundle",
127
+ "verified": False,
128
+ "error": "missing_validation_report",
129
+ }
130
+
131
+ return self._verify_object_with_seal(
132
+ artifact_type="validation_report_bundle",
133
+ obj=report,
134
+ seal=seal,
135
+ )
136
+
137
+ # ------------------------------------------------------------------
138
+ # Generic manifest bundle
139
+ # ------------------------------------------------------------------
140
+ def verify_manifest_bundle(self, bundle: Dict[str, Any], artifact_type: str = "manifest_bundle") -> Dict[str, Any]:
141
+ manifest_bundle = bundle.get("manifest_bundle")
142
+ if not isinstance(manifest_bundle, dict):
143
+ return {
144
+ "ok": False,
145
+ "artifact_type": artifact_type,
146
+ "verified": False,
147
+ "error": "missing_manifest_bundle",
148
+ }
149
+
150
+ manifest = manifest_bundle.get("manifest")
151
+ seal = manifest_bundle.get("seal")
152
+
153
+ if not isinstance(manifest, dict):
154
+ return {
155
+ "ok": False,
156
+ "artifact_type": artifact_type,
157
+ "verified": False,
158
+ "error": "missing_manifest_object",
159
+ }
160
+
161
+ if not isinstance(seal, dict):
162
+ return {
163
+ "ok": False,
164
+ "artifact_type": artifact_type,
165
+ "verified": False,
166
+ "error": "missing_manifest_seal",
167
+ }
168
+
169
+ return self._verify_object_with_seal(
170
+ artifact_type=artifact_type,
171
+ obj=manifest,
172
+ seal=seal,
173
+ )
174
+
175
+ def verify_validation_manifest_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
176
+ return self.verify_manifest_bundle(
177
+ bundle=bundle,
178
+ artifact_type="validation_manifest_bundle",
179
+ )
180
+
181
+ # ------------------------------------------------------------------
182
+ # Technical identity bundle
183
+ # ------------------------------------------------------------------
184
+ def verify_technical_identity_bundle(self, bundle: Dict[str, Any]) -> Dict[str, Any]:
185
+ identity = bundle.get("technical_identity")
186
+ if not isinstance(identity, dict):
187
+ return {
188
+ "ok": False,
189
+ "artifact_type": "technical_identity_bundle",
190
+ "verified": False,
191
+ "error": "missing_technical_identity",
192
+ }
193
+
194
+ seal = identity.get("crypto_seal")
195
+ if not isinstance(seal, dict):
196
+ return {
197
+ "ok": False,
198
+ "artifact_type": "technical_identity_bundle",
199
+ "verified": False,
200
+ "error": "missing_technical_identity_seal",
201
+ }
202
+
203
+ identity_obj = dict(identity)
204
+ identity_obj.pop("crypto_seal", None)
205
+ identity_obj.pop("sealed", None)
206
+
207
+ identity_verification = self._verify_object_with_seal(
208
+ artifact_type="technical_identity",
209
+ obj=identity_obj,
210
+ seal=seal,
211
+ )
212
+
213
+ nested_checks: List[Dict[str, Any]] = []
214
+
215
+ runtime_result = bundle.get("runtime_result")
216
+ if isinstance(runtime_result, dict):
217
+ nested_checks.append(self.verify_runtime_result_bundle(runtime_result))
218
+
219
+ benchmark_bundle = bundle.get("benchmark_bundle")
220
+ if isinstance(benchmark_bundle, dict):
221
+ nested_checks.append(self.verify_benchmark_bundle(benchmark_bundle))
222
+
223
+ manifest_bundle = bundle.get("manifest_bundle")
224
+ if isinstance(manifest_bundle, dict):
225
+ nested_checks.append(self.verify_manifest_bundle({"manifest_bundle": manifest_bundle}))
226
+
227
+ validation_bundle = bundle.get("validation_bundle")
228
+ if isinstance(validation_bundle, dict):
229
+ if "report" in validation_bundle and "crypto_seal" in validation_bundle:
230
+ nested_checks.append(self.verify_validation_report_bundle(validation_bundle))
231
+ elif "manifest_bundle" in validation_bundle:
232
+ nested_checks.append(self.verify_validation_manifest_bundle(validation_bundle))
233
+
234
+ all_nested_ok = all(bool(x.get("verified")) for x in nested_checks) if nested_checks else True
235
+
236
+ return {
237
+ "ok": bool(identity_verification.get("ok")) and all_nested_ok,
238
+ "artifact_type": "technical_identity_bundle",
239
+ "verified": bool(identity_verification.get("verified")) and all_nested_ok,
240
+ "technical_identity_verification": identity_verification,
241
+ "nested_verifications": nested_checks,
242
+ }
243
+
244
+ # ------------------------------------------------------------------
245
+ # Auto-detect
246
+ # ------------------------------------------------------------------
247
+ def verify_auto(self, obj: Dict[str, Any]) -> Dict[str, Any]:
248
+ # technical identity bundle
249
+ if "technical_identity" in obj:
250
+ return self.verify_technical_identity_bundle(obj)
251
+
252
+ # validation report bundle
253
+ if "report" in obj and "crypto_seal" in obj:
254
+ report = obj.get("report")
255
+ if isinstance(report, dict):
256
+ suite_name = str(report.get("suite_name", "")).lower()
257
+ if "false positive" in suite_name or "validation" in suite_name:
258
+ return self.verify_validation_report_bundle(obj)
259
+ if "benchmark" in str(report.get("benchmark_name", "")).lower():
260
+ return self.verify_benchmark_bundle(obj)
261
+
262
+ # manifest bundle
263
+ if "manifest_bundle" in obj:
264
+ manifest_bundle = obj.get("manifest_bundle") or {}
265
+ manifest = manifest_bundle.get("manifest") if isinstance(manifest_bundle, dict) else {}
266
+ manifest_type = ""
267
+ if isinstance(manifest, dict):
268
+ manifest_type = str(manifest.get("manifest_type", "")).lower()
269
+
270
+ if "validation" in manifest_type:
271
+ return self.verify_validation_manifest_bundle(obj)
272
+ return self.verify_manifest_bundle(obj)
273
+
274
+ # runtime result bundle
275
+ if "crypto_seal" in obj:
276
+ return self.verify_runtime_result_bundle(obj)
277
+
278
+ return {
279
+ "ok": False,
280
+ "verified": False,
281
+ "artifact_type": "unknown",
282
+ "error": "could_not_detect_artifact_type",
283
+ }
284
+
285
+ def verify_file(self, path: str) -> Dict[str, Any]:
286
+ obj = _load_json(path)
287
+ result = self.verify_auto(obj)
288
+ result["source_file"] = path
289
+ return result
290
+
291
+ # ------------------------------------------------------------------
292
+ # Human-readable summary
293
+ # ------------------------------------------------------------------
294
+ def summarize(self, result: Dict[str, Any]) -> Dict[str, Any]:
295
+ artifact_type = result.get("artifact_type", "unknown")
296
+ verified = bool(result.get("verified", False))
297
+
298
+ summary = {
299
+ "artifact_type": artifact_type,
300
+ "verified": verified,
301
+ "status": "VALID" if verified else "INVALID",
302
+ }
303
+
304
+ if result.get("source_file"):
305
+ summary["source_file"] = result["source_file"]
306
+
307
+ verification = result.get("verification", {}) or {}
308
+ if isinstance(verification, dict):
309
+ if verification.get("object_digest"):
310
+ summary["object_digest"] = verification["object_digest"]
311
+ if verification.get("seal_digest"):
312
+ summary["seal_digest"] = verification["seal_digest"]
313
+
314
+ if artifact_type == "technical_identity_bundle":
315
+ tiv = result.get("technical_identity_verification", {}) or {}
316
+ nested = result.get("nested_verifications", []) or []
317
+ summary["technical_identity_verified"] = bool(
318
+ (tiv.get("verification") or {}).get("verified", tiv.get("verified", False))
319
+ )
320
+ summary["nested_verified_count"] = sum(1 for x in nested if x.get("verified"))
321
+ summary["nested_total"] = len(nested)
322
+
323
+ return summary
324
+
325
+
326
+ VERIFIER = SovereignExternalVerifierV2()
327
+
328
+
329
+ def verify_artifact_file_v2(path: str) -> Dict[str, Any]:
330
+ return VERIFIER.verify_file(path)
331
+
332
+
333
+ def summarize_verification_v2(result: Dict[str, Any]) -> Dict[str, Any]:
334
+ return VERIFIER.summarize(result)
335
+
336
+
337
+ def _build_arg_parser() -> argparse.ArgumentParser:
338
+ parser = argparse.ArgumentParser(
339
+ description="Extended independent verifier for Sovereign bank-grade artifacts."
340
+ )
341
+ parser.add_argument(
342
+ "--file",
343
+ required=True,
344
+ help="Path to JSON artifact file to verify.",
345
+ )
346
+ parser.add_argument(
347
+ "--summary-only",
348
+ action="store_true",
349
+ help="Print only compact summary instead of full verification result.",
350
+ )
351
+ return parser
352
+
353
+
354
+ if __name__ == "__main__":
355
+ parser = _build_arg_parser()
356
+ args = parser.parse_args()
357
+
358
+ verification = verify_artifact_file_v2(args.file)
359
+
360
+ if args.summary_only:
361
+ print(json.dumps(summarize_verification_v2(verification), ensure_ascii=False, indent=2))
362
+ else:
363
+ print(json.dumps(verification, ensure_ascii=False, indent=2))
364
+